Information security analyst jobs in Rye, NY - 51 jobs

The Information Security Analyst plays a key role in advancing the company's Governance, Risk & Compliance (GRC) program by protecting enterprise information assets and ensuring compliance with regulatory, contractual, and ethical standards. This position offers hands-on experience across multiple security domains including policy governance, risk management, AI governance, and data security, making it an excellent opportunity for early career professionals or recent graduates passionate about cybersecurity and emerging technology risks. In this role, you will collaborate with teams across Information Security, IT, and Legal to drive initiatives that safeguard sensitive data, maintain compliance obligations, and promote responsible use of artificial intelligence and other advanced technologies. Responsibilities Governance & Policy Management Assist in developing, maintaining, and aligning information security policies with frameworks such as NIST CSF, ISO 27001, SOC 2, CIS, and the NIST AI RMF. Contribute to documentation and control mapping for new or updated regulations related to AI, privacy, and data protection (e.g., GDPR, CCPA, NIST 800-53 Rev 5). Support internal policy review cycles, ensuring consistent version control and executive approval. Risk Management Participate in enterprise risk assessments, including third-party, application, and AI model risk reviews. Help identify, document, and track remediation of security and privacy risks within the GRC platform (e.g., Drata, ServiceNow GRC, OneTrust, Vanta, etc.). Support the development of risk metrics and dashboards for leadership reporting. Learn to evaluate AI-related risks such as model bias, data leakage, data lineage, model transparency, and unintended data exposure. Data Governance & Data Security Assist with data classification, retention, and handling standards, ensuring sensitive data is appropriately protected. Support data inventory and mapping efforts to improve visibility where critical data resides. Help review access controls, encryption standards, and secure data transfer processes in coordination with IT teams. Collaborate with the IT team to ensure alignment between data quality, privacy, and security controls. Compliance & Audit Support Gather and organize evidence for internal and external audits (ISO 27001, PCI, HIPAA, etc.). Maintain control documentation and track audit remediation activities. Support continuous monitoring of compliance requirements and updates to regulatory obligations, including emerging AI governance and data-related laws. AI Governance Support Contribute to inventories of AI tools and use cases across the enterprise. Assist in risk assessments for AI systems, ensuring they align with responsible AI principles such as fairness, accountability, and transparency. Collaborate with IT and legal teams to ensure that AI use complies with company policies. Security Awareness & Communication Help design and distribute training materials related to cybersecurity, data protection, and responsible AI practices. Support internal campaigns promoting secure data handling and ethical technology usage. Prepare metrics, dashboards, and presentations for leadership briefings. Continuous Improvement Participate in projects that automate or streamline GRC processes, such as policy lifecycle management or risk scoring. Stay informed about new threats, regulatory trends, and AI governance frameworks. Engage in ongoing professional development and certification opportunities. Qualifications Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Data Science, or a related field is preferred 0-2 years of experience in cybersecurity, risk management, compliance, or data governance (internship or coursework acceptable). Understanding of cybersecurity principles, risk management, and data privacy fundamentals. Basic familiarity with AI systems, data governance concepts, or information security practices. Strong analytical, communication, and documentation skills. Ability to manage multiple priorities in a fast-paced environment. Proficient in Microsoft Excel, PowerPoint, and data analysis or GRC tools. Exposure to frameworks such as NIST CSF, ISO 27001, SOC 2, NIST AI RMF, or COBIT. Must be able to work in the U.S. without sponsorship Per applicable state requirements, the annual pay range for this position ($60,500 - $84,000) which consists of base salary (subject to performance), reflects the hiring range for candidates. Also note, an individual's offer may vary from this range as it may be impacted by additional factors, including but not limited to the candidate's hiring location, qualifications, experience, and market factors.

We are seeking a Senior Security DevOps Engineer who will be responsible for a variety of objectives resulting in risk mitigation and remediation of internal & external security threats. This role performs advanced threat analysis, threat intelligence gathering & reporting, incident response activities, improves accuracy of security systems, improves existing processes, and works on Cybersecurity focused projects. Contract to hire Onsite 2 days a week located in New York Cybersecurity - Cyber Intelligence & Incident Response Responds to and remediates email, endpoint, threat intelligence, and network-based threats; provides forensic investigation and support. Provides after-hours support as needed for response activities. Integration experience. Collaborates with cross divisional and Cybersecurity teams to continuously improve security capabilities and response to threats in the most efficient and effective manner. Assists with projects to implement advanced technologies to prevent & identify malicious behavior within cloud environments, networks, endpoints, and email technologies. Operates products such as SIEM, SOAR, threat intelligence platforms, advanced email protection, EDR, cloud security products, IDS/IPS, Zero Trust tooling, and other security technologies. Scripting experience. Implements and performs threat analysis utilizing industry standard frameworks (kill chain/diamond model) and techniques. Proposes and helps review security plans and policies to improve environmental security. Maintains and produces metrics, operational playbooks, process diagrams and documentation for the Cybersecurity program. AWS and/or Azure knowledge. Produces and distributes operational and tactical threat intelligence reports. Other duties may be assigned as needed to address new security threats facing the enterprise. Ability to: Demonstrate great teamwork and partnership with internal teams for resolution of security-based issues. Python programming tasks and understand of programming in general. Perform security event correlation, triage, and analysis. Apply security Threat Intelligence while responding to and investigating security events or Incidents. Identify when an application, network, system, or user has been compromised by an internal or external threat. Work on multiple projects to improve security capabilities. Exercise strong understanding of defense-in-depth security best practices. Apply security engineering and architecture concepts to best understand how to employ the most effective security monitoring, response, and threat reporting. Demonstrate effective communication of security issues and topics to management and others. Work well under pressure and within a high paced environment. Maintain operational guidelines and standards for Cybersecurity.

