Information security analyst jobs in Santa Cruz, CA

We are seeking a Cybersecurity Risk Analyst to support managing and mitigating security risks across processes, technologies, and cloud environments. The ideal candidate will combine technical expertise, business acumen, and cybersecurity experience to advise partners, assess risks, and drive improvements in secure operations. This role requires hands on experience with Kusto Query Language (KQL), cloud security, and risk assessment, as well as the ability to communicate effectively with stakeholders at all levels. Must be local to San Francisco or Los Angeles (LA) or Salt Lake City (SLC). Responsibilities: Support risk strategies by identifying and mitigating security risks in bank systems and processes. Apply and interpret security policies, provide guidance and input on policy enhancements. Advise business and technical partners on security controls, procedures, and best practices. Assess cloud and on-prem environments to identify risks and recommend control improvements. Conduct security control assessments, document findings, and develop actionable remediation plans. Evaluate third-party vendors to determine shared security responsibilities and associated risks. Communicate security risks and mitigation strategies effectively to technical teams and executives. Collaborate across teams to drive secure operations and deliver results in a fast-paced environment. Qualifications: Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related technical discipline (or equivalent experience). 3+ years of experience in cybersecurity, information security, or technology risk management. Proficiency in Kusto Query Language (KQL) for data analysis, log correlation, and threat detection. In-depth understanding of security frameworks such as NIST, ISO 27001, or FedRAMP. Demonstrated experience assessing and improving security posture across Cloud (Azure, AWS) and on-premises environments. Proven ability to conduct security control assessments, identify risk exposures, and develop actionable remediation plans. Skilled at translating technical security concepts into clear, business-relevant insights for stakeholders and executives. Excellent communication, collaboration, and interpersonal skills, with a focus on building trusted partnerships across technical and business teams. Strong organizational and analytical skills, with the ability to manage multiple initiatives in a fast-paced, results-driven environment.

About the Company Atomus' mission is to provide world class cybersecurity for the world's most critical organizations. We build security compliance software delivered as managed services sold directly, with relevant professional services and support. Examples of our commercial customers include hypersonic aircraft companies, satellite and space mission systems companies, AI and software companies, among many other companies serving primarily the aerospace and defense industry. At Atomus we are hardworking, we move fast, and we put our customers first. About the Role As a Cybersecurity Engineer will work closely with customers to help them implement and fully leverage Atomus' cybersecurity products, maintain compliance with NIST 800-171 and CMMC cybersecurity standards, and solve technical challenges. Our customers depend on Atomus to manage and secure their Windows, MacOS, Ubuntu, iOS, Android devices, and Firewalls while ensuring compliance. We aim to provide the best possible support when they have questions. Our team's main goal is to simplify our customers' lives, for compliance and security. You will serve as the voice of the customer by sharing their feedback and insights with our product team and reporting any issues to our software engineers. We take pride in delivering amazing experiences for our customers. Responsibilities Manage and guide new customers through the onboarding process, ensuring proper setup, configuration, and alignment with their security programs and establishing baseline compliance requirements of NIST 800-171 and CMMC while performing technical tasks/project management required for onboardings. Serve as the first point of contact for technical inquiries, providing debugging, troubleshooting, and solutions for technical IT/security issues related to the Atomus platform. Work closely with internal teams (sales, product, engineering) along with partners/vendors for customer requirements to communicate customer feedback and advocate for customer needs in product development and rolling out 3rd party products. Assist customers in managing and maintaining NIST 800-171 and CMMC compliance requirements, ensuring IT documentation is updated and maintained. Required Skills Experience in a customer-facing technical role, IT administrator, solutions engineer, Technical Customer Success, or TAM role preferably in cybersecurity or compliance. Strong experience with cybersecurity frameworks and technologies (e.g., NIST, CMMC, firewalls, routers, encryption tools). Intermediate networking knowledge of WAN and LAN connectivity, routers, firewalls, switches, security, etc. Experience with Microsoft Intune, Active Directory, Windows, MacOS and ABM, as well as mobile platforms like Android and iOS. Advanced understanding of Microsoft products (Exchange, SharePoint, Windows, Windows Server, Active Directory, etc.). Familiarity with command-line tools (e.g., PowerShell, Terminal) for troubleshooting and deployment. Strong troubleshooting skills, particularly related to network security, software issues, and IT environments. Excellent verbal and written communication skills; ability to explain complex topics to both technical and non-technical audiences. Applicants must have strong emotional intelligence to intuit and match customer sentiment for effective communication. Preferred Skills Prior experience with NIST 800-171, CMMC, or other compliance standards. Ability to manage multiple customer accounts and onboarding projects simultaneously. Familiarity with CRM platforms (HubSpot), and compliance documentation tools while managing SLAs which include customer satisfaction, initial response, and issue resolution times.

The Endpoint Security Architect will be responsible for designing, assessing, and enhancing the organization's endpoint security posture across laptops, desktops, mobile devices, servers, and VMs. This role ensures alignment of endpoint operations, policies, and enforcement mechanisms with industry standards (NIST), organizational security policies, and regulatory requirements. The ideal candidate has deep experience with EDR/XDR, AV, MDM/Intune, device compliance, endpoint hardening, and integration with SIEM/SOAR/AD environments. Key Responsibilities: 1. Endpoint Security Architecture & Design Review and enhance endpoint architecture, including AV, EDR solutions. Evaluate endpoint configuration, control enforcement, coverage, and security baselines. Assess integration of endpoint platforms with SIEM, SOAR, Active Directory, Intune/MDM, and CMDB. Review architectural components, telemetry flow, and sensor deployment methodology. Validate data exchange between endpoint security tools and central monitoring systems. 2. Policy & Governance Ensure endpoint security operations align with organizational security policies. Review and update endpoint security policies aligned with NIST standards. Validate roles & responsibilities across IT, SecOps, and endpoint management teams. Evaluate policy coverage including patching, EDR/AV, device onboarding, and compliance. 3. Endpoint Operations & Integration Assess GPOs, MDM/Intune policies, device configuration profiles, and enforcement controls. Review endpoint discovery & profiling mechanisms to identify unmanaged/rogue devices. Validate tagging, categorization, and asset mapping across EDR platforms and CMDB. Check integration with NAC, SIEM, AD, vulnerability management, and patching tools. 4. Risk Management, Patching & Compliance Review patch management and vulnerability remediation processes across endpoints. Verify endpoint compliance monitoring, dashboards, and alerting workflows. Assess patching SLAs, automation processes, and compliance reporting. Skills & Qualifications Technical Skills Strong expertise in EDR/XDR platforms (e.g., CrowdStrike, Defender for Endpoint, Trellix, SentinelOne). Hands-on experience with Intune/MDM, SCCM, JAMF, or similar device management tools. Solid understanding of SIEM/SOAR platforms and AD integration. Strong knowledge of NIST CSF, NIST 800-53/171, CIS benchmarks, and endpoint hardening. Familiarity with NAC, vulnerability management, and patching tools (Tenable, Qualys, BigFix, etc.). Experience designing endpoint security architectures for large enterprises.

