Information Security Analyst jobs in Union, NY

Do you have a passion for protecting digital landscapes and leading cybersecurity strategy? Join AFS as our Information Security Manager and take the helm in defending critical systems and data at our Exton, PA headquarters. This position follows a hybrid schedule, with in-office work required on our core days-Tuesday and Wednesday. You may choose your third in-office day, while the remaining two days will be remote. Position Overview As the Information Security Manager, you will play a pivotal role in safeguarding our company's information systems and ensuring the integrity, confidentiality, and availability of our data. You will lead the Information Security team, oversee the development and implementation of our security process, procedures and policies and ensure compliance with industry standards and regulations. Essential Functions Lead, mentor, and develop the security team, setting clear goals and performance standards. Foster a culture of continuous improvement and innovation within the team. Develop and implement comprehensive security policies and procedures. Stay abreast of the latest security trends and threats, adjusting policies and procedures as necessary. Oversee the monitoring and analysis of the company's network and systems for security breaches or intrusions. Conduct regular security assessments and audits to identify vulnerabilities. Lead security incident response activities, including investigation and mitigation of security threats. Ensure compliance with relevant laws, regulations (such as GDPR), and industry standards (like ISO 27001, NIST). Develop and maintain risk management and incident response plans. Collaborate with other departments to integrate security with business processes. Communicate security risks and strategies effectively to stakeholders, including senior management. Manage the security budget, ensuring efficient allocation of resources. Evaluate and recommend new security technologies and enhancements. Develop and deliver security training and awareness programs to employees. Promote a company-wide culture of security awareness. Qualifications Education: Bachelor's or Master's degree in Computer Science or related field. Experience: 7+ years of experience in information technology with a focus on information security. Relevant professional certifications (e.g., CISSP, CISM, CISA). CISM required. Strong knowledge of security procedures, policies, architectures, networks, systems, and application security. Excellent leadership, communication, and decision-making skills. Ability to handle high-stress situations and make critical decisions under pressure. Strong knowledge of security procedures, policies, architectures, networks, systems, and application security. Azure Cloud experience preferred. Travel 0-20% Employment Type AFS utilizes a hybrid work environment with 3 days a week in office. Candidates should be able to commute to Exton, PA. Please Note: AFS is not offering visa sponsorship or relocation for this position at this time. Ready to make an impact in financial technology? Apply today and be part of the AFS team! - About AFS Automated Financial Systems, Inc. (AFS) is the industry leader in providing commercial lending solutions to the top banking institutions. And we are not just another software company; we're a trusted partner for innovation and execution, and we're always looking for the best talent in technology and finance to join our team. Here's a little bit about who we are. We've been industry leaders for more than 50 years. Since our founding in 1970, AFS has consistently led the way in commercial lending solutions. Our singular focus on transforming commercial lending has translated into enabling growth and delivering an unparalleled customer experience for our clients. We operate at the forefront of technology. Our modern, digital commercial lending platform-AFSVision -is the industry's only fully integrated solution designed to process multiple types of loans on a single, real-time, multibank, multilingual, multicurrency system. Our values and mission. Our mission is to provide software and service solutions to transform commercial lending for our clients. This mission is backed by our commitment to the professional development of our employees, furthering DEI and ESG principles, and supporting the communities in which we operate. Our team is comprised of the best talent and expertise. We pride ourselves on recruiting, employing, and retaining the industry's finest financial services and technology experts. Our team collaborates to deliver on promises, minimize risks, and achieve excellence. AFS is headquartered in Exton, PA, with employees across the U.S and globally.

Airswift is seeking a contractor IT Applications Analyst for a long-term (2 year+) contract with one of the leading chemical manufacturing companies in the USA. Candidates for this opportunity are welcomed from the Allentown, PA area or Louisiana (remote). SUMMARY The IT Applications Analyst position is responsible for operational system support within SAP Payroll and Time Management modules. The individual will be responsible to drive sustainable, operational excellence in the delivery of new requirements and existing services. RESPONSIBILITIES: • Providing technical direction in the analysis, design, configuration, testing, deployment, maintenance for bug fixes and enhancements related to SAP Payroll and Time Management configuration, rules and schemas, Tax Reporter, BSI Tax, posting to Finance, and related interfaces • Creating test strategies and ensuring all functionality is tested prior to production deployment • Actively participating in design discussions and program functional reviews • Working with vendors to perform updates for third-party applications. Ex: Tax Factory • Delivering and maintaining existing services, resolving incidents and problem management, and meeting SLAs as well as providing rotational on call coverage • Managing SAP background job schedule modifications and additions and working with the IT Batch Management Team and Automic scheduler MINIMUM REQUIREMENTS AND QUALIFICATIONS • Bachelor's degree in technical discipline such as computer science • Excellent understanding of Payroll and Time Processing Methodology • 10+ years' experience of configuration in SAP Payroll, Time Management, rules, and schemas, Tax Reporter, BSI Tax, and posting to Finance • Ability to resolve complex business requirements and incidents. • Strong written and verbal communication skills