Senior Manager IT Quality Assurance Validation Computerization Systems Allendale, NJ Lynkx Staffing LLC specializes in placing talented professionals in the Biotechnology, Pharmaceutical and Medical Devices IT & Human Resources disciplines in New Jersey. The Senior Manager IT Quality will be responsible for supporting the Computerized System Project Teams in the review and QA approval of system validation and infrastructure qualification documentation and protocols, in accordance with FDA regulations/guidelines, 21 CFR Part 11, EU Annex 11, GAMP5, ICH Q10 and latest industry practices. The incumbent will also be responsible for QA oversight of all GxP computerized system activities implementation projects for the company to ensure compliance with regulatory requirements. The scope includes working with multi-functional teams on system implementations, problem resolution, and process improvement projects. Assist in maintaining and, where applicable, improving the effectiveness of the computer system validation and data integrity program. Will participate in the execution of highly complex and specialized projects and must be innovative and practical in project validation problem-solving. Provide QA oversight and assurance that all GxP computerized system implementation and validation activities are executed in accordance with internal procedures and standards and meet all regulatory requirements. Contribute expertise and provides guidance in 21 CFR Part 11, GAMP5, and EU GMP Annex 11 requirements and data integrity principles and requirements as well as participates in assessments. Develop and evaluate quality processes and system standards to ensure compliance with company standards and governmental regulatory requirements. Work closely and collaboratively with various business partners including Information Technology and system owners to effectively and efficiently implement new computerized systems, system upgrades, or system modifications. Review and QA approve various types of system validation and infrastructure qualification documentation, including but not limited to, Master Plans, User Requirements and Functional Requirements Specifications, Design Specifications, IQ, OQ, PQ, Traceability Matrix, Validation protocols and reports. Coordinate implementation validation/qualification strategies and serve as the subject matter expert. Present project status reports to management as well as project teams. Review Change Control requests and assess impact to validation. Support the necessary computerized system validation activities for changes. Perform gap analysis of validation documentation, systems and practices. Communicate identified gaps including recommending and implementing corrective actions and improvements. Participate in supplier site Validation Assessments/Audits and assist to troubleshoot and improve systems and processes. Review corrective actions and implementation closure evidence of observations/recommendations identified in the report. Support internal, client, and regulatory audits and inspections. Generate or review/update computer system related policies, procedures, templates, forms, etc. Maintain up-to-date knowledge and understanding of quality system requirements as they apply to computerized system in accordance with cGxP's regulations, GAMP, industry standards, policies and procedures. Performs other quality system related duties as necessary. REQUIREMENTS BA/BS Degree in a Scientific or Engineering discipline 8 + years experience computerized system experience with IT compliance/validation/qualification activities. 8 + years experience working in an FDA-regulated, GxP-related environment. Demonstrated experience and expertise in 21 CFR Part 11 to ensuring site compliance. Comprehensive knowledge in Software Validation and Data Integrity Principles. Demonstrated experience, results, and accomplishments in QMS and LIMS system implementations. Working knowledge or expertise in Software validation practices and Software Development Life Cycle (SDLC) models. Working knowledge or expertise in Validations of Databases, Custom Software, Configurable Software, Non-Configurable Software, Infrastructure Software, Off-the-shelf software and various computerized systems. Working knowledge or expertise in Design Qualifications (DQ), Installation Qualifications (IQ), Operational Qualifications (OQ), and Performance Qualifications (PQ). Knowledge of Software Risk Management Principles and tools. Knowledge and proven ability working with Risk Management methodologies and tools. Comprehensive knowledge of GAMP5, 21 CFR Part 11, and EU Annex 11 as well as FDA 21 CFR Parts 210/211 (cGMP), ICH Q10, Eudralex Vol 4. Knowledge of PMDA regulations a plus. Experience with application system validation and infrastructure qualification. Experience with vendor audit for computer systems (IT infrastructure, validation etc.) a plus. Experience with writing and approving Standard Operating Procedures and Quality Standards. Proficient in Microsoft Office Suite (e.g., Word, Excel, Project, PowerPoint). Must have a participative management style, strong team development, coaching skills, and the ability to lead and motivate teams. Excellent verbal and written communication skills with the ability to communicate internally and externally to clients and suppliers. Solid organizational and time management skills, proven project management, presentation and facilitation skills. Innovation and strategic compliance skills including looking internally and externally for best practices. The ability to effectively build and maintain relationships with multiple departments in order to effectively solve problems. The ability to organize, prioritize and deliver tasks & projects with a sense of urgency under minimal supervision with attention to detail. Must be able to execute a variable workload with multiple priorities. The ability to enable and drive change while being focused on internal and external customers. Demonstrated results oriented, quick learner, team player; proactive with demonstrated ability to respond to urgent needs and deliver expected results within expected deadlines. Environment includes working with all levels of internal management and staff as well as with external clients, suppliers, and contractors. Work will be performed in both an office environment and a manufacturing facility, with exposure to varying degrees of ambient noise. 10% travel required. Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