At least 9 years of experience with Information Technology Domain experience in supply chain, order management, shipping, inventory management Understanding of Oracle PL/SQL, SQL, ERP (OM, Inventory, Shipping, Receiving), Java and various integration technologies and approaches, to be able to comprehend existing as well as design new solutions Sound data analysis skills Expertise in grasping the complexity of current state application design, analyze new requirements to design new solution options and develop functional specification & author technical user story for developers and QA team members Experienced in test case preparation/reviews, supporting QA exercise and issue resolutions Perform validations of the capabilities once developed to ensure compliance with the business requirements Perform demos to stakeholders Ability to work in teams within a diverse/multi-stakeholder environment Ability to interact effectively across cross-functional teams to iron out integration needs Experience and desire to work in a Global delivery environment Strong analytical abilities Good communication skills

About Company, Droisys is an innovation technology company focused on helping companies accelerate their digital initiatives from strategy and planning through execution. We leverage deep technical expertise, Agile methodologies, and data-driven intelligence to modernize systems of engagement and simplify human/tech interaction. Amazing things happen when we work in environments where everyone feels a true sense of belonging and when candidates have the requisite skills and opportunities to succeed. At Droisys, we invest in our talent and support career growth, and we are always on the lookout for amazing talent who can contribute to our growth by delivering top results for our clients. Join us to challenge yourself and accomplish work that matters. We're hiring Senior Backend Engineer - Cloud Security in Sunnyvale, CA What You Will Do Build containerized microservices and related components for a multi-tenant, distributed system that ingests and processes real-time cloud events, system telemetry, and network data across major cloud platforms. Your work will enable customers to detect risks and strengthen their cloud security posture. Mentor junior engineers, interns, and new graduates, helping them develop strong technical skills and become effective contributors. Write production-quality software primarily in Java using Spring Boot, and work extensively with Kafka, SQL, and other data interfaces. Work within a Kubernetes-based service infrastructure, while learning new technologies as needed. Take ownership of major features and subsystems through the entire development lifecycle-requirements, design, implementation, deployment, and customer adoption. Participate in operational responsibilities, gaining firsthand experience with real-world performance, reliability, and support scenarios-informing how you design and build better systems. Prioritize quality at every stage, performing thorough developer testing, functional validation, integration checks, and performance testing to ensure highly resilient systems. Collaborate closely with Product Management to review, refine, and finalize requirements. Develop a deep understanding of customer needs by engaging with peers, stakeholders, and real-world use cases. What You Bring Bachelor's degree in computer science or similar (Master's preferred). 5+ years of experience building scalable, distributed systems. Passion for software engineering, continuous learning, and working in a collaborative environment. Hands-on experience with AWS, Azure, or GCP, with strong familiarity at the API/programming level. Experience with networking and/or security concepts is a plus. Experience developing containerized services on Kubernetes is strongly desired. Strong programming experience in Java/Spring Boot or Golang. Experience building or using REST APIs. Knowledge of infrastructure-as-code tools such as CloudFormation, Terraform, or Ansible is a plus. Understanding of TCP/IP networking fundamentals. Experience developing in Unix/Linux environments. Droisys is an equal opportunity employer. We do not discriminate based on race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law. Droisys believes in diversity, inclusion, and belonging, and we are committed to fostering a diverse work environment

Security Architect / Implementation Engineer Duration: 6 Months contract with possibility of extension We are seeking a highly skilled Security Architect / Security Implementation Engineer with expertise in designing, implementing, and integrating Google Cloud Security Command Center (SCC), Chronicle SIEM, and Cybereason XDR. The candidate will be responsible for architecting the end-to-end solution, implementing GCP native security controls, integrating third-party security tools, and producing detailed design and operational documentation. Key Responsibilities: Design and architect cloud-native security controls in GCP aligned with security and compliance frameworks (CIS, ISO 27001, NIST, etc.). Implement Google Security Command Center (SCC) for threat detection, vulnerability management, and risk insights. Architect and configure Chronicle SIEM for log ingestion, correlation, and advanced threat analytics. Integrate Cybereason XDR with SCC, Chronicle, and other security tools to establish end-to-end threat detection and response workflows. Define use cases, rules, policies, and security playbooks to automate detection and response. Document the solution architecture, design decisions, configuration standards, and integration workflows. Conduct knowledge transfer sessions with security operations and support teams. Collaborate with GCP Cloud Platform teams, SOC teams, and compliance teams to align solutions with enterprise policies. Required Skills & Experience: 8-12 years of overall IT security experience with at least 4-5 years in Google Cloud Security. Proven experience with Google Security Command Center (SCC), Chronicle SIEM, and XDR platforms (Cybereason preferred). Strong knowledge of GCP IAM, VPC Service Controls, Cloud Armor, DLP, Cloud Logging, Cloud Monitoring. Hands-on experience in integrating SIEM, XDR, and native GCP security tools. Experience with Terraform, Deployment Manager, or automation frameworks for security deployment. Strong documentation and presentation skills. Security certifications preferred: Google Professional Cloud Security Engineer, GCP Professional Architect, CISSP, CISM, CCSP.

Team Intro The Access Assurance vertical within USDS Data Identity and Access Management (DIAM) Team is responsible for designing and maintaining an access management program with a mission to enforce the principle of least privilege. We strive to establish secure and compliant processes around provisioning, deprovisioning and governance of access to USDS data and infrastructure proactively identifying and reducing risks. Job Overview: As an Access Assurance Analyst, you will be part of the team responsible for Access Assurance within TikTok USDS. You will be responsible for supporting the team along with a team of cross-functional cyber, privacy, engineering, and data protection analysts to define, implement, manage, and measure controls to protect data in accordance with USDS policies and standards relevant to geographical regulations, contractual commitments, and confidentiality requirements. The Access Assurance Analyst will play a pivotal role in operationalization of access management programs in USDS. In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time. Responsibilities: * Design access management program that addresses data residency and fine-grained role-based access requirements and controls as necessitated by business need and regulations * Assist in the development and implementation of Access governance frameworks, policies, and procedures. * Build and review technical and functional requirements for in-house or external technologies to support access management and assurance needs, including applying appropriate security measures * Operationalize access management workflows to improve efficiency * Support periodic reviews of access to USDS data and systems * Drive remediation of non-compliant access in a timely fashion * Implement and enforce mechanisms to proactively monitor, respond and report on inappropriate data access events * Work with other information security teams to classify and categorize data based on sensitivity and compliance requirements * Support interactions with Risk and Compliance to understand control requirements and provide information to support findings for non-compliance with internal security policies * Responsible for designing and reporting key metrics and visualizations for weekly, monthly and bimonthly cadences across multiple audiences * Participate in security reviews to ensure compliance with access governance policies. * Foster a principle of least privilege for access management * Collaborate with key stakeholders to ensure alignment of access governance initiatives with organizational goals.Minimum Qualifications: * Bachelor's degree in a related field (e.g., Information Management, Computer Science, Business Analytics, Cyber Security) * 5+ years of experience in identity and access management or access governance & 5+ years of experience working with IAM tools and strong knowledge of Access management concepts (RBAC, PAM, Access Reviews, SOD, LCM, provisioning and deprovisioning of Access) * Experience in designing/deploying Access management solutions, Experience analyzing large data sets across multiple database types (e.g., MySQL, Hive, Redis etc) leveraging SQL etc., Experience with industry frameworks, standards and regulations (e.g. ISO, NIST) * Ability to write scripts, develop automations, configure tools, work with APIs and databases while being Proficient in at least one software programming language (Python,Java,Ruby etc) along with Familiarity with Cloud-based technology deployments * Demonstrate ability to quickly assimilate to new knowledge and remain current on new developments in cybersecurity capabilities and industry knowledge * Strong analytical and problem-solving skills with the Ability to communicate technical concepts to a broad range of technical and non-technical staff * Comfortable working in a fast-paced, dynamic environment Preferred Qualifications: * Strong understanding of technology environments and various databases * Experience working with technology partners to validate data-related problems * Experience working with Microservices architecture * Experience in automating access management workflows to reduce operational overhead * Experience with risk and controls frameworks including (ISO 27001, NIST CSF, NIST RMF, FAIR, COBIT, NIST RMF, ISO 31000 etc.)