Leidos is seeking a Security Engineer to support the execution of strategic, operational, and organizational PPSM objectives. This position can be based out of any of our three locations - Alexandria, VA, Fort Meade, MD, or Chambersburg, PA. The position is primarily on-site, but partial telework may be available at the discretion of our customer and program management. Responsibilities: Ensure compliance with DoD-approved standards, architectures, and guidelines (e.g., DISN) and conduct quality assurance of all VA, IA security engineering analysis, QA, systems and application security implementation strategies and measures for cybersecurity and RMF Analyze current and emerging net-centric requirements and track the PPSM portfolio’s readiness to meet these requirements Identify and implement automation opportunities across PPSM processes Manage the PPSM Registry Database User Accounts, PPSM Registry database system data entry, and data export to unique data formats to externals database administrators. Respond to inquiries and registration requests for ports, protocols, and services Provide timely, regular performance metrics to the Government and support a variety of presentations, briefings and reports Develop technical papers on PPSM and cybersecurity-related topics Support communication of deliverables with PPSM leadership and stakeholders (e.g., RE41) Requirements: Bachelor's degree (IT-related field preferred) and five (5) years of experience in cybersecurity or network security position. Additional relevant experience may be considered in lieu of degree. Active DoD Top Secret clearance with SCI eligibility required DoD 8570 IAM II or IAT II certification Proficiency in PPSM Registry management, eMASS, and DISA DMZ Whitelist processes Demonstrable experience with network security, ports/protocols, firewalls, and boundary protection Experience in vulnerability management and assessment Understanding of network architectures, LAN/WAN, TCP/IP, routing, and switching Strong understanding of NIST 800-53, 8551.01, DISA security policies, and compliance monitoring Excellent written and verbal communication for technical documentation and stakeholder engagement Original Posting:July 8, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range:Pay Range $67,600.00 - $122,200.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Get to know Okta Okta is The World's Identity Company. We free everyone to safely use any technology, anywhere, on any device or app. Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secure access, authentication, and automation, placing identity at the core of business security and growth. At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we're looking for lifelong learners and people who can make us better with their unique experiences. Join our team! We're building a world where Identity belongs to you. Role Summary: We seek an experienced and detail-oriented Staff Data Security Analyst to contribute to our strategic Data Classification and Governance Program. In this role, you will be instrumental in the operational execution of our data governance strategy. You will work hands-on with data discovery and classification tools, apply data protection policies, and collaborate extensively with cross-functional teams, including Business Technology (BT), Legal, Data & Insights (D&I), and other Security teams. Your focus will be on implementing and maintaining the data classification framework, supporting the rollout of technical controls, and ensuring that our data handling practices align with our security and compliance objectives. Key Responsibilities: * Data Classification & Labeling: * Actively participate in data discovery initiatives to identify and inventory sensitive data (PII, SPI, financial, IP, AI training data) across key enterprise systems (e.g., Google Workspace, Salesforce, Workday, NetSuite, Snowflake). * Assist in executing pilot programs for data classification on high-priority systems and contribute to refining classification processes. * Policy Operationalization & Control Support: * Assist data Stewards and system owners in implementing the data classification policy and data handling standards to support their operationalization. * Collaborate with BT and Security engineering teams to test and validate the implementation of technical controls (e.g., DLP rules, CASB configurations) based on data classification. * Help define and test controls related to sensitive data input into enabled AI tools. * Tooling & Process Support: * Become proficient in using selected data discovery, classification, and governance tools (potential tools include Varonis, native Google/Snowflake capabilities). * Assist with the configuration, including helping to set up scans and reviewing results. * Contribute to developing and maintaining documentation for classification procedures and tool usage. * Collaboration & Stakeholder Engagement: * Work closely with Data Stewards (from D&I and business units) to understand data context, validate classification results, and ensure alignment with business needs. * Partner with BT application owners to facilitate classification efforts and implement necessary data handling changes. * Support Security GRC by providing data and insights for risk assessments and compliance reporting related to data classification. * Monitoring, Reporting & Continuous Improvement: * Assist in establishing and tracking key metrics for data classification coverage, accuracy, and the effectiveness of associated controls. * Contribute to developing dashboards and reports for program stakeholders and the Data Governance Council. Required Qualifications & Skills: * Bachelor's degree in Information Security, Computer Science, Information Systems, or a related field, or equivalent practical experience. * 10+ years of experience in data security, governance, IT risk management, or a similar analytical role focusing on data protection. * Strong, demonstrable understanding of data classification principles, methodologies, data lifecycle management, and data handling best practices. * Hands-on experience with data discovery and/or data classification tools and technologies. * Solid understanding of data protection concepts and technologies (e.g., DLP, data masking, tokenization, encryption, IAM). * Knowledge of key data privacy regulations (e.g., CCPA, GDPR) and their impact on data handling. * Excellent analytical, problem-solving, and critical-thinking skills with meticulous attention to detail. * Proven ability to work effectively in a cross-functional team environment and manage multiple tasks. * Strong written and verbal communication skills, with the ability to articulate technical concepts to varied audiences. Preferred Qualifications: * Experience with specific data governance or classification platforms (e.g., Varonis, OneTrust, Google Cloud DLP, Snowflake Data Classification). * Experience implementing or operating data security controls in SaaS environments (e.g., Salesforce, Workday, Google Workspace, M365) and cloud platforms (AWS, Azure, GCP). * Familiarity with security considerations for AI/ML systems and data inputs, including knowledge of AI-native solutions for data labeling and classification. * Hands-on experience with AI governance principles and frameworks, including implementing controls for responsible AI use. * Experience in developing and delivering training or awareness materials. * Relevant industry certifications (e.g., CISM, CISSP, CIPP, CDMP, or tool-specific certifications). #LI-BF1 #LI-Hybrid The annual base salary range for this position for candidates located in the San Francisco Bay area is between: $170,000-$254,000 USD Below is the annual base salary range for candidates located in California, Colorado, New York and Washington. Your actual base salary will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit: **************************** The annual base salary range for this position for candidates located in California (excluding San Francisco Bay Area), Colorado, New York, and Washington is between:$151,000-$227,000 USD What you can look forward to as a Full-Time Okta employee! * Amazing Benefits * Making Social Impact * Developing Talent and Fostering Connection + Community at Okta Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today! ************************************** Some roles may require travel to one of our office locations for in-person onboarding. Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation. Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Privacy Policy at ************************************* U.S. Equal Opportunity Employment Information Read more Individuals seeking employment at this company are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. When submitting your application above, you are being given the opportunity to provide information about your race/ethnicity, gender, and veteran status. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file. If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows: A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability. A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service. An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense. An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985. Pay Transparency Okta complies with all applicable federal, state, and local pay transparency rules. For additional information about the federal requirements, click here. Voluntary Self-Identification of Disability Form CC-305 Page 1 of 1 OMB Control Number 1250-0005 Expires 04/30/2026 Why are you being asked to complete this form? We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years. Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at ****************** Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at *************************** How do you know if you have a disability? A disability is a condition that substantially limits one or more of your "major life activities." If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to: * Alcohol or other substance use disorder (not currently using drugs illegally) * Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS * Blind or low vision * Cancer (past or present) * Cardiovascular or heart disease * Celiac disease * Cerebral palsy * Deaf or serious difficulty hearing * Diabetes * Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders * Epilepsy or other seizure disorder * Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome * Intellectual or developmental disability * Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD * Missing limbs or partially missing limbs * Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports * Nervous system condition, for example, migraine headaches, Parkinson's disease, multiple sclerosis (MS) * Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities * Partial or complete paralysis (any cause) * Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema * Short stature (dwarfism) * Traumatic brain injury PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete. Okta The foundation for secure connections between people and technology Okta is the leading independent provider of identity for the enterprise. The Okta Identity Cloud enables organizations to securely connect the right people to the right technologies at the right time. With over 7,000 pre-built integrations to applications and infrastructure providers, Okta customers can easily and securely use the best technologies for their business. More than 19,300 organizations, including JetBlue, Nordstrom, Slack, T-Mobile, Takeda, Teach for America, and Twilio, trust Okta to help protect the identities of their workforces and customers.

SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG's shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges. In the Americas, SMBC Group has a presence in the US, Canada, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization's extensive global network. The Group's operating companies in the Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko Securities America, Inc., SMBC Capital Markets, Inc., SMBC MANUBANK, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and Leasing Co., Ltd. The anticipated salary range for this role is between $97,000.00 and $154,000.00. The specific salary offered to an applicant will be based on their individual qualifications, experiences, and an analysis of the current compensation paid in their geography and the market for similar roles at the time of hire. The role may also be eligible for an annual discretionary incentive award. In addition to cash compensation, SMBC offers a competitive portfolio of benefits to its employees. **Role Description** As a Cyber Security Analyst - Threat Researcher, you will be a key part of a high performing Cyber Threat Intelligence program with a desire to continually improve and advance capabilities that protect SMBC Group. A qualified applicant will have demonstrated experience researching cyber threats and vulnerabilities to develop and maintain attack flow models as part of the threat modeling process. This role plays a key part in advancing our understanding of adversary tactics, techniques, and procedures (TTPs) by transforming threat intelligence into visual attack flow models that drive proactive defense strategies. It involves close collaboration with stakeholders to communicate cybersecurity risks and advocate for secure technologies and practices. This is an excellent opportunity for a developing cybersecurity professional to apply threat-informed defense in a complex enterprise environment, address real-world challenges, and strengthen SMBC Group resilience against evolving threats. **Role Objectives: Delivery** **Key Responsibilities:** Successful candidates will require a blend of technical, analytical, and communication skills. You must be able to demonstrate a comprehensive understanding of cyber security best practices and clearly communicate knowledge of vulnerability exploitation lifecycles and network security concepts. You will be required to work as part of a team but capable of performing independant threat research to identify threat opportunity, security gaps, and key areas for improvement to mitigate potential cybersecurity related risks. You will be required to convey output of all threat research and analysis through the production of intelligence reports, briefings, and visual attack path diagrams in a clear, actionable format. Specific areas of responsibilties include: **Threat Research & Analysis:** + Conduct deep-dive research into threat actors, malware families, vulnerabilities, exploits, and campaigns to identify attack patterns and extract adversary tactics, techniques, and procedures (TTPs). + Analyze threat intelligence from open-source, commercial, and internal telemetry to identify relevant attack patterns and enrich threat models + Stay current with evolving threat landscape and industry best practices to identify emerging threats to the financial services sector. **Attack Flow Modeling:** + Design and maintain attack flow models that visually represent adversary behaviors across the cyber kill chain. + Use frameworks such as MITRE ATT&CK, Diamond Model, and Cyber Kill Chain to structure flows that map TTPs to real-world attack scenarios. + Simulate adversary behaviors against financial systems (e.g., SWIFT, ACH, card processing platforms) to identify detection and mitigation gaps. + Build attack flow models that support detection logic, vulnerability identification, threat hunting, and red team simulations. **Tooling & Automation:** + Use threat intelligence platforms (TIPs), SIEMs, to automate data collection and analysis. + Leverage threat modeling tools such as ATT&CK Navigator, or custom graphing tools to create and manage attack flows. + Develop scripts or workflows to automate the generation and updating of attack flow diagrams based on new intelligence. **Reporting & Communication:** + Produce clear, actionable intelligence reports and visualizations for both technical and executive audiences. + Present attack flow models in threat briefings, tabletop exercises, and strategic planning sessions. **Collaboration & Integration:** + Work closely with SOC analysts, security testing, cyber resiliance, and threat modeling pesonnel to validate and operationalize attack flows. + Communicate and integrate understanding of attack flow models into threat detection logic for security engineering, SIEMs, and other security orchestration tools. + Recommend improvements to threat modeling methodologies and threat intelligence workflows. **Qualifications and Skills** **Required Qualifications:** + 3+ years of dedicated experience in cyber threat intelligence, threat research, or a threat hunting role within a SOC or information security program. + Strong understanding of adversary TTPs and threat modeling frameworks (MITRE ATT&CK, Diamond Model, etc.). + Ability to analyze large datasets, multi-task, and effectively prioritize tasks. + Conduct attack surface risk modeling and articulate high-risk areas to stakeholders. + Experience building visual attack flows or kill chain diagrams using industry tools. + Excellent research, analytical, visualization, and communication skills. **Preferred Qualifications:** + Bachelor of Information Technology, Computer Science, or similar preferable + Practical, hands-on threat modeling experience using frameworks such as STRIDE, attack trees, and OWASP methodologies. + Familiarity with graph databases or visualization libraries (e.g., Neo4j, Graphviz, D3.js). + Experience in a financial institution, FinTech, or other industry with regulatory environment.Familiarity with financial regulations and compliance frameworks (e.g., FFIEC, GLBA, PCI-DSS). + Certifications such as GCTI, CTIA, CEH, or MITRE ATT&CK Cyber Threat Intelligence Certification. + Proficiency in scripting languages such as KQL and Python for data parsing, enrichment, and automation of threat intelligence workflows. **Additional Requirements** SMBC's employees participate in a Hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process. Hybrid work may not be permitted for certain roles, including, for example, certain FINRA-registered roles for which in-office attendance for the entire workweek is required. SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law. If you need a reasonable accommodation during the application process, please let us know at accommodations@smbcgroup.com. SMBC's employees participate in a Hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process. Hybrid work may not be permitted for certain roles, including, for example, certain FINRA-registered roles for which in-office attendance for the entire workweek is required. SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law. If you need a reasonable accommodation during the application process, please let us know at accommodations@smbcgroup.com.