**Duration: 12 months contract (with possible extension)** ***Note: Open to candidates who are willing to relocate at their own expense.** + The Workday Application Security Analyst is responsible for ensuring the confidentiality, integrity, and availability of data within the Workday system. + They design, implement, and maintain security configurations, including roles, permissions, and access controls, to protect organizational data and comply with company policies, industry standards, and regulatory requirements. **Job Functions & Responsibilities** + Develop and implement security roles, domain security policies, data and business process security within Workday + Ensure secure integration with other on‐premise and cloud applications like GRC tools + Configure and manage access permissions to ensure users have the appropriate level of access to data and functionality + Ensure compliance with company policies, industry standards (like SOC 2), and regulatory requirements (like GDPR) + Conduct regular security audits and assessments to identify vulnerabilities and areas for improvement + Assist in investigating and responding to security incidents, identifying root causes, and implementing preventive measures + Collaborate with IT, HR, and other stakeholders to align security efforts with business needs and ensure effective communication of security policies and procedures + Create and maintain documentation for security policies, procedures, and configurations, and provide training to users on security best practices + Stay abreast of Workday updates, industry trends, and emerging security threats to continuously improve security configurations and processes + Familiarity with other ERPs like SAP is preferred + Familiarity with GRC and Workday SoD (Segregation of Duties) management is desired **Skills** + SAP ERP (S/4 HANA is a plus) + Workday + Active Directory group management + GRC AC 10.1 and above + Microsoft Clienture + SuccessFactors + Applicable functional knowledge for SAP security areas like Finance, MM, ISU billing, etc. + SAP audit & compliance **Education & Certifications** + Bachelor's degree in engineering, IT, or related field + 7-10 years of hands‐on industry experience in Workday Security implementation and administration + Strong ITGC compliance knowledge for Workday + Familiarity with Workday risk management and GRC integration + Ability to identify, analyze, and resolve complex security and compliance issues + Strong interpersonal and communication skills, with the ability to effectively collaborate with diverse teams ** About US Tech Solutions:** US Tech Solutions is a global staff augmentation firm providing a wide range of talent on-demand and total workforce solutions. To know more about US Tech Solutions, please visit *********************** (*********************************** . US Tech Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Job Title : Cyber Security Identity & Access Management Engineer Experience Required - 7+ Years Must Have Technical/Functional Skills * Deep understanding of Access Management - Authentication & Single Sign-On, authentication protocols like OAuth2.0, OpenID Connect and SAML2.0 * Experience with development of Transmit Security Journeys, WebSDK & scripting (AuthScript) * Hands on experience in implementation of user authentication and authorization using Transmit Security * Hands on with development and deployment of custom developed applications using Java/J2EE technologies. * Hand on with development of REST API using Java Spring Framework * Full understanding of HTTP Request/Response tracing, Session Handling * Good understanding of Secure HTTP communication - client to server and server to server secure communication * Good understanding of Java Spring Boot application development, deployment * Good understanding of NoSQL databases like MongoDB, Casandra, etc. * Good understanding of DevOps tools like Git, Eclipse/IntelliJ, Jenkins, Docker, Puppet, Kubernetes, Ansible, etc. Non-Technical: * Scheduling & Planning - should be able to plan and execute the deliverables as per the proposed design. * Communication - Ability to communicate Up, Down, and Across All Levels of the Organization and Technical Backgrounds * Detail Oriented - Good Understanding of IAM concepts * Analytical, Self-motivated - Critical thinker who can analyze issues and is able to troubleshoot, along with the developers, to find root cause of the problem. * Interpersonal skills and Professional demeanor - Respond to customer inquiries in a timely manner, guiding and advising customers on security best practices in a friendly customer facing manner. * Team Player - Ability to work in a team & collaborate with other application team and infrastructure teams * Problem-Solver - Processes tactical mitigations based on results of analysis and determination of issues found in the incident and issues found in inherited legacy systems. Provide recommendation for improvements on the existing set up Roles & Responsibilities * Incident Triaging - Performing incident resolution through analysis and technology support * Daily Health checks and Monitoring * Operation status reports and metrics: Incident management, Service request management * SLA Management for respond, restore and resolve, Troubleshooting and resolution of issues, Configuration Management, Enhancements, Product Vendor Connect, Platform Support * Knowledge management - SOP creation and updates. Knowledge transition. Provide complete knowledge of system flow and interdependence between various internal and external systems. * Auditing & Reporting - Support Health Equity in audits and provide Out-of-the-box reports Project Management Salary Range - $100,000 to $160,000 per year TCS Employee Benefits Summary: Discretionary Annual Incentive. Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans. Family Support: Maternal & Parental Leaves. Insurance Options: Auto & Home Insurance, Identity Theft Protection. Convenience & Professional Growth: Commuter Benefits & Certification & Training Reimbursement. Time Off: Vacation, Time Off, Sick Leave & Holidays. Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing. #LI-JS2

Full Time Position : Compensation : TBD- based on experience US Citizens and those authorized to work in the US are encouraged to apply. Unfortunately we are unable to offer sponsorships at this time. We're looking for a cut above the rest, someone who is not only technical but also has the skill set as an Architect to design Checkpoint and launch it. Very important that you actually knows how to hold a conversation and walk a client through the process. Qualifications Must have : Proficiency in Check Point products (Firewall, VPN etc) Experience with Blue Coat products (Proxy SG, WAN acceleration, Packetshaping, etc.), Citrix NetScaler or IP Load balancing product and WebSense products Very important that you actually knows how to hold a conversation and walk a client through the process. Must be analytical, and have extreme good organizational skills Certifications in above technologies CCSE, CCSI, CCSA, CISSP (Not required, but a plus to have) Thank you, John Anton Additional Information All your information will be kept confidential according to EEO guidelines.

The corporation is built around the enterprise relationships that they have as a service provider and an expertise in the industry of technology. Job Description Location: Metro Area Full Time Position: Compensation: TBD- based on experience US Citizens and those authorized to work in the US are encouraged to apply. Unfortunately we are unable to offer sponsorships at this time. We're looking for a cut above the rest, someone who is not only technical but also has the skill set as an Architect to design Checkpoint and launch it. Very important that you actually knows how to hold a conversation and walk a client through the process. Qualifications Must have: Proficiency in Check Point products (Firewall, VPN etc) Experience with Blue Coat products (Proxy SG, WAN acceleration, Packetshaping, etc.), Citrix NetScaler or IP Load balancing product and WebSense products Very important that you actually knows how to hold a conversation and walk a client through the process. Must be analytical, and have extreme good organizational skills Certifications in above technologies CCSE, CCSI, CCSA, CISSP (Not required, but a plus to have) Thank you, John Anton Additional Information All your information will be kept confidential according to EEO guidelines.