The TV u0026 Sports Engineering team delivers the Apple TV+ streaming service, bringing customers Apple Original shows and movies, and live sports from MLS and MLB on Apple, Windows, Android, and third-party TV platforms. The team works on the Apple Sports app, the ultra-fast and easy-to-navigate app with real-time scores and stats for sports fans. This team is also responsible for ensuring the security of our Apple devices, users' identity, and content with FairPlay technologies. Our team is seeking a Software System Engineer to work on our software security technologies to develop and launch new products. You'll work on projects that touch all aspects of Apple products, and will demonstrate your strong software and interpersonal skills as you integrate new technology on multiple platforms and architectures. We are looking for someone who has a track record of software developement. You have a familiarity with various architectures (x86/ARM, mac OS/iOS, Android and others), and the ability to work with dynamic teams to produce reliable, robust code. Familiarity with security technologies (DRM, TrustZone, cryptography) is a huge plus. This is an outstanding opportunity to be involved in something new from the beginning. Show us your talent. It's meaningful, fun, and exciting. It's what makes us Apple. 5+ years of Experience with or passion for Systems security 5+ years of Experience with containerized server applications and their deployment Strong Software Engineering programming skills (C, C++) Experience with Embedded Systems Development Experience with or passion for Systems Security Experience with Android development Able to clearly communicate ideas and concerns Able to work effectively with different teams

Hello Heart is on a mission to change the way people care for their hearts. The company provides the first app and connected heart monitor to help people track and manage their heart health. With Hello Heart, users take steps to control their risk of heart attacks and stroke - the leading cause of death in the United States. Peer-reviewed studies have shown that high-risk users of Hello Heart have seen meaningful drops in blood pressure, cholesterol and even weight. Recognized as the digital leader in preventive heart health, Hello Heart is trusted by more than 130 leading Fortune 500 and government employers, national health plans, and labor organizations. Founded in 2013, Hello Heart has raised more than $138 million from top venture firms and is a best-in-class solution on the American Heart Association's Innovators' Network and CVS Health Point Solutions Management platform. Visit ****************** for more information. About the Role We are seeking a Cyber Security Analyst to strengthen our security operations and compliance posture. Reporting into our Information Security Officer, you will play a key role in protecting sensitive data, ensuring regulatory compliance, and supporting the secure adoption of new technologies such as AI. You will work cross-functionally with IT, Engineering, Compliance, and HR to build and maintain secure, resilient processes across the organization. Responsibilities Support secure access lifecycle processes, including provisioning, deprovisioning, role-based access, and MFA/SSO management Conduct periodic access reviews and ensure identity data quality Perform vulnerability scans across systems and applications, track remediation progress, and partner with teams to prioritize risk-based fixes Assist with security assessments of cloud systems and applications, aligning with HIPAA, HITECH, NIST, and HITRUST frameworks Support internal and external audit preparation and execution Enforce encryption, access controls, and data loss prevention strategies for sensitive data Conduct third-party vendor risk assessments and oversee remediation efforts Support secure adoption of AI tools by monitoring for risks such as data leakage and prompt injection, establishing governance guardrails, and delivering awareness training Participate in endpoint security monitoring, disaster recovery exercises, tabletop simulations, and awareness training initiatives Contribute to ongoing security operations, risk management efforts, and special security projects Qualifications 3+ years of experience in IAM, IAM operations, or security analyst roles (healthcare technology or other regulated environments preferred) Hands-on experience with identity platforms such as Okta, Azure AD, or Google IdP, plus SCIM, SAML/OIDC/OAuth, directory services, group policy, and conditional access Experience with vulnerability management platforms (Tenable, Qualys, Rapid7, AWS Inspect, Kandji) and patch orchestration workflows Working knowledge of HIPAA, HITECH, NIST CSF/800-66, and CIS Controls (familiarity with HITRUST CSF is a plus) Knowledge of cloud security basics (AWS, Azure, GCP), least-privilege IAM, and networking fundamentals (TCP/IP, DNS, HTTP, VPN, segmentation) Familiarity with endpoint security solutions (CrowdStrike Falcon, Cynet, SentinelOne) and DLP tools Familiarity with GenAI, keeping up to date with innovative security programs and artificial intelligence systems Proactive communication and documentation skills, with the ability to collaborate across technical and non-technical teams globally The US base salary range for this full-time position is $130,000.00 to $145,000.00. Salary ranges are determined by role and level. Compensation is determined by additional factors, including job-related skills, experience, and relevant education or training. Please note that the compensation details listed in US role postings reflect the salary only, and do not include equity or benefits. #LI-DNP Hello Heart has a positive, diverse, and supportive culture - we look for people who are collaborative, creative, and courageous. Oh, and if you want to see some recent evidence of the fun things we do at Hello Heart, check out our Instagram page.