High Profile Bank in Manhattan seeks an Information Security Risk Governance Analyst. Tremendous full-time direct hire career opportunity with International Organization that offers a great work environment, interesting projects and competitive compensation (130-140K+ bonus). In summary you will: Develop and manage information and cyber security related activities and projects in a key leadership role as you will be the second most senior individual in the information security risk group. Act as an Information Security subject-matter-expert to support and assist with providing guidance to Senior Management on information and cyber security issues. Review and propose practical changes to potential and existing Information Security policies, procedures, practices, and guidelines to ensure regulatory compliance. Coordinate and manage the employee information security awareness training program. Assess and evaluate Information Risks by conducting annual risk assessment, vulnerability Assessments and special risk assessments for new information risk related processes and trend analysis of key information risk measurements. Work with IT and coordinate any incident response to cyber security events. Review vendor service level agreements and contracts to provide guidance on information and cyber security protective controls and countermeasures. Develop and maintain information risk Key Risk Indicators (KRI's). Perform key Information Risk Governance related tasks including provides user access control management oversight; monitors, analyzes, and follows-up on Information Risk events/issues; Review information risk and advise on IT Projects/Issues Management process, Change Management Process, Significant changes to IT procedures, IT Asset Management Report, Key IT Vendor Contracts, IT Disaster Recovery Plan/Process, Record Retention Process, and Internal or external audit findings. Requirements include: 5+ years of related Information Risk Governance experience with extensive Information Security / IT Audit. Information security certification (CISSP) Strong understanding of Information Risk assessment concepts and principles as they relate to risk tolerance and business risk exposure. Financial industry experience and understanding of financial industry structure and concepts. Completed Bachelor's degree. Knowledge and expertise in Risk Assessment and Risk Analysis. In-depth knowledge of Information Technology and ability to analyze and design Information Security monitoring process.

We at Publicis Sapient, enable our clients to thrive in Next and to create business value through expert strategies, customer-centric experience design, and world-class product engineering. The future of business is disruptive, transformative and becoming digital to the core. In our 20 + years in IT, never before have we seen such a dire need for transformation in every major industry - from financial services to automotive, consumer products, retail, energy, and travel. To make this transformative journey a reality in these exciting times, we seek Rockstars who will: * Brave it out to go do the next; "what will be" from "what is" exhibit the optimism that says there is no limit to what we can achieve deeply skilled, bold, collaborative, flexible. * Reimagine the way the world works to help businesses improve the daily lives of people and the world. * Our people thrive because of the belief that it is both our privilege and responsibility to usher our clients and the world into Next. * Our work is fueled by challenging boundaries, multidisciplinary collaboration, highly agile teams, and the power of the newest technologies and platforms. If that's you, come talk to us! This is the world-class engineering team where you should build your career Overview The Information Security Officer is a senior level professional position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall purpose of this role is to ensure the execution of Information Security (IS) directives and activities in alignment with client information and cybersecurity policy within the supported business units, primarily client's technology infrastructure. Responsibilities Responsibilities: * Identify opportunities to automate and standardize information security controls and for the supported groups. * Resolve any vulnerabilities or issues detected in an application or infrastructure. * Analyze source code to mitigate identified weaknesses and vulnerabilities within the system. * Review and validate automated testing results and prioritize actions that resolve issues based on overall risk. * Scan and analyze applications with automated tools and perform manual testing if necessary. * Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions. * Direct the development and delivery of secure solutions by coordinating with business and technical contacts. * Contribute to execution of the architectural vision for all IT systems through major, complex IT architecture projects. * Security Architecture: Collaborate with IT to ensure system architecture follows corporate policies and IT best practices. * Risk management: Identify, assess and mitigate security risks. Identify application compensating controls for non-compliant items. * Provide technical leadership and is responsible for developing components of, or the overall systems design. * Translate complex business problems into sound technical solutions. * Provide integrated systems planning and recommends innovative technologies that will enhance the current system. * Recommend appropriate infrastructure platforms, and communication links required to support IT goals and strategy. * Impact the architecture function by influencing decisions through advice, counsel or facilitating services. * Guide, influences and persuades others with developed communication and diplomacy skills. Qualifications Qualifications and Education: * Strong understanding of cloud security architectures (i.e. AWS Well-Architected Framework, Google Cloud Security Command Centre). * Knowledge of the Identity and Access management (IAM) security models of AWS and GCP. * In-depth knowledge of cloud infrastructure and architecture (e.g. VPC, EC2, S3, Cloud Storage and Compute Engine. * Familiarity with compliance and risk frameworks (NIST, ISO 27001, CSA STAR) * Experience in business engagement for Information Security, Risk or Control & Compliance, IT Analysis / Design or Program / Project Management. * Perform Information Security risk assessments and familiarity with Information Security Risk Governance. * At least 2 years' experience securing cloud environments particularly AWS and GCP * Bachelor's degree or higher (Computer Science or Cybersecurity preferred) or equivalent work experience. * Industry certifications such as CISSP/CISM/CCSP are desired. * Have good communication skills with the ability to articulate clearly in high stress situations. * Self-starter with good problem-solving skills. * Proven influencing and relationship management skills. * Familiarity with IaC security (Terraform, CloudFormation) * Advanced proficiency with Microsoft Office tools and software. * Public Cloud Solution Architect or Security Certifications are plus (i.e. AWS Certified Solution Architect, GCP Professional Cloud Security Engineer) Additional information Annual Pay Range: USD 128,000 - USD 180,000 The range shown represents a grouping of relevant ranges currently used at Publicis Sapient. The actual range for this position may differ, depending on location and the specific skillset required for the work itself. Benefits of Working Here: Flexible vacation policy; time is not limited, allocated, or accrued 16 paid holidays throughout the year Generous parental leave and new parent transition program Tuition reimbursement Corporate gift matching program As part of our dedication to an inclusive and diverse workforce. Publicis Sapient is committed to Equal Employment Opportunity without regard for race, color, national origin, ethnicity, gender, protected veteran status, disability, sexual orientation, gender identity, or religion. We are also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or accommodation due to a disability, you may contact us at ************************** or you may call us at ***************.