EROS Technologies was founded with a simple motive of offering the clients exactly what they want, how they want and when they want it. By leveraging for its clients its technological edge and right-sourcing advantage, EROS in a short period of time has grown to become one of the most trusted strategic technology partners. Treating every client as the top priority, we customize our solutions and services to align with the unique needs of each client. Job Description 5 to 7 years of experience in deployment & implementation of Privileged Identity Management using CyberArk solution for large scale customers across various industry verticals oPlay active role in the execution of the project and demonstrate strong technical leadership oHave a strong knowledge of the Cyber-Ark privileged Identity Management (PIM) suite CyberArk version 7, 8 and 9. oCapture detailed requirements for the Cyber-Ark solution based on input from platform owners, eco-system owners, the target architecture and high-level requirements. oDesign and Architecture of the overall CyberArk implementation. oPerforming compliance checks on CyberArk for IT security safes and to Provide alerts and reports appropriately. Investigate, Provide RCA and resolve Incidents. oOpen to travel as and when required for deployment at customer sites oBe a strong team player oAdvanced knowledge of windows/VMware administration. oAdvanced knowledge of Window Additional Information All your information will be kept confidential according to EEO guidelines.

Your opportunity As an Information Security Engineer, you play a critical role in designing and implementing security mechanisms to protect Vytalize data and information systems. Responsibilities involve assessing risks, designing information system security architecture. Performing regular control assessments to identify control deficiencies and coordinating security risk assessments across the ecosystem, audits or information security program certifications. Conducting third party information security risk assessments. Working as a team to respond and manage information security events. What You Will Do Incident Response Assist in the testing of the incident response plans to effectively address and mitigate security breaches or compliance violations. Assist in the testing of the business continuity plans and disaster recovery plan to effectively sustain business process and to effectively restore the operability of a system, application, or infrastructure to effectively restore the operability of a system, application, or infrastructure during and after a cyber incident disruption. Responding and resolving information security events and escalation. Security Architecture Design Evaluate and assess security technologies, tools, and solutions to determine their suitability and effectiveness in addressing the organization's security needs. Design cloud security strategies, and implement controls to protect data, applications, and infrastructure hosted in the cloud. In coordination with the information security team, design security architecture to protect an organization's entire IT infrastructure, including networks, systems, applications, and data that align with business objectives and compliance requirements. Risk Assessment and Audits Maintain and monitor the cyber security risk register with the risks, risk ratings, risk mitigation strategies and action plans. Assist with data gathering and coordination with the various teams for audits and risk assessments. Training and Awareness Monitor the training campaigns to demonstrate the effectiveness of the training program and improve phishing detection and response. Supplier Risk Conduct vendor risk assessments to identify and document potential supplier cyber security risks, threats, and vulnerabilities for management approval. Develop a process for third-party compliance requests monitoring and tracking and ensure timely completion Compliance Oversight Collaborate with internal and external audit teams, providing documentation and evidence as needed to demonstrate compliance and adherence to the information security policies. Develop and maintain a cyber security framework continuous assessment process to provide assurances that the controls in place are operating effectively. Vulnerability Management Monitor remediation of the vulnerability assessment findings, including penetration test, Collaboration and Communication Collaborating with cross-functional teams Communicate security risks, issues, and recommendations to senior management and stakeholders. What will make you successful here Work experience in the healthcare information security field. Previous Health Information Technology (HIT) experience implementing controls to meet federal security and privacy regulations. 3+ years of relevant work experience in IT security in a complex enterprise environment, preferred. Demonstrated knowledge of information technology processes, risks, infrastructure, and information security. Experience with incident response and vulnerability management. Knowledge of Health Insurance Portability and Accountability Act (HIPAA), Health Information Technology for Economic and Clinical Health (HITECH), and Payment Card Industry Data Security Standards (PCI DSS). Experience with information security assessments and audits. Strong written and verbal communication skills Effective collaboration with stakeholders across departments and affiliated organizations. Ability to analyze information system security design and recommended configuration. Detailed oriented. Preferred expertise in security assessment methodologies. Ability to work effectively in a complex enterprise environment. Perks/Benefits Competitive base compensation Annual bonus potential Health benefits effective on start date Health & Wellness Program; up to $300 per quarter for your overall well-being available on start date 401K plan effective on the first of the month after your start date; 100% of up to 4% of your annual salary Unlimited (or generous) paid "Vytal Time", and 5 paid sick days after your first 90 days Company paid STD/LTD Technology setup Ability to help build a market leader in value-based healthcare at a rapidly growing organization *Please note at no time during our screening, interview, or selection process do we ask for additional personal information (beyond your resume) or account/financial information. We will also never ask for you to purchase anything; nor will we ever interview you via text message. Any communication received from a Vytalize Health recruiter during your screening, interviewing, or selection process will come from an email ending in @ vytalizehealth.com *We fully embrace the power of AI and encourage innovative, responsible use of emerging technologies in our work. However, during the interview and assessment process, it's essential that we evaluate your individual skills, problem-solving ability, and technical mastery without external assistance. Candidates must complete all interviews and assessments independently. Use of AI tools, platforms, or automated assistance during interviews or assessments is not permitted. Unauthorized use will result in immediate disqualification from the hiring process and withdrawal of employment consideration. Our goal is to ensure a fair and accurate assessment of your true capabilities-the same creativity and critical thinking we value once you join our team.

