Information Security Analyst Jobs in Quartz Hill, CA

Clearance Type: Secret Shift: 1st Shift (United States of America) Travel Required: Yes, 10% of the Time Relocation Assistance: Relocation assistance may be available Positions Available: 1 At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Northrop Grumman Mission Systems is a trusted provider of mission-enabling solutions for global security. Our Engineering and Sciences (E&S) organization pushes the boundaries of innovation, redefines engineering capabilities, and drives advances in various sciences. Our team is chartered with providing the skills, innovative technologies to develop, design, produce and sustain optimized product lines across the sector while providing a decisive advantage to the warfighter. Come be a part of our mission! We are looking for you to join our team as a Digital Security Engineer out of Woodland Hills, CA. As a Digital Security Engineer at Northrop Grumman you will have a challenging and rewarding opportunity to be a part of our Enterprise-wide digital transformation. Our success is grounded in our ability to embrace change, move quickly and continuously drive innovation. The successful candidate will be collaborative, open, transparent, and team-oriented with a focus on team empowerment & shared responsibility, flexibility, continuous learning, and a culture of automation. What You'll get to Do: Northrop Grumman Mission Systems sector is seeking a Cyber Architecture Engineer to join our diverse and talented team in the design, implementation, and integration of real-time embedded software coding through security architecture for our next generation Embedded GPS/Inertial Navigation System. Development performed at our Woodland Hills, CA site. Designing and writing source code across our product line of hardware form factors Debugging or modifying existing code to add new features or correct defects. Updating FPGA Architecture, IPs, and Timing Constraints Ensuring execution of the software engineering process across the development life cycle Support analysis, development, implementation, and security assessments to ensure compliance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD RMF Knowledge Service guidance. Support identification of Anti-Tamper Critical Program Information (CPI) and writing of Anti-Tamper Plans to ensure compliance with DoD AT TIG, DoD AT Guidelines, DoD 5200.39 CPI Identification Procedure, and other DoD AT related policies. Assist in defining system architectures resistant to tampering and cyber-attacks. Develop technical documentation/publication to document trade studies, system designs, analysis, and results related to systems security. Support Anti-Tamper/Cybersecurity Integration & Test and executing verification & validation requirements. Utilize reverse engineering to architect and validate AT solutions. Maintain technical knowledge by reviewing publications and participating in communities of practice to further domain knowledge. Support security assessments and continuous monitoring. Ensure secure software architectures and applications. Ensure Programmable Logic operates as expected and develop Programmable Logic Cores required for security purposes Develop standard and improvement processes for assessing, designing, implementing, and verifying security requirements. Interface with inter-organizational management to communicate technical briefings and program status. Basic Qualifications: Bachelor's Degree in a STEM related field with 12 years Computer Engineering or Software Engineering experience, or Master's with 10 years Computer Engineering or Software Engineering, or PhD with 8 years Computer Engineering or Software Engineering experience. Minimum two years of cumulative experience in: cybersecurity/anti-tamper requirements development, security and cyber threat analysis, security systems engineering, cyber systems architecture development or cybersecurity policy development. Must have FPGA Experience (Vivado/Quartus) Must have demonstrated experience in solving technical problems independently with minimal supervision. A final DoD Secret clearance is required to start with the ability to obtain higher Special Access Program (SAP) clearance. Ability to work full-time onsite in Woodland Hills, CA. Preferred Qualifications: Advanced degree in STEM. Experience working in the defense industry or weapons systems. Possess a DOD 8570 certification: CompTIA Security+, CISSP or similar. Experience with Reverse Engineering, Hardware Design, Embedded Software or Cryptography. Technical problem solving, to include decomposition, root cause analysis, solution development, implementation, and monitoring. Experience contributing to and/or making technical presentations. This position is contingent upon the successful transfer of an active DoD Secret Clearance and the ability to obtain Special Program Access (SAP) prior to start. Salary Range: $188,200 - $282,200 The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business. The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates. Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

Are you passionate about growing channel partnerships? Our Channel Manager for Network & Security's primary focus is driving positive results for Arrow in three critical areas: growing established partnerships, developing new business, and engaging partners. Learn more about our Enterprise Computing Solution (ECS) business at Arrow Electronics (Enterprise Computing Solutions | Arrow ECS NA.) What you'll be doing Growing Established Partnerships Proactively calls and engages with established partners to grow sales for assigned accounts. Rebuilds underpenetrated and neglected partner relationships. Sell new suppliers' solutions to partners. Developing New Business leverages an internal team of resources to hunt for new software and service opportunities. Proactively calls and engages potential new partners to grow sales for assigned accounts. Onboards new partners Focuses on growing and developing new business by starting at the end customer and working the opportunities back through our channel partners. Proactively calls and engages partners to adopt/buy new supplier offerings. Partner Engagement Conduct outside sales meetings with partners, suppliers, and end customers regularly. Position Arrow's service offerings to sell “with” the Partner community to the end customers. Sometimes, they even sell Advisory Services to the end customer directly. What we are looking for 4-year degree Minimum of 6+ years of customer-facing direct sales roles. Experience selling in the Channel. Experience selling Network & Security technologies. Ability to solve complex problems; takes a new perspective using existing solutions Process-oriented and analytical. Strong SF.com proficiency and forecasting accuracy. Self-starter, gritty & coachable Team oriented leader Strong work ethic and proven track record in a KPI based Sales Model Ability to travel at least 35% of the time. What's In It For You At Arrow, we recognize that financial rewards and great benefits are important aspects of an ideal job. That's why we offer competitive financial compensation, including various compensation plans, and a solid benefits package. Medical, Dental, Vision Insurance 401k, With Matching Contributions Tuition Reimbursement Paid Time Off (including sick, holiday, vacation, etc.) Health Savings Account (HSA)/Health Reimbursement Account (HRA) Options Growth Opportunities Short-Term/Long-Term Disability Insurance And more! Annual Hiring Range/Hourly Rate: $126,300.00 - $140,252.82 Actual compensation offer to candidate may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level. The pay ratio between base pay and target incentive (if applicable) will be finalized at offer. Location: US-GA-Georgia (Remote Employees) Remote work employees may be required to be present at the closest designated Arrow office for work-related purposes, at the Company's request and sole discretion. Time Type: Full time Job Category: Sales EEO Statement: Arrow is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, gender, age, sexual orientation, gender identity, national origin, veteran or disability status. (Arrow EEO/AAP policy) We anticipate this requisition will be open for a minimum of five days, though it may be open for a longer period of time. We encourage your prompt application. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.