Information Security Specialist Job Responsibilities: Safeguards information system assets by identifying and solving potential and actual security problems. Protects system by defining access privileges, control structures, and resources. Recognizes problems by identifying abnormalities; reporting violations. Implements security improvements by assessing current situation; evaluating trends; anticipating requirements. Determines security violations and inefficiencies by conducting periodic audits. Upgrades system by implementing and maintaining security controls. Keeps users informed by preparing performance reports; communicating system status. Maintains quality service by following organization standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Contributes to team effort by accomplishing related results as needed. Information Security Specialist Skills and Qualifications: System Administration, Network Security, Problem Solving, Information Security Policies, Informing Others, Process Improvement, On-Call, Network Troubleshooting, Firewall Administration, Network Protocols, Routers, Hubs, and Switches.

Job Description Role: Junior Information Security Analyst (Non-Exempt) Purpose of Role: The Junior Information Security Analyst plays a critical role in supporting the organization's information security and risk management initiatives. This position is designed to assist in safeguarding sensitive information and ensuring compliance with relevant cybersecurity regulations and standards. By conducting assessments, managing third-party risks, and participating in training and policy development, the Junior Analyst contributes to the overall security posture of the organization. This role fosters a culture of awareness and vigilance against potential threats. Major Responsibilities: Manage and respond to confirmation requests from financial institutions, ensuring timely and accurate communication. Assist in conducting IT/IS Risk Assessments and Internal Audits. Support the review, revision, compilation, and maintenance of Information Security (IS) policies and procedures, including documentation for the Information Security Steering Committee (ISSC) and sections for Management Information System (MIS) reports. Assist in managing third-party information security risks by participating in vendor evaluations and software assessments. Develop a foundational understanding of relevant Cybersecurity regulations and standards, such as NYDFS Part 500, FFIEC, and NIST. Participate in cybersecurity awareness training sessions for general users, providing support for uploads and addressing questions or issues. Assist in drafting, reviewing, and revising IS policies and procedures. Contribute to vendor reviews and evaluations, including partnerships such as Equinix. Assist in confirming ownership of official email accounts and report findings regarding local account ownership. Prepare materials for ISSC meetings; Attend ISSC quarterly meetings and take meeting minutes Providing reminders for encryption awareness training. Support monthly monitoring of system administration activities for the Privileged Account Review. Help summarize MIS reports and participate in monthly reviews of official email reports. Assist in investigating and analyzing RPQS reports. Provide support for ad hoc projects and approvals as needed. Coordinate communication with the Head Office departments and relevant stakeholders on internal and external auditing matters. Skills, Competencies and Experience Preferred: An Associate or Bachelor’s degree is preferred but not required Strong attention to detail and excellent organizational skills. A strong interest in information security, with a willingness to learn and grow in the field. Basic knowledge of Identity Access and Management (IAM) is preferred but not required. Bilingual proficiency in English and Mandarin is preferred but not required. Effective communication and interpersonal skills, with the ability to work collaboratively.

Our client, a leading Management & Strategy Consulting firm, is seeking a Cybersecurity Analyst to support its client in the financial services domain. This role requires strong expertise in DevSecOps practices alongside solid knowledge of Identity and Access Management (IAM). The ideal candidate will have experience embedding security controls within cloud environments, CI/CD pipelines, and application development workflows, while also managing access governance, privileged access, and compliance requirements. Requirements and Qualifications: · 3+ years of experience in cybersecurity, with strong exposure to DevSecOps and IAM. · Familiarity with CI/CD pipelines and tools (e.g., Jenkins, GitLab CI/CD, Azure DevOps) and integrating security into build/deploy processes. · Solid experience with IAM tools such as SailPoint, CyberArk, and Active Directory. · Hands-on experience with infrastructure-as-code security (e.g., Terraform, CloudFormation, or Azure ARM templates). · Understanding of cloud security (AWS, Azure, or GCP), container security, and policy enforcement in cloud-native environments. · Excellent communication and collaboration skills to work with both technical and business teams. · Implement and enhance DevSecOps practices, integrating security tooling (e.g., SAST, DAST, container scanning) into CI/CD pipelines. · Collaborate with engineering and cloud teams to design and enforce secure-by-default architectures across application and infrastructure layers. · Support IAM initiatives including onboarding/offboarding, entitlement reviews, and role-based access governance. · Utilize and integrate tools such as SailPoint, CyberArk, and Active Directory within broader DevSecOps workflows. · Assist with implementation of SSO, MFA, RBAC, and identity federation, ensuring secure and compliant access controls. · Partner with cross-functional stakeholders to ensure security and compliance requirements are embedded early in the SDLC.

About ASCAP The American Society of Composers, Authors and Publishers (ASCAP) is a membership association of more than one million songwriters, composers and music publishers, and represents some of the world's most talented music creators. Founded and governed by songwriters, composers and publishers, it is the only performing rights organization in the U.S. that operates on a not-for-profit basis. ASCAP licenses a repertory of over 20 million musical works to hundreds of thousands of businesses that use music, including streaming services, cable television, radio and satellite radio and brick and mortar businesses such as retail stores, hotels, clubs, restaurants and bars. ASCAP collects the licensing fees; identifies, matches and processes trillions of performances every year; and returns nearly 90 cents of every dollar back to its members as royalties. The ASCAP blanket license offers an efficient solution for businesses to legally perform ASCAP music while respecting the right of songwriters and composers to be paid fairly. ASCAP puts music creators first, advocating for their rights and the value of music on Capitol Hill, driving innovation that moves the industry forward, building community and providing the resources and support that creators need to succeed in their careers. Learn more and stay in touch at ************** on X and Instagram @ASCAP and on Facebook. Are you passionate about working with customers? Are you excited to learn new technologies? Would you rather be coding than whiteboarding? If the answer is yes, then you might make a great fit for our team of talented software engineers who work with our business and product teams on high impact projects using emerging technologies and platforms. ASCAP technologists live our mission, we are passionate about what we do for our customers, and we practice what we preach. Our technologists serve with humility and a deep respect for their responsibility in helping our business partners and members achieve their goals and realize their dreams. We stand behind our mission and are committed to delivering the impossible. Bottom line? We outthink ordinary. Discover what you can do with technology at ASCAP! Job Description: Information Security Analyst (Application Security) We are looking for a motivated, detail-oriented individual with strong technical skills. This role's primary focus is on working to secure in-house built and software as a service integrated applications plus working with management on security strategies and product owners/designers/developers/platform engineers/endpoint engineers to design, develop and implement secure systems, networks, and applications. They will also work with Sr. Security Analysts to investigate and respond to security event alerts, manage technical aspects of incident response, work on third party applications/services reviews and the organizations vulnerability management program. This role requires knowledge of Salesforce security and privacy architecture including Salesforce Shield. This role will assist with the creation of a true SDLC program with DevSecOps for our in-house built applications and work with developers to implement information security best practices ensuring that our code is proactively secured while in the pipeline prior to moving to production. The person in this role will need to prioritize and ensure the timely completion of tasks from the scrum masters and management. They should also be able to shift and adjust priorities based on changing business needs in our dynamic environment, while also remaining task-oriented to ensure completion of work from start to finish with appropriate solutions. Responsibilities: * Configures, manages, and uses security systems, security monitoring and alerting applications, and security management tools. * Works closely with Sr. Security Analysts and Security Platform Engineers to investigate and resolve security related events. * Reviews business partners, new vendors, and products/services for security stature * Work independently with developers, system/network administrators, product owners, design teams and other colleagues to ensure secure design, development, and implementation of applications and networks - promoting a full SDLC program. * Perform security architecture design reviews of our applications (primarily Salesforce). * Perform code analysis of large applications manually and conduct manual vulnerability analysis. * Provide remediation guidance and recommendations to developers and administrators. * Work with development teams to help prioritize and validate urgency of mitigation of identified product vulnerabilities and security feature enhancement requests. * Ensure development teams receive pertinent annual secure coding training. * Researches, evaluates, tests, and assists on implementation of new security solutions around DevSecOps and the application pipeline. * Works alongside project management in a SCRUM environment to successfully monitor progress and implement security initiatives. Qualifications: * Experience supporting security products like CrowdStrike, SecureWorks, Cisco Umbrella, BitLocker, Qualys, CloudLock, SonarQube, Nexus IQ, and Checkpoint. * Cloud security experience with Salesforce Shield and AWS. * Bachelor's degree in computer science or information security. * Experience investigating and resolving security events. * A keen eye for detail, an analytical thinker, and the ability to multitask. * The ability to thrive in fast-paced, high stress situations. * A problem solver with the ability to communicate effectively with peers, business partners, and management. * Experience working with development teams to build secure solutions. * Experience breaking down complex systems and applications to find flaws. * Able to read, write, and audit Java and the ability to pick up new languages/technologies. * Experience with secure coding practices and architecting secure applications written in Java. * The ability to communicate complicated technical issues and the risks they pose to developers, network engineers, system administrators, and management. * Self-starter, positive attitude, ability to work independently, enjoys learning and staying current with industry developments, regulations, and best practices. * Interest in providing security training to developers. What We Love About You: * You love our users. You deeply understand our users and put them at the center of everything you do. You aim to serve and delight them every day. * You do the right thing. You are respectful and act with the highest integrity. If you see something that isn't right, you say something. * You debate it. You ask questions to understand a perspective and are comfortable respectfully challenging assumptions. You are not turned off by constructive conflict to get to the right answer. * You own your outcomes. You set clear ambitious goals. You anticipate obstacles, persevere, and are accountable for your commitments. * You make fast decisions. You are an effective and timely communicator. You understand how to collaborate, compromise, and escalate when needed. * You get better every day. You welcome the gift of feedback. You never settle in your quest to grow and develop. By being here, you make our company stronger. Occasional travel for in-person meetings may be required. Please be aware that ASCAP is not a nut-free or other allergen-free workplace. Compensation/Benefits: Besides providing a unique and dynamic work environment, there are a few other reasons you should consider ASCAP in your career planning. We also offer generous benefit options that are comprehensive and provide the flexibility that most employees want and need. These health care and financial plan options include the following: * A choice of either network-only provider medical and dental plans or more flexible medical and dental plans where you can see providers in or out-of-network * Vision plan that offers both in and out-of-network provider options * 401(k) Plan that offers pre-tax, Roth, and an after-tax employee contribution option which includes a company match. * An additional employer paid discretionary profit share contribution, regardless of your participation in the 401(k) Plan * Generous time-off policy * 12 company holidays * Health care and dependent care flexible spending accounts * Short-term disability insurance/salary continuation and long-term disability insurance * Company provided basic life and accidental death and dismemberment insurance * Employee gym discounts at select gyms * Commuter benefits * Voluntary pet health insurance * Voluntary auto and homeowners insurance * Voluntary employee, spouse, and dependent life insurance options * Voluntary ID protection Coverage ASCAP is an equal opportunity employer. All ASCAP employment decisions are made on the basis of individual qualifications and performance and not on the basis of race, national origin, ethnicity, sex, age, marital status, sexual orientation or preference, gender identity, genetic information, disability, handicap, color, creed, religion, veteran status, or any characteristic protected by applicable federal, state or local laws. The anticipated base salary range for this position is $100,000.00 to $110,000.00 and will be determined on an individualized basis depending on several factors that are unique to each candidate including geographic location (due to differences in the cost of labor), skills, education and prior relevant experience.

