Information security analyst jobs in Vallejo, CA

About the Company Atomus' mission is to provide world class cybersecurity for the world's most critical organizations. We build security compliance software delivered as managed services sold directly, with relevant professional services and support. Examples of our commercial customers include hypersonic aircraft companies, satellite and space mission systems companies, AI and software companies, among many other companies serving primarily the aerospace and defense industry. At Atomus we are hardworking, we move fast, and we put our customers first. About the Role As a Cybersecurity Engineer will work closely with customers to help them implement and fully leverage Atomus' cybersecurity products, maintain compliance with NIST 800-171 and CMMC cybersecurity standards, and solve technical challenges. Our customers depend on Atomus to manage and secure their Windows, MacOS, Ubuntu, iOS, Android devices, and Firewalls while ensuring compliance. We aim to provide the best possible support when they have questions. Our team's main goal is to simplify our customers' lives, for compliance and security. You will serve as the voice of the customer by sharing their feedback and insights with our product team and reporting any issues to our software engineers. We take pride in delivering amazing experiences for our customers. Responsibilities Manage and guide new customers through the onboarding process, ensuring proper setup, configuration, and alignment with their security programs and establishing baseline compliance requirements of NIST 800-171 and CMMC while performing technical tasks/project management required for onboardings. Serve as the first point of contact for technical inquiries, providing debugging, troubleshooting, and solutions for technical IT/security issues related to the Atomus platform. Work closely with internal teams (sales, product, engineering) along with partners/vendors for customer requirements to communicate customer feedback and advocate for customer needs in product development and rolling out 3rd party products. Assist customers in managing and maintaining NIST 800-171 and CMMC compliance requirements, ensuring IT documentation is updated and maintained. Required Skills Experience in a customer-facing technical role, IT administrator, solutions engineer, Technical Customer Success, or TAM role preferably in cybersecurity or compliance. Strong experience with cybersecurity frameworks and technologies (e.g., NIST, CMMC, firewalls, routers, encryption tools). Intermediate networking knowledge of WAN and LAN connectivity, routers, firewalls, switches, security, etc. Experience with Microsoft Intune, Active Directory, Windows, MacOS and ABM, as well as mobile platforms like Android and iOS. Advanced understanding of Microsoft products (Exchange, SharePoint, Windows, Windows Server, Active Directory, etc.). Familiarity with command-line tools (e.g., PowerShell, Terminal) for troubleshooting and deployment. Strong troubleshooting skills, particularly related to network security, software issues, and IT environments. Excellent verbal and written communication skills; ability to explain complex topics to both technical and non-technical audiences. Applicants must have strong emotional intelligence to intuit and match customer sentiment for effective communication. Preferred Skills Prior experience with NIST 800-171, CMMC, or other compliance standards. Ability to manage multiple customer accounts and onboarding projects simultaneously. Familiarity with CRM platforms (HubSpot), and compliance documentation tools while managing SLAs which include customer satisfaction, initial response, and issue resolution times.

Job Title: Security Engineer Department: IT Reports to: IT Manager Job Overview: The Security Engineer is responsible for designing, implementing, and managing the security infrastructure that protects our applications, data, and networks. This role plays a critical part in threat detection, risk mitigation, and the development of secure architectures while ensuring compliance with industry standards and regulatory requirements. Primary Responsibilities: Design, deploy, and manage security tools and technologies (e.g., firewalls, SIEM, IDS/IPS, endpoint protection). Monitor systems and networks for security events, investigate incidents, and lead remediation efforts. Perform threat modeling, risk assessments, and application security reviews. Conduct vulnerability assessments and penetration tests to identify and address security gaps. Develop, implement, and maintain security policies, standards, and procedures aligned with frameworks such as NIST, ISO 27001, SOC 2, and GDPR. Build and maintain secure cloud and infrastructure configurations (e.g., GCP, Oracle Cloud). Conduct code and architecture reviews with a focus on security best practices. Partner with DevOps, IT, and engineering teams to integrate security across the software development lifecycle (DevSecOps). Stay informed about emerging threats, vulnerabilities, and regulatory updates (e.g., ISO 27001, ITAR, CMMC 2.0). Deliver security awareness training to internal teams. Collaborate with compliance, legal, and business stakeholders to support audits and regulatory obligations. Qualifications: Bachelor's degree in Computer Science, Cybersecurity, or a related field. 5+ years of hands-on cybersecurity experience. Strong knowledge of security frameworks and protocols (e.g., NIST, ISO 27001, SOC 2, CIS). Expertise in network security, system hardening, and secure coding practices. Practical experience with SIEM, IDS/IPS, EDR, firewalls, and vulnerability management tools. Due to U.S. export control laws and regulations (ITAR), this position requires U.S. Person status. Preferred: Industry certifications such as CISSP, OSCP, or GIAC. Experience with security audits, penetration testing, or participation in red/blue team exercises. Strong communication skills with the ability to articulate complex security concepts to both technical and non-technical audiences. Experience in an Electronics Manufacturing environment is a plus.