Droisys is an innovation technology company focused on helping companies accelerate their digital initiatives from strategy and planning through execution. We leverage deep technical expertise, Agile methodologies, and data-driven intelligence to modernize systems of engagement and simplify human/tech interaction. Amazing things happen when we work in environments where everyone feels a true sense of belonging and when candidates have the requisite skills and opportunities to succeed. At Droisys, we invest in our talent and support career growth, and we are always on the lookout for amazing talent who can contribute to our growth by delivering top results for our clients. Join us to challenge yourself and accomplish work that matters. Title: IT Analyst II - Technology Project Coordinator (TPC) Office Location: Los Angeles, CA Work Location: In Office Terms: Long Term Position Overview: The Technology Project Coordinator (TPC) is a technical representative, charged with assisting the Technology Project Management Team in addressing the needs of bond funded technology projects. This position will serve as a supporting resource for Technology Project Managers in managing and maintain project documentation, scheduling meetings, and serving in an overall coordination capacity to successfully complete bond funded projects. The TPC will support the Technology Project Management team by responding to technology project requirements and providing the necessary support to successfully deliver projects on time and on budget. The TPC will need to align technology projects with construction and engineer efforts to ensure a complete and functional system is in place for the client. Additionally there will be opportunities for the TPC to lead technology projects from planning through completion. The TPC will manage and coordinate the implementation of complex technology projects, identify and coordinate with project team to resolve technical issues, develop project presentations, including but not limited to the following project types: Networking and Communications Physical Security Audio Visual Classroom Technologies VoIP and Telephony Software Upgrades Helpdesk and Workorder Systems Wireless Deployment Highspeed and Broadband Networks Tasks include but not limited to: Project Documentation: Project Initiation Forms Project Schedules Risk Identification and Mitigation Utilize Bluebeam and/or Revit to review drawings/specifications and perform takeoffs Meeting Coordination: Schedule and coordinate meetings Create agendas and take meeting notes Coordinate with stakeholders to finalize meeting minutes Project Execution: Coordinate with stakeholders to complete project tasks Provide timely status reports Organize project folders and documentation Create reports and presentations as needed Perform onsite project observation reports Coordinate with vendors and oversee installation Position Description: Successfully support in the coordination of 5 to 10 projects simultaneously, ranging in value and complexity. Documents and reports all project data accurately and in a timely manner Successfully support in the delivery of technology projects on schedule and within budget Report and collaborate with Program Management Office and Technology Project Management Department on project matters Assist with the development of detailed technical scopes of work to support technology projects Review and coordinate the approval of technology project submittals. Coordinate with Asset Management to support asset tagging of technology equipment Coordinate with Accounting to process invoicing Track all project status and provide management reports as needed Update risks logs and identify risk mitigation plans Minimum Required Qualifications: 3 year of experience in management of multiple projects; experience within a capital improvement programs and familiarity with relevant codes and standards Demonstrated experience working in construction environments Experience coordinating on multiple IT projects with differing complexities and size Experience with website management and dashboard tools Demonstrated experience installing low voltage cabling including broadband and internet services Experience with software such as Bluebeam and/or Visio Preferred Qualifications: Experience in Community College Facilities Experience coordinating with contractors and subcontractors Experience integrating technology within construction and engineering projects. IT or project management certifications Droisys is an equal opportunity employer that values diversity, inclusion, and belonging. We are committed to fostering a diverse work environment and do not discriminate based on race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status, or any other characteristic protected by law.

Cooley is seeking an IG Compliance & Security Analyst to join the Information Governance & Data Privacy team. Cooley Information Services (IS) embraces a culture of customer service excellence and all members of the department are expected to move this agenda forward. To that end, the IG Compliance & Security Analyst is expected to recognize that the Cooley IS Department is a service organization first and foremost and will be evaluated on this requirement equal in importance to the technical or operational responsibilities outlined later in this document. Position responsibilities: Conduct both internal and external audits to ensure compliance with all industry-mandated regulations Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures Monitor activities of assigned IS areas to ensure compliance with internal policies and standards Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance Provide guidance to business functions on compliance/security-related matters Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of deliverables Conduct formal risk assessment reviews to determine the critical points of business exposure Evaluate and recommend commercial governance, risk and compliance vendors and tools Maintain the firm's ISO 27001 certification Maintain the firm's governance, risk and compliance tools Answer client assessment and audits to ensure firm compliance Perform assessments and audits of vendors to ensure compliance with firm security policies and procedures Develop and maintain metrics that assess the firm's governance, risk and compliance initiatives Assess and track the firm's compliance to existing and future global regulations in privacy and security Assess and track the firm's compliance with standard security frameworks such as ISO and NIST Assist in the identification of risks, threats and vulnerabilities to firm Track risks and mitigation efforts Participate in governance, risk and compliance forums and organizations to learn new ideas to solve problems Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status Perform periodic security risk assessments and advise business stakeholders on best practices to reduce risk and overall breach profile All other duties as assigned or required Skills and experience: Required: Ability to work extended and/or weekend hours, as required Ability to travel, as required 3+ years' experience in governance, risk and compliance (GRC) processes, solutions, information security and auditing; Eligible for consideration of Senior designation with 5+ years' directly applicable work experience CISSP or equivalent certifications and/or experience Demonstrated ability to apply IS-related knowledge and experience in solving compliance issues Background in security controls, auditing, network and system security Proven practical experience in information security and well-rounded knowledge of IST Experience with managing and implementing ISO 27001 or NIST compliance Demonstrated experience evaluating the security posture of vendors and system architecture Prior experience implementing and running incident management programs and systems Prior experience handling vendor relationships Project management experience Preferred: Bachelor's degree in Information Technology or Computer Information Systems Prior law firm experience Desired certifications: PCIP, ISA/QSA, CISSP, CISA, CISM, and related GIAC Experience acting in an independent audit function Experience implementing GDPR, HIPAA, SOC 2 audits Additional security certifications Competencies: Exceptional customer service skills Ability to express technical concepts in business terms Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently Excellent analytical, problem-solving and project management skills Ability to balance security best practices with business objectives Proven track record of excellent decision-making, integrity and working with IS management, business users and staff Excellent oral and written communication skills, including technical and user documentation Detail orientated and strong organizational skills Ability to work independently and under high pressure with tight schedules and deadlines Ability to interact well with all levels of staff Excellent active listening skills Ambitious and motivated team player Capable of grasping new concepts quickly and without prior experience Ability to interact and coordinate with several teams to achieve objectives Ability to solve problems independently and simultaneously, effectively managing multiple tasks Professional demeanor at all times Cooley offers a competitive compensation and excellent benefits package and is committed to fair and equitable employment practices. EOE. The expected annual pay range for this position with a full-time schedule is $85,000 - $120,000. Please note that final offer amount will be dependent on geographic location, applicable experience and skillset of the candidate. Senior level candidates may be considered for this position and would be eligible for a higher salary range based on experience. We offer a full range of elective benefits including medical, health savings account (with applicable medical plan), dental, vision, health and/or dependent care flexible spending accounts, pre-tax commuter benefits, life insurance, AD&D, long-term care coverage, backup care for children and/or adults and other parental support benefits. In addition to elective benefit options, benefited employees receive firm-paid life insurance, AD&D, LTD, short term medical benefits as well as 21 days of Paid Time Off ("PTO") and 10 paid holidays each year. We provide generous parental leave and fertility benefits. New employees will attend a detailed benefit orientation to learn more about our many benefits and resources. RequiredPreferredJob Industries Other