At Customers Bank, we believe in working hard, working smart, working together to deliver memorable customer experiences and having fun. Our vision, mission, and values guide us along our path to achieve excellence. Passion, attitude, creativity, integrity, alignment, and execution are cornerstones of our behaviors. They define who we are as an organization and as individuals. Everyone is encouraged to have personal development plans. By doing so, our team members are on their way to achieve their highest potential and be successful in their personal and professional lives. Must be eligible to work in the U.S. without sponsorship. Who is Customers Bank? Founded in 2009, Customers Bank is a super-community bank with over $22 billion in assets. We believe in dedicated personal service for the businesses, professionals, individuals, and families we work with. We get you further, faster. Focused on you: We provide every customer with a single point of contact. A dedicated team member who's committed to meeting your needs today and tomorrow. On the leading edge: We're innovating with the latest tools and technology so we can react to market conditions quicker and help you get ahead. Proven reliability: We always ground our innovation in our deep experience and strong financial foundation, so we're a partner you can trust. What you'll do: Customers Bank is looking for a Jr. Information Security Analyst who is Analytical, detailed orientated, and adaptive to support the strategy of the company's Security Operation's Team. Utilizing enterprise security tools, the Information Security Analyst will be required to detect, triage, and prevent security incidents, protect sensitive information, aid in the penetration testing of network environments, collaborate with of teams to identify and mitigate vulnerabilities, and help drive security best practices across the organization. Participation in the on-call rotation is mandatory. The Jr. Information Security Analyst is responsible for Tier 1 Incident Response, Cyber Security Investigations, Malware Analysis, and Threat Hunting within the Security Operations Center. Participating in a team rotation program, the Analyst will aid and support the Advanced Operations, and Vulnerability Management programs within the Security Operations Team. Responsibility: * Perform initial investigations on all alerts and tickets generated by security tools and close investigations or escalate as necessary. * Monitor all business assets for irregularities and anomalies. * Report and/or escalate all high and critical level incidents to leadership. * Support the development of the Security Operations team by providing insight into changes and enhancements to procedures, tools, and techniques. * Follow all guidelines and procedures to ensure task and responsibilities are completed within the defined standards and regulations. * Utilize the provided educational training programs and external resources to expand knowledge base around information security topics, trends, requirements, and best practices. * Supporting the Incident Response Program * Review, Investigate, and Respond to all security related alerts in a timely manner. * Manage and Maintain the Abuse Mailbox per SLA's * Participate in regularly scheduled trainings, tabletops, and Blue Team exercises. * Provide monthly metrics on workflow and severity of the work done. Must haves: * Bachelor's degree in computer science, Cybersecurity, or similar work experience in a related field * 1+ years of cybersecurity experience in operational or tactical cyber threat analysis; experience can include one or more of the following cyber-security functions: Intrusion Detection/Prevention, Monitoring, Incident Response, Digital Forensics, Vulnerability Management * 2+ years of experience as a security analyst (or related) subject matter expert that has worked across organizational boundaries to analyze cyber threats to their organization's infrastructure and services. * Working knowledge of EDR, SIEM, Azure Cloud etc. technologies Nice to haves: * Financial industry experience * Knowledge of advanced cyber threats, threat vectors, attacker methodology to include, tools, tactics, and procedures and how they tie into the Cyber Kill Chain or Miter ATT&CK framework. * Experience with premium threat intelligence tooling and/or open-source intelligence techniques. * Experience in malware detection and analysis using static and dynamic malware analysis methods. * Knowledge of cloud services and their attack surface. * Related industry certifications (Sec+, CTIA, CISSP) Customers Bank is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also provide "reasonable accommodations", upon request, to qualified individuals with disabilities, in accordance with the Americans with Disabilities Act and applicable state and local laws. Diversity Statement: At Customers Bank, we believe in working smart, working together, and having fun while delivering innovative solutions and memorable experiences for our customers. We are committed to the continual advancement of a culture which reflects the value we place on diversity, equity, and inclusion. We honor the diverse experiences, perspectives, and identities of our team members, and we recognize that it is their passion, creativity, and integrity that drives our success. Step into your future with us! Let's take on tomorrow.