• Analyzes information security practices to ensure alignment with industry standards and guidelines. • Identifies, investigates, and resolves security breaches detected by security solutions. • Contributes to the creation and maintenance of security policies, standards, guidelines, and procedures. • Leads and delivers staff training on information security and breach prevention. What You Will Do: • Staying current on information security trends, news and security standards, especially those related to the healthcare industry • Participating in the development of security standards and best practices for the organization • Participating in the evaluation, design and implementation of new information security solutions to protect the organization's computer networks from cyber attacks • Assessing the efficacy of existing security measures and processes to ensure that these measures and processes meet Health Insurance Portability and Accountability Act (HIPAA) and Federal Information System Controls Audit Manual (FISCAM) security standards and making recommendations for improvement • Recommending security enhancements to management and senior ITS staff • Analyzing software and systems requirements and providing objective advice on the level of security risks and remediation options • Monitoring computer networks for security issues in order to reduce the risk of security incidents • Leading investigation of security breaches and other cyber security incidents in collaboration with the Information Security Manager and the infrastructure team • Documenting security breaches and assessing the damage caused • Collaborating with the infrastructure team to ensure security measures and software to protect systems and information infrastructure, including firewalls and data encryption programs, are up to date • Conducting system vulnerability audits and assessments on a proactive basis and collaborating with the infrastructure team to perform tests and uncover network vulnerabilities • Managing efforts with vendors on annual security audit, including pen testing • Assisting with developing and documenting preventive measures to ensure system security • Staying informed of best practices and new developments in the field, analyzing applicability, making related recommendations, and developing written documentation of adopted practices • Documenting computer security procedures, and tests • Assisting with the development of policies, procedures, standards, and guidelines related to information security • Developing information, training materials and presentations to educate the organization about information security management, data security, and prevention of breaches • Assisting staff with the installation and utilization of new security products and procedures • Conferring with staff regarding issues such as computer data access needs, security violations, and programming changes • Monitoring systems and providing frequent training to staff regarding how to detect and avoid phishing attempts • Reviewing any violations of security procedures and providing remedial training to staff, as needed • Performs other duties as assigned You Will Be Successful If: • In-depth knowledge of HIPAA and FISCAM security guidelines. • Strong understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts. • Proficiency with operating systems, virtualization, and security systems. • High proficiency in Windows-based PC systems and Microsoft Office Suite. • Working knowledge of penetration testing, patch management, and security frameworks (NIST, ISO 27001, COBIT). • Familiarity with project management principles and customer service practices. • Awareness of emerging security technologies such as AI, IoT, and blockchain. • Strong analytical, problem-solving, and decision-making skills. • Clear and concise writing and communication skills, with ability to present technical content to non-technical audiences. • Experience creating training materials and leading staff training. • Ability to manage multiple priorities, meet deadlines, and adapt to shifting needs. • Leadership ability to facilitate meetings, resolve issues, and guide staff. • Strong collaboration skills and diplomacy across teams and levels of the organization. • Willingness to respond to after-hours information security incidents. What You Will Bring: • Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field. • 8 years of professional level information technology experience • 3 years of experience performing information security functions in a health care environment (a Master?s degree may substitute for two years of the required experience); or an equivalent combination of education and experience may be qualifying • Experience working in the health care industry • Certification as a Certified Information Systems Security Professional (CISSP) issued by the International Information System Security Certification Consortium (ISC2), Certified Information Security Manager (CISM) issued by the Information Systems Audit and Control Association (ISACA), and/or Certified Ethical Hacker (CEH) issued by the Council of E-commerce Consultants (EC-Council), or equivalent