SonSoft is an IT Staffing and consulting firm and duly organized under the laws of the Commonwealth of Georgia. We are growing at a steady pace specializing in the fields of Software Development, Software Consultancy and Information Technology Enabled Services. Job Description Hi, I have a following full time opportunity for you. Please let me know, if you are interested. Thanks! If interested then please send me your latest resume along with current & expected salary. Job Title : Security Engineer/Admin (with experience on Identity & Access Management, RSA SecurID Skills, Project and Talent Management etc.) Job Location : Weehawken, New Jersey (Weehawken is a township in Hudson County, in the state of New Jersey) Job Type : Full time (This position may require 80% travel) Interview Type : Telephonic with Skype Note: > Only US Citizen, Green Card Holder, H4-EAD, GC-EAD & L2-EAD can apply. > No H1B, OPT-EAD & TN candidates please Please share your resumes at ******************************** or connect me @ ************************************* Required: • At least 5 years of experience in Business Process Consulting, problem definition, Architecture/Design /Detailing of Processes. • At least 4 years of experience in Identity & Access Management, RSA SecurID Skills. • At least 3 years of experience in Development/ Configuration/solutions evaluation/ Validation and deployment. • Analytical and Communication skills. • Experience with Project and talent management. • Experience and desire to work in a management consulting environment that requires regular travel. • The job entails an extensive amount of travel. • The job also entails sitting as well as working at a computer for extended periods of time. • Should be able to communicate by telephone, email or face to face. Qualifications Qualifications Basic: • Bachelor's degree or foreign equivalent but should be from an accredited Institution/University. • Will also consider three years of progressive experience in the specialty in lieu of every year of education. • At least 8 years of experience with IT Security Management. Additional Information ** U.S. citizens and those who are authorized to work independently in the United States are encourage to apply. We are unable to sponsor at this time. Note:- 1) This is a Full Time & Permanent job opportunity. 2) Only US Citizen, Green Card Holder, GC-EAD, H4-EAD, L2-EAD can apply. 3) No OPT-EAD, H1B and TN candidates please. 4) Please mention your Immigration Status while applying . All your information will be kept confidential according to EEO guidelines.

Salary: $90,000-$130,000 + 5% Annual Bonus + Benefits Benefits: Medical, Dental, Vision, Life & Disability, 401K w/ 4% Match, PTO Job Type: Full-Time, 2-3 days on site in Stamford, CT Core Hours: Monday-Friday, 8:00am-5:00pm Start Date: ASAP Sponsorship: Not available Relocation Assistance: Not Available Travel: Up to 15% Domestic Strategic IT Analyst/Internal Consultant Description Our client in the manufacturing industry is seeking a Strategic IT Analyst to join their team in Stamford, CT, supporting the company's ongoing growth and digital transformation. This is an excellent opportunity for a candidate with a growth mindset and strong interest in technology who can bring curiosity, flexibility, and problem-solving skills to a wide variety of projects. Under the guidance of the Director of Business Applications, you will be supported as you take on initiatives such as streamlining and automating processes, evaluating technology tools to drive efficiency across the business, and interfacing with stakeholders to identify pain points and craft technology solutions. To succeed, you must be comfortable stepping into unstructured problems, asking thoughtful questions, considering dependencies and impacts, and proposing creative solutions. Prior IT or consulting experience is a plus, but openness, adaptability, and motivation are even more important. This is a great opportunity to play a key role in the digital transformation of a profitable and growth-focused organization. Strategic IT Analyst/Internal Consultant Responsibilities • Collaborate with business users to capture pain points and requirements • Document current and future-state business processes for digital transformation initiatives • Explore new technology tools and develop business cases for their implementation • Translate requirements into clear functional specs for software and data teams • Facilitate discussions to align business and technical stakeholders • Identify gaps and recommend process and system improvements • Support continuous improvement efforts for the corporate technology organization • Assist with user acceptance testing and validate business needs • Prepare training materials and support user onboarding Strategic IT Analyst/Internal Consultant Qualifications • Bachelor's degree is required • 1+ years of strategic problem-solving experience is required • Strong interest in technology and willingness to take on a broad range of projects is required • Solid skills in documentation and stakeholder communication are required • Ability to work on-site in Stamford, CT (2-3 days per week) and travel up to 15% is required

Duration: 6+ Months Experienced Firewall administrator for operational implementation, maintenance and configuration of firewalls. Key Responsibilities: Performs maintenance and changes in firewalls as required. Implementation of new firewalls as required Assists with troubleshooting network connectivity as it relates to firewalls Utilizes change management, request, and ticketing systems, documents status updates and problem resolutions Complete All assignments in a timely manner with an acceptable level of quality Maintains documentation related to work area Completes network change requests Follows documented processes, procedures and policies Performs customer service duties and responds to customer and project requests as defined by management Other related duties assigned as needed. Qualifications/Requirements: Bachelor's degree and with 3 to 4 years of operational experience administering Firewalls 4 or more years networking/firewall background Must have networking TCP/IP routing protocol experience Desired Characteristics: In-depth experience in security aspects of multiple platforms, operating systems, software, communications and network protocols is desired Competency in verbal, written, and presentation communications and interpersonal understanding Ability to understand customer's business needs. Leadership of work teams/groups Ability to work with all levels of employees Highly motivated and able to work effectively under minimal supervision in a fast-paced environment Team-oriented, placing priority on quality and the successful completion of team goals Organization and planning skills that include: time management, project coordination and management, and the ability to handle multiple deadlines and associated pressures. Competency in developing effective solutions to business problems Ability to analyze problems and to make decisions REQUIRED SKILLS YEARS OF EXPERIENCE WHEN THE SKILL WAS LAST USED Expert knowledge of Cisco Security products, ASA and Firepower Expert knowledge of NSX Expert knowledge of Palo Alto systems Security Certifications a Plus Must have networking TCP/IP routing protocol experience Networking/firewall background Operational experience administering Firewalls Additional Information All your information will be kept confidential according to EEO guidelines.