Role Overview: Balyasny Asset Management seeks an experienced candidate for an Information Security Analyst role. This role will be hands-on, building out BAM's firm-wide information security platform. At BAM, you will have the chance to work with some of the smartest and most driven individuals in the industry. The individual selected to fill this role will be a member of our SOC team primarily responsible for responding to and investigating potential security incidents and performing threat hunting exercises. The ideal candidate will have a track record of automating processes, finding innovative solutions to difficult problems, and adapting to new products and solutions. This position will report to BAM's Security Operations Lead. Strategic Responsibilities: - Implement BAM's Information Security vision and strategy for the firm. - Design and implement repeatable, efficient processes for Information Security operations. - Collaborate between technology and business teams to drive proper implementation of security controls and compliance requirements across the firm. - Enhance cyber security awareness by promoting through employee awareness. Tactical / Hands-On Responsibilities: - Triage, investigate, and remediate information security alerts. - Perform threat hunting exercises within the Balyasny network to identify potential security threats which have otherwise been unidentified. - Creating/maintaining runbooks for security investigations. - Continually improve internal scanning, detection, and reporting of security risks and anomalous activity. - Partner with global infrastructure staff to increase cyber security posture leveraging vendor-based and in-house custom built security solutions. - Provide guidance and implement security best practices and systems. - Create and maintain accurate documentation on the firm's information security policies and procedures. - Keep up with, and evaluate, new industry and information security trends to determine firm's best approach for dealing with new trends. Qualifications & Requirements: - Bachelors in cybersecurity, networking, computer science or closely related field - 3 + years information systems security background - 3 + years working in a SOC and/or related job function - Strong understanding of networking (TCP/IP, OSI, routing, switching, firewalls) - Solid understanding of good information security, cyber security practices and policies - Hands on experience with different security platforms, including SIEM and EDR platforms - basic understanding and implementation experience with encryption technologies (SSL, SSH, PKI) - Basic scripting abilities (Python and/or PowerShell) - Able to communicate technical concepts between technical and non-technical stakeholders - Awareness and understanding of current security and cyber threat landscape - Experience running incident response/resolution process - Hands on experience with logging and monitoring tools - Familiarity with the NIST Cybersecurity Framework Bonus Points For: - Hands on experience using Splunk and/or CrowdStrike platforms. - Knowledge of financial services industry best practices and regulations related to information security. - Information Security certifications (CISSP, ISACA, ISC2, SANS, etc. ) - Public cloud (AWS/Azure) information security experience Don't have all of the skills listed above? Have extra skills you think are important that we haven't thought of? Please, let us know by applying and telling us a bit more about yourself and why you think you're qualified.

The Data Analyst will provide analysis for the US Army Reserve Medical Command. They will analyze maintenance data information in the Global Combat Support System (GCSS-Army) and analyze data processing requirements to plan data processing system that will provide system capabilities required for projected workloads, and plans layout and installation of new system or modification of existing system by performing the following duties. Responsibilities Confers with data processing and project managers to obtain information on limitations and capabilities of existing system and capabilities required for data processing projects and projected workload Enters data into computer terminal to store, retrieve, and manipulate data for analysis of system capabilities and requirements Trains users to use new or modified equipment. Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community. Education/Experience Bachelor's degree preferred but additional experience may be accepted in lieu of a degree. One (1) year of recent GCSS-Army operator level experience with USAR STAMIS business processes: to include operation on the ARNET. Previous Military experience desired. Must have good oral and written communication skills and be familiar with word processing, spreadsheets, and able to provide written After-Action Reports. · Ability to write, review, and edit proposals, reports, policies, speeches and articles for publication that conform to prescribed style and format. This requires the ability to read, understand, analyze, and respond to policies, procedures and other forms of written correspondence at the professional level and includes correspondence that is submitted and reviewed at the Director, VP, and President/CEO levels. · Basic math skills in addition, subtraction, division and multiplication. · Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables. To perform this job successfully, an individual must possess some knowledge of the following concepts and tools: Basic computer skills, Automated Logistics/Data Analyst_2017_Version 2 Security Clearance Requirements Must Possess a Secret Security Clearance Travel Requirements Travel is estimated to be 50% within the Continental United States. Benefits & Compensation New employees are eligible to participate in the company's benefits plan on the first day of the month following their date of hire or unless noted otherwise. Medical Insurance Vision & Dental Insurance Short-Term Disability, Group Life and AD&D Insurance Flexible Spending Plan Health Savings Account 401(k) Savings Plan - 100% match for the first 3% contributed plus 50% of the next 2% contributed. (no vesting period and eligible on your date of hire) Paid holidays - Eleven (11) per year Paid Time Off - 120 accrued hours per year Professional Development Program Salary will be determined based on the individual's education and experience level Overview Lumbee Tribe Enterprises, LLC (LTE) is an 8(a) certified, Tribally Owned and Operated government services provider, and subsidiary of Lumbee Tribe Holdings, Inc. (LTH), which is wholly-owned by the Lumbee Tribe of North Carolina. We are a Native American, 8(a), Disadvantaged Small Business with a primary NAICS code of 561990. Our reputation for excellence is built on providing defined and repeatable support and services to agencies across the U.S. Government. Equal Employment Opportunity Policy Statement: It is the policy of Lumbee Tribe Holdings, Inc. and its subsidiaries (the “Company”) not to discriminate against any employee or applicant for employment because of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, marital status, genetic information, mental or physical disability (and medical condition, for employees in California) or because he or she is a protected veteran. It is also the policy of the Company to take affirmative action to employ and to advance in employment, all persons regardless of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, marital status, genetic information, mental or physical disability (and medical condition, for employees in California) or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment. Employees and applicants of the Company will not be subject to harassment on the basis of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, marital status, genetic information, mental or physical disability (and medical condition, for employees of Californian) or because he or she is a protected veteran. Additionally, retaliation, including intimidation, threats, or coercion, because an employee or applicant has objected to discrimination, engaged or may engage in filing a complaint, assisted in a review, investigation, or hearing or have otherwise sought to obtain their legal rights under any Federal, State, or local EEO law is prohibited. NOTE: These statements are intended to describe the general nature and level of work involved for this job. It is not an exhaustive list of all responsibilities, duties, and skills required of this job.

East Stroudsburg University is hiring an Information Security Analyst! Located in the beautiful Pocono Mountains of Pennsylvania, ESU's proximity to New York City and Philadelphia provides convenient access to internships, careers and social activities. Just minutes from campus are the country's largest water parks, scenic Delaware Water Gap Recreation Area, Appalachian Trail, and other opportunities for recreational fun. As the Information Security Analyst, you will need to think creatively and be comfortable implementing preventative security measures to ensure ESU network & system safety. You will be an active member of the Computing & Communication Services team and will work closely with the Associate Director of Academic Computing to protect the confidentiality, integrity, and availability of authorized access to ESU information assets. You will thrive in this role if you like combining your Information Systems background and professional cybersecurity experience all while optimizing the ESU information technology infrastructure. To be successful in this role the applicant must possess excellent critical thinking skills when responding to events, have strong decision-making skills, and comprehensive working knowledge of the cybersecurity life cycle. Your normal hours will be Monday to Friday 8:00 am to 4:30 pm, but you may have to flex your schedule to work from time to time based on the needs of the business to be a true Information Security Analyst. When our team shows up for work, they are energized and motivated to succeed all while being the most crucial piece to keeping the ESU operations humming. What Will I Do At ESU? (AKA Essential Duties) * Identify potential security weaknesses in systems, networks, and applications. * Develop and enforce security policies and procedures to protect sensitive information. * Investigate and respond to security incidents, such as malware infections or data breaches. * Monitor network traffic and systems for suspicious activity, using tools like SIEM (Security Information and Event Management). * Ensure compliance with relevant Higher ED regulations and standards (e.g., GLBA, FERPA, PA Breach Act). * Educate employees about security threats and best practices. * Keep up-to-date with the latest security threats and technologies. * Work with other IT professionals and business stakeholders to identify and address security issues. What We're Looking For (AKA Qualifications) * A Bachelor's degree in computer information systems, management information science, or related field. * A minimum of three (3) years of cybersecurity experience. * Able to read, write, and comprehend English; able to follow verbal instructions. Experience with Word, Excel, Teams required. Preferred Qualifications: * Analytical Skills: The ability to systematically evaluate information, identify patterns, and draw conclusions. * Technical Skills: Knowledge of operating systems, networking, security technologies (firewalls, intrusion detection systems), and security tools. * Certifications: Industry certifications like Security+, Ethical hacking. * Demonstrated success in working with Internal Audit, System Auditors, and outside consultants in a lead capacity to coordinate representation of institutional technology systems and practices. * Demonstrated experience in computing and information security, network security issues, and security incident response and recovery in a higher education environment. * Knowledge and experience working with one or more of the following Cybersecurity Frameworks: NIST Cybersecurity Framework; ISO 27001; CIS Critical Security Controls. What We Offer * Outstanding benefits package including benefits such as medical from date of hire, retirement contributions, employee wellness program, and paid leave * Salary: Based on Experience * Living by the Warrior Code: * Accountable for One's Actions * Committed to Self-Growth * Willing to Sacrifice for the Greater Good * Positive, Honest, and Loyal * Respectful of the Environment and Community * Dedicated to Empowering Others And yes, legal made us spell this out… Must be at least 18 years old and be able to read and write English. Employment with ESU is contingent on the selected candidate passing a thorough background check that includes: FBI fingerprinting, PA Child Abuse, and employment. We are proud ESU is an equal opportunity employer. For more information on President Long's 10-point plan, click here: ************************************************