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

Opportunity Type CLASSIFIED EMPLOYMENT OPPORTUNITY Position Title INFORMATION SECURITY ANALYST Posting Number S2549 Close/First Review Date 11/16/2025 Department ITSS (Information Technology Support Services) Work Location District Office Position Status Full Time Salary Range $141,330 - $172,437 Annual Salary (Range 150: Classified Salary Schedule Fiscal Year 2025-2026). Starting placement is generally at Step 1. Benefits Summary In addition to the salary, this position qualifies for the choice of one of the District's excellent Health Benefits and Welfare plans, which the premium cost is 100% paid by the District for the employee and their eligible dependents, and one health plan costing an estimated $60,000 for the District for fiscal year 2025-2026. We offer two medical plans (Anthem Blue Cross [PPO] and Kaiser Permanente (HMO]); dental (Delta Dental PPO); vision (VSP Choice); life insurance for the employee (The Hartford); life insurance for eligible dependents (The Hartford); a long term disability/income protection plan (The Hartford); and an employee assistance plan (Anthem EAP). In addition, the District contributes an additional 26.81% of the employee's salary towards an eligible employee's pension (CalPERS). Employees may also elect to participate in optional plans including purchasing additional life insurance for themselves and their eligible dependent(s); enroll in a medical, transportation, and/or dependent care Flexible Spending Account(s) (with the $4 monthly administrative fee paid by the District); and set pre-taxed dollars aside to supplement their pension in a 403b (tax shelter annuity) and/or a 457 (deferred compensation) plan(s). Classified employees also earn 10 to 22 days per year of vacation (based on years of service), and up to 12 sick leave days (pro-rated for less than full-time positions). There are currently 20 paid holidays. Position Description POSITION SUMMARY The Information Security Analyst reports to Executive Director of ITSS (Information Technology Support Services) at the District Office. The work schedule is 12 months per year; 40 hours per week; Monday - Friday; 8:00 a.m. - 5:00 p.m. This position is represented by CSEA (California School Employees Association), Chapter 363. POSITION PURPOSE Reporting to Executive Director, ITSS or an assigned administrator, the Information Security Analyst performs complex work related to the District's information security program including testing, analysis and evaluation of the integrity and confidentiality of enterprise systems, network, assets and communication technology throughout the District. The position monitors security systems and conducts periodic risk assessments to identify, troubleshoot, diagnose, resolve and report security problems and breaches; assists in coordinating and conducting investigations involving District technology resources, and assists with security awareness training. DISTINGUISHING CHARACTERISTICS This position focuses on threat and vulnerability management with exposure and support on all aspects of the cybersecurity practice. Incumbent in this position should have advanced knowledge on risk identification, protection and compliance, threat detection, incident response plan development and annual review, and recovery services to achieve business resilience. KEY DUTIES AND RESPONSIBILITIES 1. Analyze, evaluate and implement security applications, policies, standards and procedures intended to prevent the unauthorized use, disclosure, modification, loss or destruction of data; work with the campus community and other staff to ensure the integrity and security of the information technology infrastructure. 2. Lead the development, testing and implementation of information security products and control techniques in all locations throughout the District. 3. Work with campus and district technology teams to ensure the security of all applications and assets. 4. Monitor and review security systems and logs. Identify, troubleshoot, diagnose, resolve, document and report security problems and incidents; help coordinate and conduct investigations of suspected breaches; respond to emergency information security situations. 5. Collaborate with application programming team and other IT staff to ensure production applications meet established security policies and standards. 6. Assist with training and education on information security and privacy awareness topics for District administrators, faculty and staff; assist in the development of appropriate security-incident notification procedures for District management. 7. Work with vendors to conduct vulnerability assessments to identify existing or potential electronic data and assets compromises and their sources; participate in investigative matters with appropriate law enforcement agencies. 8. Perform audits and periodic inspections of District information systems to ensure security measures are functioning and effectively utilized and recommend appropriate remedial measures to eliminate or mitigate future system compromises. 9. Review, evaluate, and recommend software products related to IT systems security, such as virus scanning and repair, encryption, firewalls, internet filtering and monitoring, intrusion detection, etc. 10. Monitor and maintain the District's security event information system (SEIM) and data loss prevention software. 11. Manage security systems and policies including but not limited to servers, firewalls, email security, and Microsoft 365 environment. 12. Recommend and implement security policies, protocols, practices and lead in creation of security training and guidance to staff. 13. Assist in the secure management and maintenance of the District's network authentication systems for wired and wireless network access. 14. Review security practices and controls of third-party service providers that handle District sensitive data, and review security controls and features of third-party software systems. 15. Ensure that maintenance, configuration, repair and patching of systems occurs on a scheduled and timely basis utilizing best practices in change management and consistent with policies and procedures. 16. Keep current with latest emerging security issues and threats through list servers, blogs, newsletters, conferences, user groups, and networking and collaboration with peers in other institutions. 17. Perform other duties reasonably related to the job classification. EMPLOYMENT STANDARD Knowledge of: 1. Compliance and industry cybersecurity standards frameworks such as NIST 800 and ISO standards. 2. Emerging technologies and the possible impact on existing information systems, instructional processes and business operations. 3. Incident response best practices and software license compliance laws. 4. Troubleshooting tools for computing hardware, servers and network equipment including but not limited to switches, routers, and firewalls. 5. Enterprise resource planning systems, Microsoft 365 and Active Directory and Azure Active Directory. 6. Principles of program design, coding, testing and implementation. 7. Advanced knowledge of desktop and server operating systems including Windows and Linux. 8. Disaster recovery and backup including business continuity planning. 9. Principles of training, support, and services to end-users. 10. General research techniques and data driven analytics. 11. Modern office administrative practices and use of tools including computers, websites and other applications related to this job. Skills and Ability to: 1. Apply current NIST and ISO standards to current operations. 2. Respond to incidents and events in a timely manner. 3. Prepare clear and concise system documentation and reports. 4. Prioritize assigned tasks and projects. 5. Communicate complicated technical issues and the risks they pose to stakeholders and management. 6. Establish and maintain effective and cooperative working relationships with others. 7. Analyze situations accurately and adopt effective course of action. 8. Coordinate, develop, and implement projects. 9. Work with attention to detail and independently with minimum supervision. Required Qualifications EDUCATION AND EXPERIENCE 1. A Bachelor's degree from an accredited institution with major course work in computer information systems, computer science, business administration, or related field. 2. Two years of experience performing information security duties, which may include implementing, overseeing, and/or managing information security technologies, process, or programs, including identification, protection, detection, response, and recovery activities. Certification: 1. Professional security or privacy certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other similar credentials. District's Diversity * Demonstrated sensitivity, knowledge and understanding of the diverse academic, socioeconomic, gender identity, sexual orientation, cultural, disability, and ethnic background of groups historically underrepresented, and groups who may have experienced discrimination. * Success integrating diversity as appropriate into the major duties outlined in the job description and in the duties listed in the District's hiring policy; or demonstrated equivalent transferable skills to do so. Desired Qualifications 1. Bilingual abilities, desirable. Foreign Degree For positions that require a degree or coursework: Degree(s) must have been awarded by a college or university accredited by an accrediting body recognized by the U.S. Council on Post-Secondary Accreditation and/or the U.S. Department of Education. All degrees and credits earned outside of the United States must have a U.S. evaluation (course by course) of the transcripts and must be submitted with the application. Degrees earned outside of the U.S. without a U.S. credential evaluation attached, will not be considered. Working Environment Physical Demands: 1. Must sit for long periods of time, use hands and fingers to operate an electronic keyboard, reach with hands and arms, and speak clearly and distinctly to ask questions and provide information, hear and understand voices over telephone and in person. 2. The physical demands described here are representative of those that must be met by an individual to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. About San Jose/Evergreen Community College District The District is represented by dedicated and talented employees who are passionate about providing our student population with the best educational experience possible. The District recognizes that cultural diversity in the academic environment promotes academic excellence; fosters cultural, racial and human understanding; provides positive roles models for all students, and creates an inclusive and supportive educational and work environment for its employees, students, and the community it serves. As of Spring 2024, with enrollment of approximately 15,655 students per semester, and an extremely diverse student population (Hispanic/Latino 45.20%, Black/African-American 3.45%, Asian/Pacific Islander 31.70%, American Indian/Native American 0.36%, White/Caucasian 12.76%) attaining educational goals reflecting 56% - Transfer to a 4-Year College/ University, the District's emphasis on student success makes it a recognized educational leader in the State. The District encourages a diverse pool of applicants to serve as colleagues to an existing diverse classified staff consisting of 43.9% Latinx, 25.3% Asian/Pacific Islander, 4.2% Black/African American, 0.3% American Indian/Native American, 17.9% White/Caucasian, and as well as encouraging applications from all qualified, outstanding applicants. Important Information EQUAL OPPORTUNITY EMPLOYER STATEMENT: San José-Evergreen Community College District is an Equal Opportunity Employer committed to nondiscrimination on the basis of ethnic group identification, race, color, language, accent, immigration status, ancestry, national origin, age, gender, gender identity, religion, sexual orientation, transgender, marital status, veteran status, medical condition, and physical or mental disability consistent with applicable federal and state laws. CONTACT: Employment Services, Human Resources, SJECCD 40 S. Market Street, San Jose, CA 95113 Phone: ************** Email: ******************************* Employment Website: ****************************** District Website: ************** APPLICATION PROCEDURES: Interested applicants MUST SUBMIT ONLINE ALL of the following materials by the First Review Date/Closing Date as listed on the job announcement. Applications received after the First Review Date will only be forwarded to the hiring committee at their request. 1. A completed online San José-Evergreen Community College District APPLICATION. 2. A COVER LETTER (Stating how you feel you meet the qualifications as outline in the job announcement). 3. A current RESUME/CURRICULUM VITAE 4. TRANSCRIPT - (If Required) If a degree is listed as a requirement, transcripts (Not Diplomas) MUST INCLUDE confer or award date of stated degree. Unofficial transcripts will be accepted; however if the position is offered, official transcripts will be required prior to employment. If the transcripts or degrees are from outside of the United States, an official certification of equivalency to U.S. degrees by a certified U.S. credential review service (course by course of the transcripts) MUST also be submitted. (See below for a list of suggested services that provide foreign degree equivalency evaluation to U.S. degrees). Note: Some positions may require additional documents and/or certificates, in addition to the items listed above. Please refer to the job announcement. OTHER APPLICANT INFORMATION: 1. Only complete application materials will be considered. No exceptions. 2. Letters of Recommendation are NOT required and will not be forwarded to the hiring committee. 3. Upon hire the successful candidate must provide the required documents of identity and authorization to work and attest he/she is authorized to work in the United States. 4. Application materials become the property of the District and will not be returned or duplicated. 5. Travel expenses to attend the interview are the responsibility of the candidate. 6. Meeting the minimum qualifications does NOT assure an interview. 7. The District may re-advertise, delay, choose not to fill the position, or choose to fill more than one position. Suggested services that provide foreign degree equivalency evaluation to U.S. degrees: Academic Credentials Evaluation Institute, Inc. Website: *************************** Education Records Evaluation Services Website: ************ International Education Research Foundation Website: ******************** World Education Services Website: ***********