What you'll do • Design and implement comprehensive data security architectures, with particular focus on database platforms (primarily SQL Server) • Develop and maintain enterprise-wide encryption strategies for securing structured and unstructured data both in transit and at rest, both and both on-premise and in the cloud • Enhance logging, monitoring and SecOps capabilities of enterprise databases and other data stores • Configure and optimize Identity and Access Management (IAM) solutions across data platforms and repositories to align to least privilege principles • Implement Data Loss Prevention (DLP) strategies and controls • Implement and maintain Information Rights Management (IRM) and Digital Rights Management (DRM) solutions • Design and implement data tokenization strategies where appropriate • Secure data processing pipelines and ensure appropriate controls for data workflows • Create and maintain data security documentation, including policies, procedures, and standards • Collaborate with development teams to ensure security best practices in data handling • Conduct vulnerability assessments of the firm's database architecture and associated data storage and processing systems • Assist in monitoring and managing security patching and upgrade processes for database platforms What's required • Bachelor's degree in computer science, cybersecurity, or related technical field • 6+ years of experience in data/database security engineering and governance • Deep expertise in database security, particularly SQL Server • Comprehensive understanding of data warehouse/data lake architectures and tools, particularly Databricks (required) • Subject matter expertise in Object Storage (eg: S3, Azure Blob, etc) and related security • Understanding of Active Directory Delegation (constrained vs. unconstrained) and associated best practices • Experience with 3rd-party SQL Server security governance and monitoring products (eg: Idera, Solarwinds) • Extensive knowledge of encryption technologies for both structured and unstructured data • Broad knowledge of secure data/file sharing solutions and ETL workflows • Experience designing and implementing data tokenization solutions • Experience with data classification and DLP technologies • Scripting/automation capabilities (eg: SQL, PowerShell, Python) • Commitment to the highest ethical standards Qualifications Ivy league colleges education preferred or huge plus. Additional Information All your information will be kept confidential according to EEO guidelines.

**This is a hybrid role with 1-3 days in the office in Irvington, NY. We are seeking candidates who will not require sponsorship now or in the future** We are seeking a Security Engineer to join our team and protect the systems, networks, and data essential to our business. In this position, you will focus on securing our corporate IT infrastructure, maintaining regulatory compliance, and ensuring the safety of our e-commerce platforms. Dimensions and Contacts Internal Collaboration The Security Engineer collaborates extensively with various cross-functional teams within the organization. These include IT Operations, Network Engineering, Software Development, Cloud Infrastructure, and Governance, Risk, and Compliance (GRC). In this capacity, the Security Engineer offers technical security guidance, supports project teams during the solution design phase, and works directly with system owners to implement secure configurations and controls. Business Stakeholders This role involves frequent interaction with product managers, business analysts, and departmental leaders to fully understand business requirements. The Security Engineer assesses the potential security impacts of business initiatives and communicates related risks in clear and actionable terms, ensuring all stakeholders remain informed and engaged. Security and Incident Response The Security Engineer coordinates closely with the Cybersecurity team, Security Operations Center (SOC) analysts, and incident responders during threat investigations, vulnerability remediation, and security events. The individual may also serve as a technical escalation point for security-related issues, providing expertise and leadership during critical incidents. External Contacts Interaction with external parties is a key aspect of this role. The Security Engineer engages with vendors, managed service providers, penetration testers, and auditors to evaluate new technologies, validate security controls, and support both security assessments and compliance activities for the organization. Cross-Organizational Influence The Security Engineer plays an influential role across the enterprise by providing security training, raising awareness, and offering consultation to various teams. Additionally, the individual contributes to architectural decisions and participates in the development of security policies and standards. Summary of Responsibilities Ensure that Eileen Fisher, Inc. consistently upholds PCI compliance across both retail and e-commerce channels. Establish protection goals, objectives, and metrics in alignment with the corporate strategic plan and IT governance requirements. Lead the annual risk assessment and policy review processes. Work with 3rd-party providers and vendors to configure, monitor, and optimize Web Application Firewalls (WAFs) to protect e-commerce and customer-facing websites. Direct the development, implementation, and maintenance of IT security policies, standards, and procedures to support ongoing security efforts. Provide day-to-day management for operational security responsibilities, including network, email, endpoint, application systems security, and system access controls. Supervise incident response activities and investigations of security breaches, ensuring the appropriate dissemination of information related to such events. Oversee patch management and additional security operations functions, including sensitive data handling and certificate management. Review and analyze data from various security logging systems, scanners, and tools to identify potential threats and incidents. Collaborate with IT infrastructure and application teams to embed security best practices within development and deployment workflows. Maintain comprehensive security documentation, encompassing policies, standards, and procedures. Design, implement, and sustain security technologies, tools, and processes (e.g., IDS/IPS, honeypot, SIEM, endpoint protection) PERFORMS OTHER RELATED DUTIES AND ASSIGNMENTS AS REQUIRED. Required Experience Minimum of 3-5 years of experience with managing all aspects of PCI Compliance Experience with e-commerce security, including securing payment gateways, APIs, and customer data Knowledge of web application security (OWASP Top 10, WAF, bot mitigation) Experience configuring and managing honeypots, IDS/IPS, and endpoint protection Familiarity with cloud security (AWS IAM, Microsoft Defender, Azure Defender, GCP Security Command Center) Conducting penetration testing, vulnerability management, and remediation. Experience with identity and access management (IAM) and SSO/MFA integrations (Okta, Azure AD,) Strong understanding of encryption, TLS/SSL, PKI, and key management. Scripting/automation skills in Python, Bash, or PowerShell. Hands-on experience with SIEM solutions Experience with securing AWS and Linux environments, preferably in a regulated environment subject to HIPAA or PCI-DSS An automation-first mindset Preferred certifications include: o PCIP o Security+ or SSCP o Firewall/network o Cloud security certification Education: Bachelors degree or equivalent experience. The salary range for this position is $80,000 - 100,000/year depending on relevant experience. We offer a competitive total package, including health benefits, generous paid time off, wellness reimbursement, etc. EILEEN FISHER, Inc. is an equal-opportunity employer and is committed to providing a workplace free from harassment and discrimination. We are committed to recruiting, hiring, training and promoting qualified people of all backgrounds, and make all employment decisions without regard to any protected status.