The Information Security Analyst III is responsible for developing, implementing, and monitoring security measures to protect sensitive data and ensure compliance with industry regulations. This includes daily operational monitoring of security events and vulnerabilities, as well as risk management activities and security audits. This person will join a team of information security personnel responsible for protecting the confidentiality, integrity and availability of company assets. This opportunity is highly engaging and will make meaningful impacts that strengthen the overall security of the organization. ESSENTIAL FUNCTIONS: Area #1 (100%) * Continuously monitor security events across the enterprise and analyze them to detect malicious or anomalous patterns. * Work closely with IS and IT teams to investigate, identify, and resolve security events. * Continuously improve security monitoring and reporting processes to enhance the organization's ability to detect and respond to threats. * Collaborate with IS team members on security events and vulnerability management to ensure continuous monitoring and response to emerging threats. * Conduct regular user access reviews and assist in the user access lifecycle process to ensure appropriate access and controls are in place. * Work with application owners to review and update access controls for critical systems and applications. * Perform risk assessments of third-party vendors and partners to evaluate their security posture. * Monitor and report on compliance with security policies and regulations. * Support the development and maintenance of security documentation and procedures. * Perform related duties, as required, for the training and development purposes. * Assist the information security team with ad-hoc tasks such as incident response and log analysis OTHER RESPONSIBILITIES: * Successfully complete all mandatory training on related Bank and BSA compliance as well as other laws and regulations as assigned in a timely manner. * Perform all assigned duties under Bank's compliance programs and related laws & regulations. * Perform other duties as assigned. Education, Experience and Skills Required: * Hold at least one of the following certifications : CISSP, CEH, CCSK, CCSP, CISA, CIS * Have a Bachelor's degree of science in computer science/engineering/mathematic * Have at least 3 years of technical experience in information security or information technology * Have at least 5+ years of experience working with security technology including Vulnerability scanner, DLP, SSO, SIEM, Web gateway, PKI, etc. * Solid understanding of security principles such least privileged access, 3-tier architecture, network security, etc. * Excellent written skills to be able to document technical specs and system design COMMUNICATION DEMANDS: * Attention to detail, strong organizational, communication, interpersonal, self-motivated, and analytical skills, ability to interact with all levels of management and staff. WORK ENVIRONMENT: * Standard office environment. Noise level in work environment is usually average. Hear in the normal audio range with or without correction. Specific vision abilities required by this job include close vision and the ability to adjust focus Compensation The base pay range for this position is USD $85,000.00/Yr. - USD $115,000.00/Yr plus full benefits. Exact offer will be determined based on job-related knowledge, skills, experience, and location.

The UCLA Information Security Office enables UCLA's goals by providing leadership assuring the confidentiality, integrity, and availability of its information resources. The Information Security Office enables efficient incident response planning and notification procedures. In addition, the office aims to implement risk assessment strategies to identify vulnerabilities and threats to departmental information resources and enterprise systems. This includes executing a comprehensive UCLA IT security plan, which involves proposing, delivering, and enforcing administrative, technical, and physical security measures to tackle identified risks based on their sensitivity or criticality. Position Summary The UCLA Office of Information Security has established a program to collaborate with the campus community and organizations to implement information security best-practices, technologies, and initiatives that modernize and elevate our information security programs that protect our institution. The Unit Information Security Specialist (UISS) will collaborate with assigned organizations and the Unit Information Security Manager to contribute to the analysis of organizational information security needs, supporting processes and practices that conform with campus security standards, and to provide support with the implementation of technologies and services that protect institutional data. Additionally, the Unit Information Security Specialist will engage with departmental technical and security staff members to ensure effective collaboration regarding policies, initiatives and procedures that are implemented within assigned organizations. The Unit Information Security Specialist will collaborate with departmental and IT Services team members to coordinate the delivery of services and capabilities that align with security programs and policies. The Unit Information Security Specialist will positively impact UCLA's operations and culture by protecting University stakeholders' information and data in service of the institution's academic mission. This team member will advance the University's mission by delivering exceptional security service comprehensively and consistently across faculty, staff, and students. This role will execute UCLA's vision while modeling UCLA's culture and values. Salary & Compensation * UCLA provides a full pay range. Actual salary offers consider factors, including budget, prior experience, skills, knowledge, abilities, education, licensure and certifications, and other business considerations. Salary offers at the top of the range are not common. Visit UC Benefit package to discover benefits that start on day one, and UC Total Compensation Estimator to calculate the total compensation value with benefits. Qualifications Three years experience working in one or more of the following fields: cybersecurity, information technology, computer science, computer information systems, etc. (Required) Experience working in a project-based environment using leading project management practices including schedule management, status reporting, and communication of project risks and issues. (Required) Experience participating in activities to advance an inclusive environment that values equity, diversity, inclusion and belonging. (Required) Five years experience working in one or more of the following fields: cybersecurity, information technology, computer science, computer information systems, etc. (Preferred) Understanding and working knowledge of Information Security fundamentals and proven experience using IT systems and tools. (Required) Understanding of the relationship between threat, vulnerability, and information value in the context of Information Security risk management. (Required) Ability to coordinate closely with other Information Security teams to effectively address security breaches or incidents. (Required) Demonstrated interpersonal skills, enabling productive collaboration with both technical and non-technical personnel at various levels across the University. (Required) Strong written and verbal communication skills and is able to communicate technical information and ideas to a diverse community of colleagues and stakeholders. (Required) Able to establish and advance positive working relationships and a strong rapport with team members, stakeholders, and customers. (Required) Strong organizational skills and ability to balance competing priorities and support concurrent projects. (Required) Strong demonstrated problem-solving skills; scopes solutions based on knowledge of available resources and timelines. Able to ask questions, gather information, evaluate options, and make decisions with integrity. (Required) Thinks creatively and proposes innovative ideas, including the incorporation of new technologies or processes. Is able to work with agility in a fast-paced environment. (Required) Demonstrated understanding of privacy and security regulations and best practices, including federal and state laws, policies, and standards relevant to higher education. Knowledge of data classification and ability to educate on data classification requirements. (Preferred) Understanding of user lifecycle access activities, as well as identity and access management controls. (Preferred) Education, Licenses, Certifications & Personal Affiliations Bachelor's Degree in one or more of the following fields: cybersecurity, information technology, computer science, , engineering or equivalent experience/training. (Required) One or more of the following: CISSP, CISA, Security+, CEH, CISM, or equivalent certification (Preferred) Special Conditions for Employment * This is a two year contract appointment. This position is eligible for a hybrid work arrangement that includes regular visits to campus as needed (for those who work remotely, travel/lodging expenses are not eligible for reimbursement). The anticipated pay range for this position is $110,000-$120,000, annually; salary is dependent upon the skills and experience of the selected finalist. NOTE: This position REQUIRES that a RESUME and COVER LETTER be submitted in addition to the application. Please have these two files ready to upload when applying. * Background Check: Continued employment is contingent upon the completion of a satisfactory background investigation. * Live Scan Background Check: A Live Scan background check must be completed prior to the start of employment. Schedule 8:00 A.M. to 5:00 P.M. PT, Monday through Friday and/or variable based upon operational needs. Union/Policy Covered 99-Policy Covered Complete Position Description ****************************************************************************************************************

H i , This is Sujith from KRG Technologies ; We are looking Cyber Security at Rose Mead, CA for the below mentioned . Kindly forward me your resume, rate and contact details for further process. I also request you to forward this opportunity to your friends or colleagues; so that we can help someone who may be in search of a job or looking for a change. Job Title: Cyber Security Location: Rose Mead, CA Duration: CONTRACT(6-12months) Job Description: Must have 5-7 yrs of Cyber security experience. Have some experience around Vulnerability assessment & Pen test remediation. Able to explain vulnerabilities and remediation. Have some exposure to OWASP Top 10. Have some exposure to SDLC, development. Any experience in NERC-CIP would be great. Experience around Code review would be added advantage. Thanks & Regards Qualifications Cyber security experience with vulnerability and risk assessment Additional Information All your information will be kept confidential according to EEO guidelines.