Amentum is seeking an Information System Security Officer (ISSO) for a contract at the National Aeronautics and Space Administration (NASA) Ames Research Center. The ISSO provides security Subject Matter Expertise (SME) supporting NASA information systems. Compensation & Benefits HIRING SALARY RANGE: $145,000 - $175,000 (Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant internal equity, and alignment with market data.) Amentum is a leading provider of engineering, scientific, and program management support services to some of the top agencies in the U.S. government, including the Defense Advanced Research Projects Agency (DARPA), NASA, the Department of Homeland Security, and the Intelligence Community. This is a full-time position based at Moffet Field in Mountain View, CA. Job Duties and Responsibilities: Provide technical guidance to address the adequacy and effectiveness of information security policies, procedures, and practices. Review cyber intelligence threats reports, including but not limited to SOC MARs, SARs, and DHS/CISA Emergency Directives, in order to identify threats to the information system, develop mitigations, and ensure vulnerabilities that require immediate attention are remediated. Assist the Information System Owner (ISO) and Information System Security Manager (ISSM) in ensuring that all components of the information system are appropriately updated and patched in accordance with Federal and NASA requirements. Evaluate cloud service providers' security posture and develop associated recommendations for restrictions, conditions and control responsibility parsing. Support the Assessment and Authorization (A&A) process through the development and updating of the following: System Security Plan, Contingency Plan, Disaster Recovery Plans, Risk Assessment Report, annual review package, work instructions, policies, and procedural guides affecting the overall IT and security posture of the environment within the NASA Risk Information Security Compliance System (RISCS) system. Develop and maintain detailed and accurate System Security Plans (SSP), including security documentation for component and interface specifications, to support appropriate cybersecurity and privacy throughout the information systems' life cycle Write Plan of Action and Milestones (POA&M's) and Risk Based Decisions (RBD's) for the SSP controls. Support the Government with identifying and prioritizing essential system functions or sub-systems required to support essential capabilities or business functions for restoration or recovery after a system failure or during a system recovery event based on overall system requirements for continuity and availability. Ensure contingency plans and system controls are reviewed and tested in accordance with agency requirements. Analyze system logs to identify potential issues. Perform routine audits of systems and applications. Ensure Privacy Threshold Assessments (PTA) and Privacy Impact Assessments (PIA) are conducted as required. Provide IT security support to communication systems as needed. Serve as a technical resource to other IT and security professionals. Required Qualifications: Must have an active Top Secret US Government Clearance, with the ability to obtain an SCI Clearance. Note: US Citizenship is required to obtain a Government Clearance. Batchelor's degree with a minimum of 5 years of professional experience in cybersecurity design and development activities. Ability to provide practical and creative solutions in a dynamic work environment, while working effectively with a team. Ability to handle multiple tasks and prioritize effectively in a rapidly evolving environment. Desired qualifications: An active SCI US Government Clearance, with the ability to obtain an SCI Clearance. Note: US Citizenship is required to obtain a SCI Clearance. Experience in NASA security or served as an ISSO in other Government agencies. Experience in NASA Assessment and Authorization (A&A) process. Experience in NASA Risk Information Security Compliance System (RISCS) tool. risk information security compliance system and assessment and authorization. Experience with cloud services. Experience with classified networks. Candidates should be self-starters capable of working both independently and as part of a team. Certification level to meet DoD 8140 IAT or DoD 8570 IAT Level II certification or higher. Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, sex, sexual orientation, pregnancy (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, ancestry, United States military or veteran status, color, religion, creed, marital or domestic partner status, medical condition, genetic information, national origin, citizenship status, low-income status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal laws and supplemental language at Labor Laws Posters.

**Be visionary** Teledyne Technologies Incorporated provides enabling technologies for industrial growth markets that require advanced technology and high reliability. These markets include aerospace and defense, factory automation, air and water quality environmental monitoring, electronics design and development, oceanographic research, deepwater oil and gas exploration and production, medical imaging and pharmaceutical research. We are looking for individuals who thrive on making an impact and want the excitement of being on a team that wins. **Job Description** **Make an impact where security meets innovation.** At Teledyne RF & Microwave, we design and deliver advanced technologies that power aerospace, defense, and communications worldwide. Our team thrives on precision, collaboration, and a commitment to protecting critical systems. If you're passionate about cybersecurity and want to work for a trusted leader in high-tech solutions, this role is for you. **What you'll do** + Maintain the security posture of classified systems in line with approved policies + Verify implementation of security controls and keep documentation current + Manage system accounts and ensure proper authorization procedures + Conduct regular system assessments and report findings to the ISSM + Monitor audit logs and analyze user activity for compliance + Respond to security incidents and oversee recovery processes + Notify ISSM of system changes that impact authorization + Support hardware maintenance, backups, and virus updates + Train employees on internal security policies and assist with spill containment + Participate in configuration control activities when designated **What you need** + Strong problem-solving and organizational skills (required) + Ability to analyze security data and enforce compliance (required) + Excellent communication and teamwork skills (required) + U.S. citizenship and eligibility for security clearance (required) + Bachelor's degree in Information Systems or Security+ certification (required) + Experience with classified systems and security audits (advantage) + Familiarity with DAAPM and ITPSO policies (advantage) + Hands-on technical competence with system administration (advantage) **What we offer** + Competitive pay and comprehensive health benefits + 401(k) with company match and retirement plans + Paid time off and flexible work arrangements + Professional development and training opportunities + Employee wellness programs and assistance resources + A collaborative environment working on mission-critical technology **What happens next** Apply online through Teledyne's careers page. If your qualifications align, our team will contact you for interviews and guide you through the clearance process. _Teledyne is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status._ **Salary Range:** $61,600.00-$82,100.000 **Pay Transparency** The anticipated salary range listed for this role is only an estimate. Actual compensation for successful candidates is carefully determined based on several factors including, but not limited to, location, education/training, work experience, key skills, and type of position. Teledyne and all of our employees are committed to conducting business with the highest ethical standards. We require all employees to comply with all applicable laws, regulations, rules and regulatory orders. Our reputation for honesty, integrity and high ethics is as important to us as our reputation for making innovative sensing solutions. Teledyne is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other characteristic or non-merit based factor made unlawful by federal, state, or local laws. You may not realize it, but Teledyne enables many of the products and services you use every day **.** Teledyne provides enabling technologies to sense, transmit and analyze information for industrial growth markets, including aerospace and defense, factory automation, air and water quality environmental monitoring, electronics design and development, oceanographic research, energy, medical imaging and pharmaceutical research.