About Hofstra Hofstra University is nationally ranked and recognized as Long Island's largest private university located in Hempstead, N.Y. When you work at Hofstra, you join a team of talented professionals committed to preparing students for the challenges of tomorrow, in an environment that cultivates learning through the free and open exchange of ideas for the betterment of humankind. The work we do at Hofstra supports the education and well-being of our students, and the workforce of the future. While working towards this mission, employees can take advantage of many enriching experiences on campus. Whether it's a lunchtime lecture, a Division I NCAA athletics game, a musical concert, a theatre performance, or a visit to one of our two accredited museums, there is always something exciting to do at Hofstra. Enjoy the ease of going to the fitness center, taking a swim, or grabbing a bite to eat without having to leave our beautiful campus! Hofstra University is dedicated to recruiting and retaining a highly qualified and diverse academic community of students, faculty, staff, and administrators respectful of the contributions and dignity of each of its members. We welcome applications from individuals of all backgrounds and experiences and are committed to building a diverse and inclusive community. Position Title Director of Information Security Position Number 896570 Position Category Administration School/Division ITS Information Security (division) Department ITS Information Security Full-Time or Part-Time Full-Time Description Reporting to the Chief Information Officer (CIO), the Director of Information Security is a member of the ITS senior leadership team and works closely with the campus community, including academic and administrative departments. The Director is an advocate for the University's information security needs and is responsible for the development and delivery of a comprehensive information security strategy to optimize the information security posture of the University. The Director leads the development and implementation of a security program that leverages collaborations and campus-wide resources, facilitates information security governance, advises senior leadership on security direction and resource investments, and designs appropriate policies to manage information security risk. The complexity of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a sophisticated ability to work with other leaders to set the best balance between security strategies and other priorities at the campus level. Information Security Program Leadership * Responsible for the strategic leadership of the University's information security program. * Provide guidance and counsel to the CIO and key members of the University's leadership team, working closely with senior administration, academic leaders, and the campus community in defining objectives for information security, while building relationships and goodwill. * Manage institutional information security governance processes. * Lead information security planning to establish an inclusive and comprehensive information security program for the entire institution in support of academic, research, and administrative information systems and technology. * Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services, and create maturity models and a roadmap for continual program improvements. * Stay current with information security issues and regulatory changes affecting higher education at the state, national, and global levels. Participate in policy and practice discussions and communicate to campus on a regular basis about those topics. Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position. * Provide leadership philosophy for the ITS Information Security team (currently two staff, in addition to the director), create and maintaining strong working relationships with other teams, build respect for the contributions of all and bring groups together to share information and resources and create better decisions, policies, and practices for the University. * Provide mentorship to Information Security team members and implement professional development plans for all members of the team. * Special projects and other duties as assigned. Policy, Compliance, and Audit * Participate in the development and implementation of effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation. * Lead efforts to internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the University's information and technology systems. * Work with Internal Audit, outside auditors, and other consultants as appropriate to complete security assessments and audits. * Coordinate and track all information technology and security related audits including scope of audits, units involved, timelines, participants, and outcomes. Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the institution in its best light. Provide guidance, evaluation, and advocacy on audit responses. * Work with University leadership and relevant responsible compliance department leadership to build cohesive security and compliance programs for the University to effectively address applicable statutory and regulatory requirements. Outreach, Education, and Training * Work closely with other ITS leaders, technical experts, and academic and administrative leaders across campus on a wide variety of security issues that require an in-depth understanding of the IT environment in their units, as well as the research landscape and regulations that pertain to their unit's research areas. * Create education and awareness programs and advise academic and administrative units at on security issues, best practices, and vulnerabilities. * Work with campus groups to build awareness and a sense of common purpose around information security. * Pursue student security initiatives to address unique needs in protecting identity theft, mobile social media security, and online reputation program. Risk Management and Incident Response * Keep abreast of security incidents and act as primary control point during significant information security incidents. Convene a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidences that arise. * Develop, implement, and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk. * Provide leadership, direction, and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies. * Examine impacts of new technologies on the University's overall information security. Establish processes to review implementation of new technologies to ensure security compliance. Qualifications * Bachelor's degree required. * Minimum five years of full-time professional experience in information technology, including evidence of successful and progressively responsible roles in information security or related area (including growth in levels of responsibility, complexity of work, numbers, and sophistication of employees) related to the essential responsibilities listed. * Demonstrated fluency in written and spoken English with the sophistication necessary to effectively communicate technical details to both technical and non-technical individuals. * Demonstrated willingness and ability to carry out the essential responsibilities listed with humility, grace, and optimism. * Demonstrated understanding of, sensitivity to, and respect for the academic, cultural, and social diversity in the Hofstra University community. Preferred Qualifications * Advanced degree in computer science, computer engineering, information security, or related field strongly preferred. * One or more relevant professional certifications (e.g., CISSP, CISM/A, etc.) strongly preferred. * Experience with state and federal information security regulatory requirements (GLBA, FERPA, HIPAA, etc.) and other compliance requirements (PCI, etc.). * Knowledge of and experience applying industry-standard IT security frameworks (NIST, IHECF, etc.). * Significant experience in computing and information security, network security issues, and security incident response and recovery in a higher education environment. * Significant experience in communicating information security principles and concepts to non-technical stakeholders, and success in improving cybersecurity awareness in a higher education environment. * Working knowledge of the information security policy and regulatory environment of information security, particularly in higher education. * Demonstrated experience and success in advising and collaborating with key stakeholders relevant to the essential responsibilities listed, including senior leadership, Internal Audit, outside auditors, and consultants. * Professional experience in a leadership role in a higher education institution. Special Instructions Deadline Open Until Filled Date Posted 09/18/2023 EEO Statement Hofstra University is an equal opportunity employer and is committed to extending equal opportunity in employment to all qualified individuals without regard to race, color, religion, sex, sexual orientation, gender identity or expression, age, national or ethnic origin, physical or mental disability, marital or veteran status or any other characteristic protected by law. Salary/Salary Range $160,000 - $170,000 Additional Information Hofstra University provides the above salary* as a good faith estimate of the starting pay range which considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience and education. In addition to the salary offered, we offer a collegial and inclusive culture, and a benefits program which includes generous paid time off, paid holidays, tuition remission for employees and eligible dependents, and a retirement plan with University contributions. * Salary ranges indicated for positions covered under a Collective Bargaining Agreement are in accordance with the CBA.