General information Requisition # R57773 Posting Date 01/22/2025 Security Clearance Required TS/SCI Remote Type Onsite Time Type Full time Description & Requirements Shape the future of defense with ManTech! Join a team dedicated to safeguarding our nation through advanced tech and innovative solutions. Since 1968, we've been a trusted partner to the Department of Defense, delivering cutting-edge projects that make a real impact. Dive into exciting opportunities in Cybersecurity, IT, Data Analytics and more. Propel your career forward and be part of something extraordinary. Your journey starts now-protect and innovate with ManTech! ManTech is actively seeking a motivated, customer-oriented Information Systems Security Officer (ISSO I) to join our team in the El Segundo, CA area. The ISSO's primary function is working within Special Access Programs (SAPs) supporting SMC and AFSPC mission areas. The position will provide "day-to-day" support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Responsibilities include but not limited to: * Review, prepare, and update AIS accreditation packages. * Notify customer when changes occur that might affect AIS accreditation/certification. * Perform AIS self-inspections, provide security coordination and review of all system test plans. * Identify AIS vulnerabilities and implement countermeasures. * Represent the customer on various technical review and inspection teams. * Conduct security surveys at subordinate facilities and gather pertinent security documentation for inclusion into system accreditation packages. * Coordinate, prepare, and track AIS inspections, reports, and responses * Maintain AIS security records and prepare Co-Utilization Agreements for network nodes operating in government facilities. * Prepare reports on the status of security safeguards applied to computer systems. * Ensure AIS and network nodes are operated, maintained, and disposed of in accordance with security policies and practices. * Perform ISSO duties in support of in-house and external customers. * Assist Department of Defense, National Agency and Contractor organizations with the development of certification and accreditation (C&A) efforts * Review, track, and conduct AIS training. Minimum Qualifications: * Bachelor's degree or equivalent additional experience (4 years) * 1 year related experience * Minimum 1 year of SAP-related experience highly desired. * Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level 2 within 6 months of the date of hire. * Must complete training on Joint Security Implementation Guidance (JSIG) and Risk Management Framework (RMF) Information Security Continuous Monitoring (ISCM) * Must be familiar with security policy/manuals and the appropriate ICDs/JAFANs/DOD Manuals and other guiding policy documents. * Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners. * Working knowledge of Microsoft Office (Word, PowerPoint, and Excel). * Possess a high degree of originality, creativity, initiative requiring minimal supervision. * Willingness to travel within the organizational Area of Responsibility (AOR) (note - could be extensive, and will include both air and ground transportation) Preferred Qualifications: * Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners. * Working knowledge of Microsoft Office (Word, PowerPoint, and Excel). * Possess a high degree of originality, creativity, initiative requiring minimal supervision. * Willingness to travel within the organizational Area of Responsibility (AOR) (note - could be extensive, and will include both air and ground transportation) Security Clearance Requirements: * US Citizenship is required * Current Top-Secret Clearance with SCI Eligibility. * Eligibility for access to Special Access Program. * Information Willingness to submit to a polygraph. Physical Requirements: * Must be able to remain in a stationary position 50%. * Needs to occasionally move about inside the office to access file cabinets, office machinery, etc. * Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer. * Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations. The projected compensation range for this position is $89,800.00-$150,800.00. There are differentiating factors that can impact a final salary/hourly rate, including, but not limited to, Contract Wage Determination, relevant work experience, skills and competencies that align to the specified role, geographic location (For Remote Opportunities), education and certifications as well as Federal Government Contract Labor categories. In addition, ManTech invests in it's employees beyond just compensation. ManTech's benefits offerings include, dependent upon position, Health Insurance, Life Insurance, Paid Time Off, Holiday Pay, Short Term and Long Term Disability, Retirement and Savings, Learning and Development opportunities, wellness programs as well as other optional benefit elections. ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you are a qualified individual with a disability and require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please email us at ******************* and provide your name and contact information.

At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance and protect these exciting experiences. The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney's information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando. Corporate is required to address security control gap issues identified through various assessment programs. A cybersecurity corrective action job involves developing and implementing plans to address security gaps and vulnerabilities. This includes issues identified through internal assessments against corporate policy, vulnerability scanning, penetration testing, and regulatory issues identified through compliance program assessments such as PCI and EU data privacy. What You'll Do: * Manage reviews of reports, assessments, and findings to identify remediation and/or corrective action needed. * Manage coordination with IT and business partners to facilitate necessary remediation and corrective action. * Manage verification of remediation and corrective action activity to ensure it achieves compliance against security standards such as CIS Benchmarks, NIST, and TWDC policies and standards. * Document and review open items in status reports, including next steps, dependencies, and stakeholders. * Manage communication of results to stakeholders, including technical and non-technical audiences. * Provide recommendations to improve security posture. * Contribute in improving security baselines and standards. * Stay updated on evolving security guidelines and incorporate them into IT and business practices. * Stay informed on emerging threats and vulnerabilities. * Proactively recommend adjustments to mitigate risks. Required Qualifications & Skills: * A minimum of 10 years of related cybersecurity experience * Demonstrated experience managing corrective action. * Ability to manage and work well with individuals and teams with varying technical and business backgrounds. * Deep understanding of security frameworks and standards. * Significant relationship management skills. * Analytical thinking and attention to detail. * Established problem-solving skills with an ability to develop creative alternatives to complex problems, as well as continuous improvement process skills * Demonstrated ability to handle confidential information. * Managerial experience in a security program for a large and complex organization. Required Education: * Bachelor's degree or equivalent experience in Cyber Security, Computer Science, Management Information Systems, or related field. The hiring Range for this position in California is $138,900.00 to $186,200.00 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. About The Walt Disney Company (Corporate): At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe. About The Walt Disney Company: The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate). Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information or disability, or any other basis prohibited by federal, state or local law. Disney champions a business environment where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a constantly evolving world. Apply Now Apply Later Current Employees Apply via My Disney Career Explore Location

ISSO Employment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: * Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. * Maintain responsibility for managing cybersecurity risk from an organizational perspective. * Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. * Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. * Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). * Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. * Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. * Provide subject matter expertise for cyber security and trusted system technology. * Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. * Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. * Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. * Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: * Bachelor's Degree. * A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. * eMASS experience. * Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. * Strong desktop publishing skills using Microsoft Word and Excel. * Experience with industry writing styles such as grammar, sentence form, and structure. * Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: * CISSP, CASP, or a similar certificate is preferred. * Master's Degree in Cybersecurity or related field. * Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. * Demonstrated ability to work well independently and as a part of a team. * Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: ************************************* For more information about CGS please visit: ************************** or contact: Email: ******************* $92,213.33 - $125,146.66 a year