Insider Threat Detection Analyst At BNY, our culture empowers you to grow and succeed. As a leading global financial services company at the center of the world's financial system we touch nearly 20% of the world's investible assets. Every day around the globe, our 50,000+ employees bring the power of their perspective to the table to create solutions with our clients that benefit businesses, communities and people everywhere. We continue to be a leader in the industry, awarded as a top home for innovators and for creating an inclusive workplace. Through our unique ideas and talents, together we help make money work for the world. This is what #LifeAtBNY is all about. We're seeking a future team member for the role of Insider Threat Detection Analyst to join our Insider Threat team. This role is in Pittsburgh, PA or Lake Mary, FL -HYBRID In this role, you'll make an impact in the following ways: Manage the inventory of Insider Threat detections ensuring detections are moved through the development phases to implementation Build a strong pipeline of new detections based on best practices, current risk trends and previous incidents Accurately reflect the changing status of detections in an issue management/workflow tool Perform an initial assessment of new detections to determine feasibility, including access to data sources, obtain appropriate approvals and determine approximate volume Leverage AI to enhance the detection design process To be successful in this role, we're seeking the following: Bachelor's degree in computer science or a related discipline, or equivalent work experience required Solid understanding of Insider Threat Detection, network security and traffic analysis, hunting for malicious activity and initiating response actions. Demonstrable experience with Insider Threat Detection Technologies and tools such as SIEM, UBA/UEBA, UAM, DLP, etc. and workflow/issue management tools (e.g., ServiceNow, JIRA) Experience working with AI to enhance efficiency Strong analytical and problem-solving skills Demonstrate leadership capability, including the ability to own and drive deliverables to completion through collaboration in a cross-functional team. Functional understanding of risk management principles. Ability to establish an independent view, while effectively collaborating with peers in a team environment Strong verbal and written communication, as well as information-seeking skills Experience in the financial services industry is a plus At BNY, our culture speaks for itself. Here's a few of our awards: America's Most Innovative Companies, Fortune, 2024 World's Most Admired Companies, Fortune 2024 Human Rights Campaign Foundation, Corporate Equality Index, 100% score, 2023-2024 Best Places to Work for Disability Inclusion, Disability: IN - 100% score, 2023-2024 “Most Just Companies”, Just Capital and CNBC, 2024 Dow Jones Sustainability Indices, Top performing company for Sustainability, 2024 Bloomberg's Gender Equality Index (GEI), 2023 Our Benefits and Rewards: BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life's journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter. BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans. Insider Threat Use Case Design and Pipeline management Consults with other IT areas and the businesses and provides professional support for major components of the company's information security infrastructure. Contributes to the development and implementation of security architecture, standards, procedures and guidelines for multiple platforms. Consults with the business and operational infrastructure personnel regarding new and existing technologies. Recommends new security tools to management and reports and provides guidance and expertise in their implementation. Reviews and analyzes complex data and information to provide insights, conclusions and actionable recommendations provides direction and guidance on reports and analyses and ensures recommendations are aligned with customer/business needs and capabilities. Ensures that all significant security concerns are addressed. Recommends course of action to mitigate risk and ensures that appropriate standards are established and published. Contributes to the achievement of area objectives. Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred, 8-10 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.. BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer. Minorities/Females/Individuals with Disabilities/Protected Veterans. Our ambition is to build the best global team - one that is representative and inclusive of the diverse talent, clients and communities we work with and serve - and to empower our team to do their best work. We support wellbeing and a balanced life, and offer a range of family-friendly, inclusive employment policies and employee forums.

First Quality was founded in 1989 and has grown to be a global privately held company with over 4,000 employees. Its corporate offices are located in Great Neck, New York, with manufacturing facilities and offices in Pennsylvania, South Carolina, Georgia, and Canada. First Quality is a diversified family of companies manufacturing consumer products ranging from Absorbent Hygiene (adult incontinence, feminine care, and baby care), Tissue (bath and towel), and Industrial (print and packaging materials), serving institutional and retail markets throughout the world. First Quality focuses on private label and branded product lines. We are actively seeking an experienced Cyber Security Analyst to join our Security Operations Center in Great Neck, New York, or work in a hybrid capacity from CT, GA, NY, NJ, PA, or SC. In this role, you will be responsible for incident detection, investigation and response, rules development tuning and improvement, defining and developing automations, and incorporating Threat Intelligence and Threat Hunting activities to enhance detection and mitigation strategies. Primary responsibilities include: Incident Detection and Response - Monitor and analyze alerts generated by SIEM/SOAR platforms and user reports, investigate security incidents, and execute containment and eradication procedures to minimize impact and restore normal operations. Tuning & Optimization - Continuously refine detection rules and SOC processes to reduce false positives, enhance detection accuracy, and improve overall operational efficiency. Research & Development - Explore emerging threats and attack techniques to develop and implement new detection rules to expand visibility and strengthen the organization's security posture. Threat Hunting - Proactively hunt for hidden threats by analyzing logs and identifying gaps missed by existing security tools and improve security posture. Threat Intelligence - Review threat intelligence feeds, channels and articles to identify potential risks and proactively strengthen defenses. Automation Development - Design, implement, and maintain automation solutions to streamline SOC workflows, reduce manual effort, and accelerate incident response times. Reporting - Prepare and present comprehensive reports on key SOC activities, metrics, and security trends to stakeholders and management. Penetration Testing - Participate in Red and Purple Team exercises to assess and improve the effectiveness of security controls and incident response capabilities. The ideal candidate should possess the following: Bachelor's degree in Computer Security, Cybersecurity, Information Security, or a related field preferred. Additional relevant experience may be considered in lieu of a degree. Experience with advanced SIEM content development, including custom correlation rules, dashboards, and reporting. Minimum of 1 year of experience working in a Security Operations Center (SOC) environment, either in-house or with a Managed Security Service Provider (MSSP). Proficiency in scripting languages such as Python, PowerShell, or Bash for automating security tasks and processes. Direct involvement in end-to-end incident response, including root cause determination and post-incident reporting. Experience monitoring and securing cloud environments (e.g., Microsoft Azure, AWS, Google Cloud Platform). Hands-on experience working with SIEM (e.g. Splunk, Microsoft Sentinel, Qradar) Familiarity with EDR solutions like CrowdStrike, SentinelOne, Microsoft Defender for Endpoint or Cortex XDR. Understanding and familiarity with interpreting common log sources for monitoring and investigation (e.g. Firewall, Azure AD, Windows Security Log, Email, Proxy\URL Filtering etc.) Solid grasp of prevalent attack types, including phishing, brute-force attacks, malware, and data exfiltration techniques. Excellent verbal and written communication skills, with the ability to collaborate effectively with team members both within and outside the SOC. High level of situational awareness and problem sensitivity, with the ability to proactively identify issues and escalate concerns as appropriate. Demonstrated proactive mindset, strong sense of responsibility, and urgency in addressing security incidents and tasks. Ability to work independently, manage multiple priorities, and succeed in a fast-paced, dynamic environment. Strong motivation and willingness to continually learn and grow, adapting to new tools and evolving threat landscapes. The estimated annual base salary range for this position is $110,000 - $140,000. Base pay is only part of our total compensation package, which also includes an attractive annual discretionary bonus and robust suite of employee benefits for which you are eligible to participate in starting on your first day of employment. Base pay offered will be determined on an individualized basis and we will consider your location, experience, and other job-related factors. First Quality is committed to protecting information under the care of First Quality Enterprises commensurate with leading industry standards and applicable regulations. As such, First Quality provides at least annual training regarding data privacy and security to employees who, as a result of their role specifications, may come in to contact with sensitive data. First Quality is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, sexual orientation, gender identification, or protected Veteran status.