Job Description About us: Lucence is a pioneering precision oncology company with a bold vision: a world where cancer is defeated through early detection and timely treatment. Our cutting-edge liquid biopsy tests use advanced molecular profiling to guide personalized cancer therapies, transforming how cancer is diagnosed and treated. At Lucence, we are shaping the future of precision medicine by capturing both genetic and cellular data from a single blood draw, bringing us closer to our mission of overcoming cancer. We are looking for an Information Security & Compliance Manager to lead Lucence's SOC 2 compliance programmes. You will own our internal controls, audits, and security governance frameworks, ensuring the company meets the standards required for global diagnostics operations. Key Responsibilities Compliance Ownership Own SOC 2 Type I/II, and build on HIPAA and cybersecurity certification roadmaps. Maintain documentation, evidence repositories, and ongoing readiness. Internal Controls & Policies Build, refine, and enforce security policies, risk registers, and access-control processes. Audit Management Partner with external auditors, coordinate internal contributors, drive remediation plans, and ensure timely closure of findings. Vendor & Data Protection Reviews Conduct security due diligence for vendors, manage DPAs, and ensure data-flow compliance for global partners. Security Governance Implement quarterly control testing, internal audits, DR/BCP drills, and continuous monitoring of compliance gaps. Cross-Functional Partnering Work closely with external vendors, Informatics, IT, Lab Ops, and Commercial teams to embed security into product and operational workflows. Preferred Qualifications Experience owning SOC 2 or ISO audit cycles end-to-end. Familiarity with cloud environments (AWS/Azure/GCP) and modern security tooling. Attention to detail to improve policies, controls, and audit documentation. Certifications: ISO Lead Auditor, CISA, CISSP, or equivalent.

Palo Alto, CA (on-site) About 1X We build humanoid robots that work alongside people to solve labor shortages and create abundance. The Role We are seeking a Product Security Engineer with expertise in operating system security to strengthen the foundation of our robotics platform. In this role, you will design and implement security features such as secure boot, trusted execution environments, and system service hardening. Your work will ensure that sensitive operations and data remain protected while enabling developers to follow security best practices. This position is critical to increasing the resilience and trustworthiness of our systems. You Will * Develop and maintain secure critical services for Linux systems * Implement secure boot chains using fused hardware keys with rollback protection * Integrate OP-TEE to safeguard sensitive assets including mTLS certificates and disk encryption keys * Harden system services using least-privilege operations, systemd features, namespacing, and syscall filtering * Build hardening templates and automation tools to streamline security enforcement for developers * Automate security validation processes within CI/CD pipelines * Design and enforce device access controls for Linux systems * Contribute and ship C/C++ code (or similar) to production environments

LinkedIn is the world's largest professional network, built to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day. We're also committed to providing transformational opportunities for our own employees by investing in their growth. We aspire to create a culture that's built on trust, care, inclusion, and fun - where everyone can succeed. Join us to transform the way the world works. Job Description At LinkedIn, our approach to flexible work is centered on trust and optimized for culture, connection, clarity, and the evolving needs of our business. This role may be remote or hybrid. At LinkedIn, hybrid roles are performed both from home and from a LinkedIn office on select days, as determined by the business needs of the team. Remote roles are performed from the designated home work location upon time of hire, and any changes to this home work location requires a review of remote status and approval. LinkedIn's members entrust us with their information every day and we take their security seriously. Our core value of putting our members first powers all the decisions we make, including how we manage and protect the data of our members and customers. We never stop working to ensure LinkedIn is secure. We follow industry standards and have developed our own best practices to stay ahead of the increasing number of threats facing all Internet services and infrastructure. LinkedIn is looking for an experienced Engineering Manager to lead the Detection Engineering team in the US and to be an integral part of our Information Security organization. The Detection Engineering team is responsible for developing and maintaining threat detection capabilities, security monitoring systems, and detection rules to protect our infrastructure, applications, and, most importantly, our members. This is a key role in supporting and growing our security detection and monitoring capabilities. Responsibilities: Leadership and Team Management * Lead and manage the detection engineering team, including hiring, training, and mentoring team members. * Develop and maintain detection engineering policies, procedures, infrastructure, and guidelines. * Coordinate and oversee all activities of the detection engineering team during threat detection development and implementation. Detection Development and Management * Serve as the primary point of contact for all threat detection development and enhancement initiatives. * Ensure timely development, testing, and deployment of detection rules and monitoring capabilities. * Conduct post-deployment analysis and create detailed reports on detection effectiveness with KPIs, including tuning recommendations and optimization strategies. Communication and Coordination * Communicate detection development status, updates, metrics and reporting, and capabilities to senior management, stakeholders, and security teams regularly. * Coordinate with internal and external teams, including security operations, defense infrastructure, incident response, and product engineering teams to develop and maintain effective detection capabilities. * Develop and maintain an effective detection engineering communication plan. Continuous Improvement * Continuously evaluate and improve detection engineering processes, tools, and capabilities. * Conduct and report on regular detection testing and validation exercises to test and refine detection rules and monitoring systems. * Stay current with emerging threats, attack techniques, and detection technologies to enhance the detection engineering program. Reporting and Documentation * Maintain comprehensive documentation of all detection rules, including development rationale, testing results, and performance metrics. * Prepare and present detection engineering reports and metrics to senior leadership and stakeholders. * Ensure compliance with regulatory requirements and industry standards related to threat detection and monitoring. Training and Awareness * Develop and deliver detection engineering training programs for team members and other relevant personnel. * Promote security detection awareness and best practices across the organization. * Ensure the detection engineering team is up-to-date with the latest tools, techniques, and procedures. Budget and Resource Management * Manage the detection engineering budget and allocate resources effectively. * Evaluate and recommend tools, technologies, and services to enhance the detection engineering program. * Ensure the team has the necessary resources and support to perform their duties effectively. Qualifications Basic Qualifications: * Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related technical discipline, or equivalent practical experience. * 1+ year(s) of management experience or 1+ year(s) of staff level engineering experience with management training. * 7+ years of experience in cybersecurity, with a focus on detection engineering, security monitoring, threat intelligence, incident response, or related security roles. * Experience leading or managing a cybersecurity, incident response, or detection engineering team. * Experience in cybersecurity frameworks and standards (e.g., NIST, MITRE ATT&CK, OCSF). * Experience in detection engineering tools and technologies (e.g., Query Languages, CI/CD, YARA, Sigma rules, threat intelligence platforms). * Experience with threat analysis, detection rule development, automation engineering, and security monitoring optimization. * Project management experience with managing budgets and resources. Preferred Qualifications: * Master's degree in Cybersecurity, Information Assurance, or a related field. * 10+ years of experience in cybersecurity, with significant experience in detection engineering, threat intelligence, or incident response. * 3+ years of management experience in building small to medium-sized teams, demonstrating growth and a track record of successful deliveries. * Ability to work under pressure and manage multiple detection development projects simultaneously as well as managing an oncall team. * Relevant certifications (e.g., CISSP, CISM, GCIH, GCFA, SANS). * Experience in developing and delivering detection engineering training and awareness programs. * Strong proficiency in Kusto Query Language (KQL) and SQL. * Proficiency in programming or scripting languages (e.g., Python, Go, etc.) for automating detection development and testing processes. * Experience with cloud security and detection engineering in cloud environments especially Azure. * Knowledge of advanced threat detection techniques, including threat hunting and behavioral analysis as well as applied threat intelligence. * Familiarity with detection engineering frameworks and best practices (e.g., Sigma, YARA, STIX/TAXII, OCSF). * Strong communication skills, both written and verbal, with the ability to convey complex technical information to non-technical stakeholders. Suggested Skills : * Security Information and Event Management (SIEM) * Query languages (KQL, SPL, SQL, Elastic, etc.) * Detection Rule Development (YARA, Sigma) * Scripting and Automation (e.g., Python, PowerShell, SQL) * Threat Intelligence Integration * Cloud Security (e.g., Azure, GCP) You will Benefit from our Culture We strongly believe in the well-being of our employees and their families. That is why we offer generous health and wellness programs and time away for employees of all levels. LinkedIn is committed to fair and equitable compensation practices. The pay range for this role is $152,000 - $248,000. Actual compensation packages are based on a wide array of factors unique to each candidate, including but not limited to skill set, years & depth of experience, certifications and specific office location. This may differ in other locations due to cost of labor considerations. The total compensation package for this position may also include annual performance bonus, stock, benefits and/or other applicable incentive compensation plans. For additional information, visit: ************************************** Additional Information Equal Opportunity Statement We seek candidates with a wide range of perspectives and backgrounds and we are proud to be an equal opportunity employer. LinkedIn considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. LinkedIn is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful. If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at accommodations@linkedin.com and describe the specific accommodation requested for a disability-related limitation. Reasonable accommodations are modifications or adjustments to the application or hiring process that would enable you to fully participate in that process. Examples of reasonable accommodations include but are not limited to: * Documents in alternate formats or read aloud to you * Having interviews in an accessible location * Being accompanied by a service dog * Having a sign language interpreter present for the interview A request for an accommodation will be responded to within three business days. However, non-disability related requests, such as following up on an application, will not receive a response. LinkedIn will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by LinkedIn, or (c) consistent with LinkedIn's legal duty to furnish information. San Francisco Fair Chance Ordinance Pursuant to the San Francisco Fair Chance Ordinance, LinkedIn will consider for employment qualified applicants with arrest and conviction records. Pay Transparency Policy Statement As a federal contractor, LinkedIn follows the Pay Transparency and non-discrimination provisions described at this link: ******************************** Global Data Privacy Notice for Job Candidates Please follow this link to access the document that provides transparency around the way in which LinkedIn handles personal data of employees and job applicants: ********************************************