* Managed IT Desktop's asset inventory and portfolio, including purchase, deployment, utilization tracking, redeployment, maintenance coverage plans/agreements, retirement, disposal of software and hardware. * Provides day-to-day consultation, training, instruction and troubleshooting or problem-solving to technical staff and end users for hardware, software, and related computer systems. * Perform reconciliation with the Procurement team on Cost Center. * Research & update new hardware and/or vendor for IT Desktop * End user support for handheld and peripheral devices. * Create SNOW ticket to update or improve the current or new process with the automation. * Implement performance upgrades to PCs, including the installation of CPUs, I/O and NIC cards, ribbon cables, hard drives, RAM, CD-ROMs, etc. * Maintain IT inventory. * Document instances of desktop equipment or component failure, repair, installation, and removal. * Onsite branch/ department support. * Handle the ticketing system, phone and email support. * Support may be required in emergencies, either in-person or remotely, and sometimes after normal business hours. Job Qualifications/Requirements * Fundamental understanding of IT Asset Procurement & Tracking * Fundamental understanding of Inventory Management & Analysis * Basic knowledge of IT Desktop's Vendor Management * Compliance Tracking and management * Basic knowledge of Service Now & Visio * Required: Ability to troubleshoot PC problems & basic network issues. * Required: Intermediate Microsoft product knowledge (OS & Office suite). * Required: Strong customer service skill. * Required: Strong foundation of MS Windows OS which include AD and GPO * Required: Familiarity with various MS products which include MS O365 The salary range for this full-time position is $20.20 Hourly - $21.64 Hourly + bonus + benefits Salary ranges are determined based on qualifications, level, and location. Exact compensation may vary based on your skills and experience. Bank of Hope is an equal employment opportunity employer and does not discriminate on the basis of race, color, gender, religion, age, sexual orientation, genetic information, national or ethnic origin, disability, marital status, veteran status or any other basis protected by federal, state, or local law.

EROS Technologies was founded with a simple motive of offering the clients exactly what they want, how they want and when they want it. By leveraging for its clients its technological edge and right-sourcing advantage, EROS in a short period of time has grown to become one of the most trusted strategic technology partners. Treating every client as the top priority, we customize our solutions and services to align with the unique needs of each client. Job Description 5 to 7 years of experience in deployment & implementation of Privileged Identity Management using CyberArk solution for large scale customers across various industry verticals oPlay active role in the execution of the project and demonstrate strong technical leadership oHave a strong knowledge of the Cyber-Ark privileged Identity Management (PIM) suite CyberArk version 7, 8 and 9. oCapture detailed requirements for the Cyber-Ark solution based on input from platform owners, eco-system owners, the target architecture and high-level requirements. oDesign and Architecture of the overall CyberArk implementation. oPerforming compliance checks on CyberArk for IT security safes and to Provide alerts and reports appropriately. Investigate, Provide RCA and resolve Incidents. oOpen to travel as and when required for deployment at customer sites oBe a strong team player oAdvanced knowledge of windows/VMware administration. oAdvanced knowledge of Window Additional Information All your information will be kept confidential according to EEO guidelines.

SonSoft is an IT Staffing and consulting firm and duly organized under the laws of the Commonwealth of Georgia. We are growing at a steady pace specializing in the fields of Software Development, Software Consultancy and Information Technology Enabled Services. Job Description At least 5 years of experience in Business Process Consulting, problem definition, Architecture/Design /Detailing of Processes. At least 4 years of experience in Identity & Access Management, RSA SecureID Skills. At least 3 years of experience in Development/ Configuration/solutions evaluation/ Validation and deployment. Analytical and Communication skills project and talent management Experience with project management Experience and desire to work in a management consulting environment that requires regular travel Qualifications Bachelor's degree or foreign equivalent required from an accredited institution. Will also consider three years of progressive experience in the specialty in lieu of every year of education. At least 7 years of experience with IT Security Management. Additional Information ** U.S. Citizens and those who are authorized to work independently in the United States are encouraged to apply. We are unable to sponsor at this time. Note:- This is a Full-Time & Permanent job opportunity for you. Only US Citizen, Green Card Holder, GC-EAD, H4-EAD & L2-EAD can apply. No OPT-EAD, H1B & TN candidates please. Please mention your Visa Status in your email or resume.

Qualifications Bachelor's degree required. Minimum five years of full-time professional experience in information technology, including evidence of successful and progressively responsible roles in information security or related area (including growth in levels of responsibility, complexity of work, numbers, and sophistication of employees) related to the essential responsibilities listed. Demonstrated fluency in written and spoken English with the sophistication necessary to effectively communicate technical details to both technical and non-technical individuals. Demonstrated willingness and ability to carry out the essential responsibilities listed with humility, grace, and optimism. Demonstrated understanding of, sensitivity to, and respect for the academic, cultural, and social diversity in the Hofstra University community. Preferred Qualifications Advanced degree in computer science, computer engineering, information security, or related field strongly preferred. One or more relevant professional certifications (e.g., CISSP , CISM /A, etc.) strongly preferred. Experience with state and federal information security regulatory requirements ( GLBA , FERPA , HIPAA , etc.) and other compliance requirements ( PCI , etc.). Knowledge of and experience applying industry-standard IT security frameworks ( NIST , IHECF , etc.). Significant experience in computing and information security, network security issues, and security incident response and recovery in a higher education environment. Significant experience in communicating information security principles and concepts to non-technical stakeholders, and success in improving cybersecurity awareness in a higher education environment. Working knowledge of the information security policy and regulatory environment of information security, particularly in higher education. Demonstrated experience and success in advising and collaborating with key stakeholders relevant to the essential responsibilities listed, including senior leadership, Internal Audit, outside auditors, and consultants. Professional experience in a leadership role in a higher education institution.