Description & Requirements Reporting to the Sr. Manager for the Program Security Services team (US Services), the Lead Security Analyst-ISSO is responsible for managing the overall security posture of their assigned projects. Acting as an independent contributor, the Lead Analyst-ISSO will document and validate security compliance requirements, as defined in client contracts and established regulatory frameworks (NIST 800-53, HIPAA, IRS 1075, CMS MARS-E/ARC-AMPE, PCI-DSS). This position requires broad knowledge of Information Technology, including cloud providers such as Azure and AWS. This role will also manage stakeholder relationships with both internal and external customers. US citizenship is required per contract/client, at least one of the following certifications is required: CISSP (preferred), CISA or CISM. Experience with NIST 800-53 and the ability to travel up to 10% is required. Essential Duties and Responsibilities: - Responsible for ensuring information security for an assigned area of Business/Project focusing on key areas of risk, as outlined in the Information Security policy, under the direction of the Information Security management team. - Conduct Information Security risk assessments and compliance evaluations for infrastructure and application assets within required timeframes and to industry standards and regulatory specifications. - Ensure controls are properly and fully implemented to address identified Information Security risks for assigned area of responsibility. - Define, create and maintain the documentation for certification and accreditation of each information system in accordance with regulatory requirements. - Lead and support audits and client reviews of security posture; coordinate the collection, review and submission of Information Security deliverables and track the remediation of audit findings and exceptions. - Manage expectations with multiple stakeholders on projects and programs in conjunction with the Information Security team. - Promotion of Information Security awareness through various communication channels within the organization. - Collaborate with the Information Security team members on process improvements, secure design and recertification of MAXIMUS assets. Identify potential security control gaps by reviewing evidence provided by stakeholders, system generated reports and/or control implementation statements. Perform risk assessments using vulnerability management and application security testing reports. Initiate formal security exception process, when required. Develop Plan of Action and Milestones (POA&M) as necessary. Minimum Requirements - Please refer to the additional information section of the job requisition for this opening to determine clearance eligibility required. - Bachelor's degree and 7+ years of relevant professional experience required, or equivalent combination of education and experience. US Citizenship is REQUIRED per contract/client. At least one of the following certifications is REQUIRED: CISSP (preferred), CISA or CISM Experience with NIST 800-53 is REQUIRED Ability to travel nationally up to 10% is REQUIRED HIPAA experience is preferred Experience with Cloud providers, such as Azure and AWS Knowledge of any of the following security frameworks is preferred: IRS 1075, CMS MARS-E/ARC-AMPE, PCI-DS Demonstrates excellent interpersonal, presentation and verbal/written communication skills Demonstrates strong customer service skills Ability to communicate technical information to non-technical staff Ability to work collaboratively with a broad range of staff (including analysts, engineers and leadership) Proficiency with Microsoft Office SmartSheet experience is a plus Ability to perform comfortably in a fast-paced, deadline-oriented work environment Ability to organize and execute complex tasks Ability to work as a team member as well as independently #LI-JH1 #maxcorp #LeadSecurityAnalyst #HotJobs0311LI #HotJobs0311FB #HotJobs0311X #HotJobs0311TH #TrendingJobs EEO Statement Active military service members, their spouses, and veteran candidates often embody the core competencies Maximus deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We're proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. Maximus is an Affirmative Action/Equal Opportunity Employer. Maximus provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Minimum Salary $ 111,605.00 Maximum Salary $ 145,000.00

PENNYMAC Pennymac (NYSE: PFSI) is a specialty financial services firm with a comprehensive mortgage platform and integrated business focused on the production and servicing of U. S. mortgage loans and the management of investments related to the U. S. mortgage market. At Pennymac, our people are the foundation of our success and at the heart of our dynamic work culture. Together, we work towards a unified goal of helping millions of Americans achieve aspirations of homeownership through the complete mortgage journey. A Typical Day The Senior Information Security Engineer will be a part of our Information Security department and work closely with development teams, product teams, and other stakeholders across the organization. The Senior Information Security Engineer will integrate security into the product lifecycle from design through deployment, with a strong emphasis on cloud environments, secure coding, vulnerability management, attack surface reduction and DevOps practices. The engineer will be responsible for implementing and maintaining advanced security measures to safeguard Pennymac's software systems, applications, code, and related components. The ideal candidate will have a strong background in both cloud and on- premises environments, proficiency in scripting languages (particularly BASH and/or PowerShell), and the ability to understand multiple programming languages. Key responsibilities include managing security across multiple applications, CI/CD pipelines, Infrastructure as Code (IaC) practices, and conducting risk assessments. The role requires a blend of technical expertise in cloud platforms (primarily AWS, with some GCP exposure), system administration skills across Linux and Windows environments, and the ability to effectively communicate complex security concepts to both technical and non-technical audiences. This position offers the opportunity to drive security innovation, mentor junior staff, and contribute to the development of comprehensive, multi-year cybersecurity strategies for Pennymac. The Senior Information Security Engineer will: Work with product teams throughout the entire SDLC to ensure code is secure by design, secure by default, secure in deployment and communication. Implement and maintain key security platforms including DAST, SAST, SCA, CSPM to enhance the organization's security posture. Provide subject matter expertise on application security domains, including secure coding practices, continuous integration and deployment, and threat modeling. Perform application code analysis and contribute to security-related code reviews and scanning capabilities across multiple programming languages (e. g. , Ruby, Python, Bash, TypeScript, Java, JavaScript, C++, Go). Develop and maintain scripts to automate security processes and enhance efficiency. Stay current with emerging security threats, technologies, and best practices, applying this knowledge to continuously improve Pennymac's security posture. Build relationships with development teams to foster an inclusive culture. Provide subject matter expertise on application security domains including secure coding practices, continuous integration and continuous deployment, and threat modeling. Participate in and provide support during high-priority cybersecurity incidents. Configure cybersecurity systems to monitor and protect serverless and container based computing applications. Work cross-functionally with DevOps, application development, database, and infrastructure teams to develop and maintain complex systems that involve integration across in-house developed, COTS, and open-source components. Establish oneself as a trusted security advisor leading the design, definition and implementation of security best practices and standards and ensure product development teams integrate them into their development workflow. Support the establishment, implementation, and governance of secure development standards and security baseline requirements. Drive threat modeling, risk assessment, penetration test findings analysis, and security technology assessments. Maintains an open communication channel with operations, development, and product teams to ensure security is integrated early and is working to solve business needs. Mentor junior staff to develop understanding of DevSecOps, Application Security, and Information Security. What You'll Bring Approximately 3+ years of experience in programming and/or scripting languages. Ability or aptitude to operate within Gitlab and Azure DevOps source code and CI/CD technology stacks. Experience dealing with secure network and system design in Amazon Web Services (AWS) Expert understanding of secure configuration management and security controls. Experience reviewing SAST, DAST, penetration test, and SCA results and providing remediation recommendations. Experience performing application code analysis across multiple programming languages (e. g. , Ruby, Python, Bash, TypeScript, Java, JavaScript, C++, Go). Capable of architecting, engineering, and operationalizing application security technologies through plan, development, build, test, release, deploy, operate, and monitor phases of the SDLC. Experience in developing and/or reviewing secure development standards that incorporate regulatory and industry best practices. Desired experience with Web Penetration Testing tools for validation of security requirements. Excellent problem solving, critical thinking, interpersonal, collaboration, written and verbal communication skills. Must have a mindset of continuous improvement of people, processes and technology. Ability to work independently and self-motivate. Why You Should Join As one of the top mortgage lenders in the country, Pennymac has helped over 4 million lifetime homeowners achieve and sustain their aspirations of home. Our vision is to be the most trusted partner for home. Together, 4,000 Pennymac team members across the country are guided by our core values: to be Accountable, Reliable and Ethical in all that we do. Pennymac is committed to conducting a business that makes positive contributions and promotes long-term sustainable growth and to fostering an equitable and inclusive environment, where all employees and customers feel valued, respected and supported. Benefits That Bring It Home: Whether you're looking for flexible benefits for today, setting up short-term goals for tomorrow, or planning for long-term success and retirement, Pennymac's benefits have you covered. Some key benefits include: Comprehensive Medical, Dental, and Vision Paid Time Off Programs including vacation, holidays, illness, and parental leave Wellness Programs, Employee Recognition Programs, and onsite gyms and cafe style dining (select locations) Retirement benefits, life insurance, 401k match, and tuition reimbursement Philanthropy Programs including matching gifts, volunteer grants, charitable grants and corporate sponsorships To learn more about our benefits visit: ********************* page. link/benefits For residents with state required benefit information, additional information can be found at: ************ pennymac. com/additional-benefits-information Compensation: Individual salary may vary based on multiple factors including specific role, geographic location / market data, and skills and experience as defined below: Lower in range - Building skills and experience in the role Mid-range - Experience and skills align with proficiency in the role Higher in range - Experience and skills add value above typical requirements of the role Some roles may be eligible for performance-based compensation and/or stock-based incentives awarded to employees based on company and individual performance. Salary $95,000 - $155,000 Work Model REMOTE