We are in need of a InfoSec Engineer to join our global client on a direct hire basis. In this role you will be responsible for leading and executing information security operations across multiple locations, with a primary focus on incident response, security technologies, change management, and continuous improvement. This role safeguards the organization's digital assets by designing, implementing, and maintaining key processes and technologies such as intrusion detection, malware protection, zero-day threat mitigation, firewalls, internet filtering, and SIEM tools. Location: San Francisco, CA (Hybrid - 3 days on-site) This job expects to pay about $125,000 - $155,000 per year plus benefits What You Will Do: Security Operations & Incident Response Assist with 24x7 security operations, ensuring continuous availability and performance of critical security systems. Support aspects of incident response, including detection, escalation, containment, service recovery, and root cause analysis. Tune and configure IDS/IPS, antivirus, firewall, vulnerability management, and application assessment tools to ensure optimal protection and performance. Implement and maintain automated monitoring and logging processes; conduct regular log reviews and threat detection. Manage escalations from the Security Operations Center (SOC) and drive timely resolution of critical issues. Identify, track, and communicate key risks and security concerns using a metrics-based approach. Continuously improve incident response processes, system documentation, monitoring tools, and recovery procedures. Security Technologies & Compliance Administer and support a range of security tools and technologies including SIEM, intrusion detection/prevention systems, malware protection, encryption, and content filtering. Ensure compliance with internal information security policies and external regulatory frameworks (e.g., NIST, ISO). Develop, maintain, and enforce security documentation, workflows, and access control procedures. Monitor compliance across systems; identify gaps and coordinate remediation with stakeholders. Governance, Metrics & Strategic Planning Develop and maintain security metrics to inform leadership and guide strategic decisions. Provide input into the organization's overall information security strategy to ensure alignment with business goals. Contribute to the continuous improvement of documentation, monitoring capabilities, automation, and recovery plans. Vendor & Partner Oversight Manage relationships with third-party security vendors and service providers, ensuring contractual obligations, service quality, and compliance are met. Oversee change management activities related to externally managed security platforms and services. Collaborate with managed service providers (MSPs) to drive operational improvements and automation. Additional Responsibilities Partner with cross-functional teams to support the deployment and maintenance of security tools and services. Oversee daily security operations and escalate critical issues as appropriate. Support additional information security projects or initiatives as assigned. What You Bring to The Table: Bachelor's Degree in relevant field or other relevant professional experience 4-5+ years of experience in enterprise information security operations, with hands-on expertise in IDS/IPS, SIEM, malware protection, firewalls, and incident response Strong understanding of compliance and risk frameworks: NIST, ISO 27001 Demonstrated experience with security monitoring, threat detection, and forensic analysis. Proven ability to develop, execute, and mature operational security processes and documentation Skilled in managing security vendors and third-party services, including contract and performance oversight Excellent written and verbal communication skills, with the ability to present technical concepts clearly to both technical and non-technical stakeholders Strong attention to detail Proficient in Microsoft Office, web-based collaboration tools, and security platforms CISSP, CISM, CISA, GCIH, CEH or other related information security certifications preferred Experience with Rapid7, Zscaler, and Fortinet firewalls is a plus Experience working in a Microsoft environment is a plus Irvine Technology Corporation (ITC) is a leading provider of technology and staffing solutions for IT, Security, Engineering, and Interactive Design disciplines servicing startups to enterprise clients, nationally. We pride ourselves in the ability to introduce you to our intimate network of business and technology leaders - bringing you opportunity coupled with personal growth, and professional development! Join us. Let us catapult your career! Irvine Technology Corporation provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Irvine Technology Corporation complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.