We are seeking a Cybersecurity Risk Analyst to support managing and mitigating security risks across processes, technologies, and cloud environments. The ideal candidate will combine technical expertise, business acumen, and cybersecurity experience to advise partners, assess risks, and drive improvements in secure operations. This role requires hands on experience with Kusto Query Language (KQL), cloud security, and risk assessment, as well as the ability to communicate effectively with stakeholders at all levels. Must be local to San Francisco or Los Angeles (LA) or Salt Lake City (SLC). Responsibilities: Support risk strategies by identifying and mitigating security risks in bank systems and processes. Apply and interpret security policies, provide guidance and input on policy enhancements. Advise business and technical partners on security controls, procedures, and best practices. Assess cloud and on-prem environments to identify risks and recommend control improvements. Conduct security control assessments, document findings, and develop actionable remediation plans. Evaluate third-party vendors to determine shared security responsibilities and associated risks. Communicate security risks and mitigation strategies effectively to technical teams and executives. Collaborate across teams to drive secure operations and deliver results in a fast-paced environment. Qualifications: Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related technical discipline (or equivalent experience). 3+ years of experience in cybersecurity, information security, or technology risk management. Proficiency in Kusto Query Language (KQL) for data analysis, log correlation, and threat detection. In-depth understanding of security frameworks such as NIST, ISO 27001, or FedRAMP. Demonstrated experience assessing and improving security posture across Cloud (Azure, AWS) and on-premises environments. Proven ability to conduct security control assessments, identify risk exposures, and develop actionable remediation plans. Skilled at translating technical security concepts into clear, business-relevant insights for stakeholders and executives. Excellent communication, collaboration, and interpersonal skills, with a focus on building trusted partnerships across technical and business teams. Strong organizational and analytical skills, with the ability to manage multiple initiatives in a fast-paced, results-driven environment.

About the Company Atomus' mission is to provide world class cybersecurity for the world's most critical organizations. We build security compliance software delivered as managed services sold directly, with relevant professional services and support. Examples of our commercial customers include hypersonic aircraft companies, satellite and space mission systems companies, AI and software companies, among many other companies serving primarily the aerospace and defense industry. At Atomus we are hardworking, we move fast, and we put our customers first. About the Role As a Cybersecurity Engineer will work closely with customers to help them implement and fully leverage Atomus' cybersecurity products, maintain compliance with NIST 800-171 and CMMC cybersecurity standards, and solve technical challenges. Our customers depend on Atomus to manage and secure their Windows, MacOS, Ubuntu, iOS, Android devices, and Firewalls while ensuring compliance. We aim to provide the best possible support when they have questions. Our team's main goal is to simplify our customers' lives, for compliance and security. You will serve as the voice of the customer by sharing their feedback and insights with our product team and reporting any issues to our software engineers. We take pride in delivering amazing experiences for our customers. Responsibilities Manage and guide new customers through the onboarding process, ensuring proper setup, configuration, and alignment with their security programs and establishing baseline compliance requirements of NIST 800-171 and CMMC while performing technical tasks/project management required for onboardings. Serve as the first point of contact for technical inquiries, providing debugging, troubleshooting, and solutions for technical IT/security issues related to the Atomus platform. Work closely with internal teams (sales, product, engineering) along with partners/vendors for customer requirements to communicate customer feedback and advocate for customer needs in product development and rolling out 3rd party products. Assist customers in managing and maintaining NIST 800-171 and CMMC compliance requirements, ensuring IT documentation is updated and maintained. Required Skills Experience in a customer-facing technical role, IT administrator, solutions engineer, Technical Customer Success, or TAM role preferably in cybersecurity or compliance. Strong experience with cybersecurity frameworks and technologies (e.g., NIST, CMMC, firewalls, routers, encryption tools). Intermediate networking knowledge of WAN and LAN connectivity, routers, firewalls, switches, security, etc. Experience with Microsoft Intune, Active Directory, Windows, MacOS and ABM, as well as mobile platforms like Android and iOS. Advanced understanding of Microsoft products (Exchange, SharePoint, Windows, Windows Server, Active Directory, etc.). Familiarity with command-line tools (e.g., PowerShell, Terminal) for troubleshooting and deployment. Strong troubleshooting skills, particularly related to network security, software issues, and IT environments. Excellent verbal and written communication skills; ability to explain complex topics to both technical and non-technical audiences. Applicants must have strong emotional intelligence to intuit and match customer sentiment for effective communication. Preferred Skills Prior experience with NIST 800-171, CMMC, or other compliance standards. Ability to manage multiple customer accounts and onboarding projects simultaneously. Familiarity with CRM platforms (HubSpot), and compliance documentation tools while managing SLAs which include customer satisfaction, initial response, and issue resolution times.