This role will design Storyblok's information security strategy and lead all compliance and audit processes. Ensuring the risk and vulnerability assessment activities are carried out according to the ISO 27005 Standard. The information security manager will also plan steps to mitigate the identified risks. The person will lead the incident response process for security breaches and coordinate relevant teams. The role will collaborate with different functions and is responsible for training, supporting and coordinating different team members. ESSENTIAL JOB FUNCTIONS * Design the information security strategy, document it, and enable the team: * Design a strategy and a road map for Storyblok's information security management system. * Develop, implement, and maintain information security policies, guidelines, documentation, and processes. * Align security policies with Storyblok's goals and regulatory requirements. * Manage the roll-out of information security changes and ensure policies are communicated and enforced throughout the company. * Enable and train the team on security-related topics. * Risk Management: * Ensure that risk and vulnerability assessment activities are carried out according to the ISO 27005 Standard. * Identify any vulnerable areas within the company by actively reviewing results from risk assessments and proposing immediate mitigation steps. * Actively review reports from pentests and ensure timely resolution by the product team. * Incident Response: * Lead the incident response process for security breaches and coordinate the process with all relevant teams. * Develop and maintain an incident response plan. * Coordinate with relevant teams to investigate and respond to security incidents. * Compliance and Audit: * Ensure compliance with relevant laws, regulations, and certification standards (e.g., GDPR, ISO, Fedramp, Privacy Acts). * Prepare for and manage security audits - ISO, Fedramp - to maintain or receive certificates. * Implement corrective actions and strategies based on audit findings. * Stay updated on the latest security trends, technologies, and standard updates. * Technical Security Measures: * Oversee the implementation and maintenance of security technologies or tools. * Monitor our information security landscape and ensure these systems' secure configuration and management. * Design automated, scalable, and efficient information security solutions. * Management: * Collaborate with multiple internal teams to improve our information security system. * Mentor and coordinate team members who are part of our information security processes to complete projects successfully. * Support other team members with their security questionnaires and vendor process. * Promote a culture of security awareness within the organization. * Lead the communication with any external security-relevant parties. Qualifications: * More than 7 years relevant experience in Information Security or Cybersecurity. * Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. * Proven experience in successfully implementing Fedramp and at least one more information security related certification like ISO 27001, SOC, NIST. * Experience with setting up and maintaining an information security environment in a remote setup. * Professional certifications such as, CISM (Certified Information Security Manager), ISO 27001 LI or equivalent. * Work experience in a company that is ISO 27001 and Fedramp certified. * Strong experience with MDM, Authentication Management, Infrastructure and other information security-relevant tools. * Strong analytical, problem-solving, and decision-making skills. * Excellent communication and interpersonal skills. * Ability to manage multiple projects and priorities in a fast-paced environment. Preferred Skills: * Experience with Google Workspace * Experience with security information and event management (SIEM) systems. * Knowledge of cloud security principles and practices. * Experience in incident response and digital forensics. * Understanding of secure software development practices. * Knowledge about Cybersecurity * Good GDPR and Privacy skills Nice to Have: CISSP (Certified Information Systems Security Professional) Work Environment: * Full-time position, typically within an office setting. * May require occasional travel to other company sites or conferences. * On-call availability for emergency incidents or critical updates. This job description serves as a general guideline for the responsibilities and qualifications expected of an Information Security Manager. Specific duties and requirements may vary based on the organization's size, industry, and specific needs.

NATIONAL LEADERS IN PEDIATRIC CARE Ranked among the top 10 pediatric hospitals in the nation, Children's Hospital Los Angeles (CHLA) provides the best care for kids in California. Here world-class experts in medicine, education and research work together to deliver family-centered care half a million times each year. From primary to complex critical care, more than 350 programs and services are offered, each one specially designed for children. The CHLA of the future is brighter than can be imagined. Investments in technology, research and innovation will create care that is personal, convenient and empowering. Our scientists will work with clinical experts to take laboratory discoveries and create treatments that are a perfect match for every patient. And together, CHLA team members will turn health care into health transformation. Join a hospital where the work you do will matter-to you, to your colleagues, and above all, to our patients and families. The work will be challenging, but always rewarding. It's Work That Matters. Overview This position is remote. Candidates must reside in California. Purpose Statement/Position Summary: Information Security protects CHLA's data and information for patients, employees, research and all business functions. The Information Security Engineer will provide technical leadership and architectural expertise to ensure the security and protection of CHLA's information assets and information technology resources. This will include planning, designing, and implementing of security device solutions based on business and technical requirements while working with CHLA clinical staff and co-workers within the Information Services department. Research, develop and improve best practices to include changes in technology and regulatory requirements such as HIPAA and HITECH as it pertains to CHLA goals and standards. Minimum Qualifications/Work Experience: 7+ years work experience required. Information Security solution/tool engineering experience required. Internal and third-party risk assessments experience highly preferred. Cloud security, Information Security metrics and reporting, and Information Security operations experience preferred. Knowledge of the following: • Knowledge and use of VPN, IPSec, DES encryption, Digital Certificates, SSL, TCP/IP, DNS, DMZ and web security architecture, Nmap, Nessus, CoreImpact, CyberArk, Q1, Webinspect, Snort, or related products and applications. • Knowledge of information security standards, rules and regulations related to information security and data confidentiality (e. g. , HIPAA, HITECH, etc. ) and desktop, server, workstation, application, database, network security principles for risk identification and analysis. • Knowledge of business process standards and policies (ITIL, LEAN, Six Sigma). Strong analytical and problem-solving skills. Excellent communication (oral, written, presentation), interpersonal and consultative skills. • Deep understanding of information security in a highly regulated environment • Experience with assessing risk and compensating controls • Ability to establish requirements, plan, design, implement and operationalize security solutions • Experience engineering and operating a wide variety of information security technologies • Good communication skills • Ability to think creatively to address problems and opportunities • Technical expertise • Detail oriented Education/Licensure/Certification: Bachelor's Degree in Computer Science or Computer Software Engineering preferred. CISSP or GIAC certifications or equivalent. Training and certification on network equipment and protocols. Pay Scale Information $99,424. 00-$178,963. 00 CHLA values the contribution each Team Member brings to our organization. Final determination of a successful candidate's starting pay will vary based on a number of factors, including, but not limited to education and experience within the job or the industry. The pay scale listed for this position is generally for candidates that meet the specified qualifications and requirements listed on this specific job description. Additional pay may be determined for those candidates that exceed these specified qualifications and requirements. We provide a competitive compensation package that recognizes your experience, credentials, and education alongside a robust benefits program to meet your needs. CHLA looks forward to introducing you to our world-class organization where we create hope and build healthier futures. Children's Hospital Los Angeles (CHLA) is a leader in pediatric and adolescent health both here and across the globe. As a premier Magnet teaching hospital, you'll find an environment that's alive with learning, rooted in care and compassion, and home to thought leadership and unwavering support. CHLA is dedicated to creating hope and building healthier futures - for our patients, as well as for you and your career! CHLA has been affiliated with the Keck School of Medicine of the University of Southern California since 1932. At Children's Hospital Los Angeles, our work matters. And so do each and every one of our valued team members. CHLA is an Equal Employment Opportunity employer. We consider qualified applicants for all positions without regard to race, color, religion, creed, national origin, sex, gender identity, age, physical or mental disability, sexual orientation, marital status, veteran or military status, genetic information or any other legally protected basis under federal, state or local laws, regulations or ordinances. We will also consider for employment qualified applicants with criminal history, in a manner consistent with the requirements of state and local laws, including the LA City Fair Chance Ordinance and SF Fair Chance Ordinance. Qualified Applicants with disabilities are entitled to reasonable accommodation under the California Fair Employment and Housing Act and the Americans with Disabilities Act. Please contact CHLA Human Resources if you need assistance completing the application process. Diversity inspires innovation. Our experiences, perspectives and backgrounds allow us to better serve our patients and create a strong community at CHLA. IS - Information Security