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express. Join Team Amex and let's lead the way together. The Technical Risk Management (TRM) team, within the Global Risk and Compliance organization and led by the Chief Risk Officer, manage operational risks associated with Information & Cyber Security Risk, Business Disruption, Technology Risk, Data Risk, & AI Risk Management. The team also ensures that risk management activities are conducted in a manner compliant with regulatory requirements and expectations. The team aggregates and reports on key risk management and oversight activities to the relevant management and Board risk committees. Functional Description: This individual contributor role is part of the second line technology risk management team within the GRC group, headed by the Chief Risk Officer (CRO) of the company. This is a unique opportunity to work with a team of diverse and talented professionals who are responsible for building the technology risk management program and providing independent risk oversight to the technology, cyber security and data risks. Reporting to the Director for Technology Risk oversight, this position is responsible for independently assessing, reporting, and aggregating data risks (including data security, data architecture and data storage). The risks identified by this team are reported to the Senior Management, Risk Management Committees, Board of Directors, and Regulators. This position will be responsible for effectively collaborating with key stakeholders across lines of business and lines of defense to ensure data risks are managed effectively and efficiently in accordance with the company policies and applicable regulatory requirements. Essential Job Functions: * Drive cross-functional collaboration with internal stakeholders responsible for data risk management to ensure proactive identification, measurement, management, monitoring, and reporting of data security risks. * Provide effective oversight and credible challenge to the 1st line's implementation of data-related controls within the Risk and Control Self-Assessment (RCSA) and review the design and operating effectiveness of controls linked to data security, availability, and architecture. * Contribute to enterprise-wide initiatives focused on enhancing the data risk management framework, information security policies, & security standards. Support development of key risk indicators and key performance indicators that delivers meaningful insights into data security risks and control performance trends. * Perform data-driven reviews focused on data risk (including data security, data architecture and data storage) and prepare risk review reports for senior stakeholders and governance bodies. * Stay abreast of applicable regulations, guidelines, and industry standards, and drive continuous enhancement of oversight practices to ensure alignment with evolving regulatory expectations and leading practices. * Conduct exploratory data analysis on large sets of structure data using industry standard tools (Ex: SQL, Python, Power BI, and Excel data models) to develop meaningful insights on cybersecurity and technology related data. * Learn technology, cyber security, and business continuity management processes at American Express, demonstrating strong levels of curiosity and willingness, in order to present an effective credible challenge. * Support the design of independent technology risk oversight program which defines the engagement and integration with various risk management programs, including Risk and Control Self Assessments, operational risk event management, operational risk issue management. * Help embed a strong risk-aware culture, encouraging proactive risk management behaviors within the organization. Minimum Qualifications: * Minimum five years of experience in data security & risk management within the banking/financial services industry including policy & procedure development, risk appetite, risk control self-assessment and testing, operational event & issue management. * Proven ability to identify & assess risks, analyze issues and derive meaningful insights about risk trends by conducting interviews and analyzing large volumes of data. * Strong verbal and written communication skills with an ability to explain complex problems and ideas clearly and succinctly to senior management. * Ability to work in a highly collaborative environment, excellent relationship building skills and ability to influence partners with a firm strategic view. * Excellent analytical skills with high attention to detail and accuracy. * Excellent critical thinking and problem-solving skills. * Required self-starter who can work with minimal supervision. * Willingness to challenge traditional thinking by actively engaging in constructive dialogue. Preferred: * Educational background: Bachelor's in computer science or information systems. * Working knowledge of one or more of the data mining tools and technologies (SQL, Python, Power BI, Excel data models, pivot tables & DAX queries, R) * Experience in risk management frameworks and standards across cyber security, data risk, information technology, 3rd party, business continuity management. * Industry certifications (e.g., CISSP, CISM, CISA, CRISC, CompTIA Security+) * Understanding of risk assessment methodologies, frameworks, and industry standards (e.g., COSO, COBIT, ISO 27001, FAIR or NIST RMF). * Knowledge of relevant policies & regulations (e.g., OCC Heightened Standards, FFIEC IT booklets). * Experience with Governance, Risk and Compliance tools (Ex: Archer). Salary Range: $110,000.00 to $190,000.00 annually + bonus + equity (if applicable) + benefits The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we'll consider your location, experience, and other job-related factors. We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally: * Competitive base salaries * Bonus incentives * 6% Company Match on retirement savings plan * Free financial coaching and financial well-being support * Comprehensive medical, dental, vision, life insurance, and disability benefits * Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need * 20+ weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy * Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) * Free and confidential counseling support through our Healthy Minds program * Career development and training opportunities For a full list of Team Amex benefits, visit our Colleague Benefits Site. American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law. American Express will consider for employment all qualified applicants, including those with arrest or conviction records, in accordance with the requirements of applicable state and local laws, including, but not limited to, the California Fair Chance Act, the Los Angeles County Fair Chance Ordinance for Employers, and the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance. For positions covered by federal and/or state banking regulations, American Express will comply with such regulations as it relates to the consideration of applicants with criminal convictions. We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually. * Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions. US Job Seekers - Click to view the "Know Your Rights" poster. If the link does not work, you may access the poster by copying and pasting the following URL in a new browser window: ***************************

**Company:** Expand Energy Our core values - Stewardship, Character, Collaborate, Learn, Disrupt - are the lens through which we evaluate every business decision\. As a dynamic, growing company that offers extremely competitive compensation and benefits, our employees are our most valued assets and the foundation of Expands performance among our E&P competitors\. We seek applicants from all backgrounds to ensure we get the best, most creative talent on our team\. We realize that, historically, underrepresented groups feel the need to be 100% qualified in order to apply\. If you meet any combination of our requirements, we encourage you to apply\. We strive to hire people from a wide variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger\. ## **Job Summary** This intermediate level position provides troubleshooting, technical advice, and guidance, under general supervision, to business users on a variety of products and services in order to provide resolutions to IT related challenges\. ## **Job Duties & Responsibilities** + Performs troubleshooting and minor repairs to hardware, software, or peripheral equipment, following design or installation specifications + Conducts research and performs analysis of products, services, protocols, and standards and makes recommendations for improvement + Creates knowledge base of content documenting processes, procedures, and best practice standards + Analyzes problems to enhance business productivity by providing technical advice, solutions or process recommendations + Regulates security access following established procedures to safeguard information + Considers business implications of new technologies to the current business environment + Designs or implements IT strategies to enhance business productivity + Develops and supports business relationships with IT project teams and business customers + Assists with project execution at the enterprise level to ensure adherence to project plan methodologies + Performs other duties as assigned ## **Job Specific Skills** + Intermediate ability to use logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions, or approaches to problems + Intermediate ability to consider the relative costs and benefits of potential actions + Ability to analyze Intermediate problems to develop and evaluate options as well as implement solutions + Ability to preserve confidentiality and work with sensitive data + Intermediate understanding of systems applications, hardware, software, and company specific applications/processes + Intermediate ability to communicate written and verbally with all levels of co\-workers, customers, and external contacts + Intermediate ability to manage time and prioritize projects to meet established deadlines ## **Education** Minimum: High school diploma Preferred: Bachelor's degree \- from accredited university \- IT, MIS, Computer Science or related field ## **Experience** Minimum: 2 \- 5 years related work experience ## **Additional Qualifications** Candidates must reside or be willing to relocate within a 40\-mile radius of the Sayre Field Office \(14 Cheapeake Lane, Sayre, PA 18840 to be considered for this position\. Expand Energy takes necessary action to ensure that all applicants are treated without regard to their race, color, religion, sex, sexual orientation, age, gender identity, national origin, genetic information, disability, pregnancy, military or veteran status or any other protected characteristic as established by law\. Expand Energy Corporation's operations are focused on discovering and developing its large and geographically diverse resource base of unconventional oil and natural gas assets onshore in the United States\. **Nearest Major Market:** Scranton **Job Segment:** Computer Science, Technology, Research