Duties and Responsibilities Assist in implementing Security Information and Event Management (SIEM), which includes but is not limited to; identifying deployment solutions, maintaining logs, assisting in developing company best practices for security alert correlations, perform root case analysis after incidents Assist with Endpoint Detection and Response (EDR) vendor analysis and deployment, which includes, but is not limited to; partnering with IT to develop a decision matrix for EDR vendor selection, assist with deployment, develop patterns for automatic response to identified threats Conduct structured and unstructured data scans, testing, and debugging of applications by using a variety of technical privacy tools to increase compliance and documentation of procedures and information assets Write and deploy SQL to archive and or purge data from databases and to locate, review, explain and document data for privacy requirements Perform regular privacy assessments and impact analysis on databases and operational processes by developing effective tools, training, and guidance to help identify and mitigate risk. This includes data anonymization, pseudonymization and encryption Perform detection, analysis, and containment of an incident Identify key performance metrics for security IR and implement instrumentation for those metrics Maintain, manage and prioritize hardware, software, systems and/or product backlog, while actively identifying risks, constraints, and dependencies that would impact roadmap Demonstrate, integrate, and collaborate on enhancing existing security solutions and services to address any gaps or deficiencies Perform security incident response drill scenarios and lead table top exercises Ensure proper training for stakeholders regarding their incident response roles and responsibilities in the event of a breach Collaborate with internal teams to ensure the data retention or system requirements, user-facing privacy controls, new or existing software, and big data solutions enable the business to be data driven while protecting the data assets Work with the legal department to produce data both internally and externally and ensure any legal request or litigation hold requirements are met Assist with projects and enhancements, including gathering requirements, conducting research, task management and updating key partners and stakeholders with the goal of developing solutions to help mitigate privacy vulnerabilities and future privacy risks Studies and interprets past privacy events and current privacy threats to improve privacy compliance using advanced technologies and design principles to develop and implement new tools and processes Assist both internal and external teams on data governance strategy, updates to legal regulations, and direction on future roadmaps Collaborate with vendors on data and privacy standards Qualifications & Requirements Bachelor's Degree in computer science, IT, systems engineering, or related qualification 2+ years of experience in the security industry working in any combination of the following areas: Risk management, cloud operations and engineering, network security monitoring, log analysis, static and dynamic malware analysis, NIST Kill Chain, MITRE ATT&CK framework, threat hunting, SIEM, EDR Experience responding to security events Writing and reviewing code (Java, Python, Node or similar) Excellent written and verbal communication, facilitation, and presentation skills to collaborate effectively with software engineering teams Implementing security detection capabilities Proven ability to make decisions and perform complex problem-solving activities under pressure Some knowledge of AWS cloud infrastructure and their threat landscape

Cooley is seeking an IG Compliance & Security Analyst to join the Information Governance & Data Privacy team. Cooley Information Services (IS) embraces a culture of customer service excellence and all members of the department are expected to move this agenda forward. To that end, the IG Compliance & Security Analyst is expected to recognize that the Cooley IS Department is a service organization first and foremost and will be evaluated on this requirement equal in importance to the technical or operational responsibilities outlined later in this document. Position responsibilities: Conduct both internal and external audits to ensure compliance with all industry-mandated regulations Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures Monitor activities of assigned IS areas to ensure compliance with internal policies and standards Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance Provide guidance to business functions on compliance/security-related matters Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of deliverables Conduct formal risk assessment reviews to determine the critical points of business exposure Evaluate and recommend commercial governance, risk and compliance vendors and tools Maintain the firm's ISO 27001 certification Maintain the firm's governance, risk and compliance tools Answer client assessment and audits to ensure firm compliance Perform assessments and audits of vendors to ensure compliance with firm security policies and procedures Develop and maintain metrics that assess the firm's governance, risk and compliance initiatives Assess and track the firm's compliance to existing and future global regulations in privacy and security Assess and track the firm's compliance with standard security frameworks such as ISO and NIST Assist in the identification of risks, threats and vulnerabilities to firm Track risks and mitigation efforts Participate in governance, risk and compliance forums and organizations to learn new ideas to solve problems Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status Perform periodic security risk assessments and advise business stakeholders on best practices to reduce risk and overall breach profile All other duties as assigned or required Skills and experience: Required: Ability to work extended and/or weekend hours, as required Ability to travel, as required 3+ years' experience in governance, risk and compliance (GRC) processes, solutions, information security and auditing; Eligible for consideration of Senior designation with 5+ years' directly applicable work experience CISSP or equivalent certifications and/or experience Demonstrated ability to apply IS-related knowledge and experience in solving compliance issues Background in security controls, auditing, network and system security Proven practical experience in information security and well-rounded knowledge of IST Experience with managing and implementing ISO 27001 or NIST compliance Demonstrated experience evaluating the security posture of vendors and system architecture Prior experience implementing and running incident management programs and systems Prior experience handling vendor relationships Project management experience Preferred: Bachelor's degree in Information Technology or Computer Information Systems Prior law firm experience Desired certifications: PCIP, ISA/QSA, CISSP, CISA, CISM, and related GIAC Experience acting in an independent audit function Experience implementing GDPR, HIPAA, SOC 2 audits Additional security certifications Competencies: Exceptional customer service skills Ability to express technical concepts in business terms Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently Excellent analytical, problem-solving and project management skills Ability to balance security best practices with business objectives Proven track record of excellent decision-making, integrity and working with IS management, business users and staff Excellent oral and written communication skills, including technical and user documentation Detail orientated and strong organizational skills Ability to work independently and under high pressure with tight schedules and deadlines Ability to interact well with all levels of staff Excellent active listening skills Ambitious and motivated team player Capable of grasping new concepts quickly and without prior experience Ability to interact and coordinate with several teams to achieve objectives Ability to solve problems independently and simultaneously, effectively managing multiple tasks Professional demeanor at all times Cooley offers a competitive compensation and excellent benefits package and is committed to fair and equitable employment practices. EOE. The expected annual pay range for this position with a full-time schedule is $85,000 - $120,000. Please note that final offer amount will be dependent on geographic location, applicable experience and skillset of the candidate. Senior level candidates may be considered for this position and would be eligible for a higher salary range based on experience. We offer a full range of elective benefits including medical, health savings account (with applicable medical plan), dental, vision, health and/or dependent care flexible spending accounts, pre-tax commuter benefits, life insurance, AD&D, long-term care coverage, backup care for children and/or adults and other parental support benefits. In addition to elective benefit options, benefited employees receive firm-paid life insurance, AD&D, LTD, short term medical benefits as well as 21 days of Paid Time Off ("PTO") and 10 paid holidays each year. We provide generous parental leave and fertility benefits. New employees will attend a detailed benefit orientation to learn more about our many benefits and resources. RequiredPreferredJob Industries Other

**Requisition ID: R10188545** + **Category:** Security + **Clearance Type:** Secret + **Shift:** 1st Shift (United States of America) + **Travel Required:** Yes, 10% of the Time + **Positions Available:** 1 At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Northrop Grumman Aeronautics Systems sector is seeking an **Industrial Security Analyst** to join our team of qualified, diverse individuals. This position will be located at Edwards AFB, CA. **Roles and Responsibilities:** Serve as an security specialist on a classified security team. Primarily responsible for performing security and administrative duties in support of operations while working in a high OPTEMPO environment. Additional duties may include assisting in conducting security education briefings, security audits, physical security inspections, and general security support for a classified program. **Basic Qualifications:** + Bachelors Degree with 2 years of security experience OR an additional 4 years of security or related administrative experience will be considered in lieu of a degree + Candidate must have and be able to maintain an active U.S. government security clearance at the Secret level with a background investigation date within the last 6 years + Ability to obtain and maintain access to a Special Access Program (SAP) + Must be proficient in desktop computing and MS Office (Word, Excel, and Outlook) + Must have excellent oral and written communication skills and a self-starter attitude **Preferred Qualifications:** + Active Top Secret clearance with a background investigation date within the last 6 years + CDSE Professional Certification + Experience working in an SAP environment + Working knowledge of the NISPOM and DoD SAP Manuals + Ability to prioritize and multi-task with minimal supervision + Ability to work in a fast-paced environment + Ability to maintain positive working relationship with internal and external customers + Excellent customer service and communication skills + Ability to maintain flexibility to deal with changing priorities and deadlines + Strong working knowledge of basic office automation tools such as MS Office (Word, Excel, PowerPoint) **Salary Range:** $73,900 - $110,900 The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business. The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates. Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

The Information Security Analyst III is responsible for developing, implementing, and monitoring security measures to protect sensitive data and ensure compliance with industry regulations. This includes daily operational monitoring of security events and vulnerabilities, as well as risk management activities and security audits. This person will join a team of information security personnel responsible for protecting the confidentiality, integrity and availability of company assets. This opportunity is highly engaging and will make meaningful impacts that strengthen the overall security of the organization. ESSENTIAL FUNCTIONS: Area #1 (100%) Continuously monitor security events across the enterprise and analyze them to detect malicious or anomalous patterns. Work closely with IS and IT teams to investigate, identify, and resolve security events. Continuously improve security monitoring and reporting processes to enhance the organization's ability to detect and respond to threats. Collaborate with IS team members on security events and vulnerability management to ensure continuous monitoring and response to emerging threats. Conduct regular user access reviews and assist in the user access lifecycle process to ensure appropriate access and controls are in place. Work with application owners to review and update access controls for critical systems and applications. Perform risk assessments of third-party vendors and partners to evaluate their security posture. Monitor and report on compliance with security policies and regulations. Support the development and maintenance of security documentation and procedures. Perform related duties, as required, for the training and development purposes. Assist the information security team with ad-hoc tasks such as incident response and log analysis OTHER RESPONSIBILITIES: Successfully complete all mandatory training on related Bank and BSA compliance as well as other laws and regulations as assigned in a timely manner. Perform all assigned duties under Bank's compliance programs and related laws & regulations. Perform other duties as assigned. Education, Experience and Skills Required: Hold at least one of the following certifications : CISSP, CEH, CCSK, CCSP, CISA, CIS Have a Bachelor's degree of science in computer science/engineering/mathematic Have at least 3 years of technical experience in information security or information technology Have at least 5+ years of experience working with security technology including Vulnerability scanner, DLP, SSO, SIEM, Web gateway, PKI, etc. Solid understanding of security principles such least privileged access, 3-tier architecture, network security, etc. Excellent written skills to be able to document technical specs and system design COMMUNICATION DEMANDS: Attention to detail, strong organizational, communication, interpersonal, self-motivated, and analytical skills, ability to interact with all levels of management and staff. WORK ENVIRONMENT: Standard office environment. Noise level in work environment is usually average. Hear in the normal audio range with or without correction. Specific vision abilities required by this job include close vision and the ability to adjust focus Compensation The base pay range for this position is USD $85,000.00/Yr. - USD $115,000.00/Yr plus full benefits. Exact offer will be determined based on job-related knowledge, skills, experience, and location.

At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance and protect these exciting experiences. The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney's information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando. Corporate is required to address security control gap issues identified through various assessment programs. A cybersecurity corrective action job involves developing and implementing plans to address security gaps and vulnerabilities. This includes issues identified through internal assessments against corporate policy, vulnerability scanning, penetration testing, and regulatory issues identified through compliance program assessments such as PCI and EU data privacy. What You'll Do: Manage reviews of reports, assessments, and findings to identify remediation and/or corrective action needed. Manage coordination with IT and business partners to facilitate necessary remediation and corrective action. Manage verification of remediation and corrective action activity to ensure it achieves compliance against security standards such as CIS Benchmarks, NIST, and TWDC policies and standards. Document and review open items in status reports, including next steps, dependencies, and stakeholders. Manage communication of results to stakeholders, including technical and non-technical audiences. Provide recommendations to improve security posture. Contribute in improving security baselines and standards. Stay updated on evolving security guidelines and incorporate them into IT and business practices. Stay informed on emerging threats and vulnerabilities. Proactively recommend adjustments to mitigate risks. Required Qualifications & Skills: A minimum of 10 years of related cybersecurity experience Demonstrated experience managing corrective action. Ability to manage and work well with individuals and teams with varying technical and business backgrounds. Deep understanding of security frameworks and standards. Significant relationship management skills. Analytical thinking and attention to detail. Established problem-solving skills with an ability to develop creative alternatives to complex problems, as well as continuous improvement process skills Demonstrated ability to handle confidential information. Managerial experience in a security program for a large and complex organization. Required Education: Bachelor's degree or equivalent experience in Cyber Security, Computer Science, Management Information Systems, or related field. The hiring Range for this position in California is $138,900.00 to $186,200.00 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. Job Posting Segment: Enterprise Technology Job Posting Primary Business: Corporate Global Information Security Primary Job Posting Category: Security Governance Employment Type: Full time Primary City, State, Region, Postal Code: Burbank, CA, USA Alternate City, State, Region, Postal Code: USA - FL - Kirkman Point 1 Date Posted: 2025-02-19