In this role, you will drive the evolution of our infrastructure and security posture. You will have substantial ownership over our technology choices and implementation for deployment, observability, storage, and security. You will identify, triage, and implement incremental improvements in all of these domains, working closely with backend engineers and internal and external auditors to develop appropriately scoped interventions. You will work with engineers to ensure that security considerations are baked into software development from the outset. You should have a broad understanding of modern best practices around cloud architecture, data governance and infrastructure as code. You should approach questions of infrastructure and security risk with a sense of nuance and good judgment. You should be able to build consensus around your threat models such that the necessary consequences seem natural to other stakeholders. In this role, you will need to be fluent in Python and Terraform (at least to start). Company & Funding We're building the world's largest long-term insurer, using digital money and AI to serve billions of people profitably. We want anyone, anywhere, to be able to save for their future, protect their family, and build wealth across generations. We face a once-in-a-century opportunity to build a vertically integrated life (re)insurer. Our product offerings are globally unique, making it possible for us to scale our balance sheet, build modern systems from scratch, and then directly compete to win a market that is 3% of global GDP. We've raised over $140M to date. Sam Altman and Lachy Groom led our initial raise, and they've since been joined by leading investors in AI, insurance, and Bitcoin, including Northwestern Mutual, Apollo, Bain Capital, Pantera, Haun, Framework, Fulgur Ventures, MS&AD, Mouro, Stillmark, and Wences Casares. Our Bermuda operating subsidiary holds the the world's only license to issue life insurance denominated entirely in Bitcoin. It's also the only company in the world with audited financials stated in Bitcoin. (If you join us, you can expect to do a lot of things no one's ever done before.) Engineering at Meanwhile With the advent of ubiquitous AI tooling, the dynamic range in individual engineering effectiveness is only widening. At Meanwhile, we're planning for a world in which small, tight-knit engineering teams (supported by a small, tight-knit platform team) own entire lines of business, and are compensated accordingly. We're attacking a huge market with the leanest, most effective team in insurance. Where incumbents employ a thousand people, we think we can make it work with a hundred or a dozen. We're looking for hungry ICs (and former managers who see the writing on the wall) interested in pushing the boundaries of engineering productivity in a vertically integrated, regulated organization. We're growing quickly. You will fix million-dollar bugs. On the business side, we hire for deep domain expertise, ambition, and the creativity to figure out the previously impossible. Because our engineers work closely with people from the business, they need curiosity, flexibility, an appetite for (and the ability to digest) complex context, and strong communication skills. Our view is that ownership is taken, not given. You will be successful here if your work progressively builds others' trust in your ability to identify, attack, and solve larger and larger problems, including those that no one else has anticipated. We believe that "code wins arguments," that prototyping is often the best first step in a design process, and that the impact of velocity is non-linear. You are excited by putting up multiple meaningful changes, or writing thousands of lines of code, in a day (even though you know that deleting lines of code is more exciting than writing them, and that, occasionally, deep reflection is required in order to ship anything). You aren't fazed by building systems that don't work out - sometimes, you have to throw code away. Intellectual honesty is non-negotiable. You love to learn and to teach, to ask questions and to answer them, and to be transparent about your uncertainty. You are eager to learn, with the rest of the team, how to work with AI tools, including agents, in order to move faster and ship better, more complete versions of your ideas. You will experiment with new ways of working, with the expectation that some of them will be unsuccessful, and you will teach others what works. This is the most exciting time in decades to be a competent, technically ambitious engineer. We want to offer you the opportunity to see what's really possible and how much better you can get at your craft.

Create the product vision, customer persona identification, product framework for IT's compliance practices including the scopes of SOX and GxP Our client is a public biopharmaceutical company that is regulated by different governmental agencies. It is important that IT operates in a manner that is consistent, accurate, and high quality so that they stay in compliance with GxP and SOX procedures, protocols and audits. This role collaborates with IT members, QA leadership, Finance/SOX leadership, to align plans and activities to achieve successful results for GxP and SOX. ESSENTIAL DUTIES/RESPONSIBILITIES: Manage our IT systems' SOX related Governance, Risk and Compliance (SAP-GRC) component, framework and operations to maintain high quality and transparent results. Collaborate and work closely with Finance teams to set expectation and align activities. Oversee the cyclical SOX evidence sample selection, collection, data analysis, corrective actions and actively participate with the internal and external audit processes Drive the SOX Segregation of Duty analysis and related actions Ensure that IT Product Owners and product teams operate their SOX procedures with exceptions Coordinate and collaborate with business partners (e.g. Finance SOX Operations, Corporate Quality Assurance) to set priorities and directions to achieve reliable and optimal results for accurate and quality operations with successful compliance results. Represent IT's philosophy and operational requirements to our business partners Experience: Minimum of 5 years of experience with SOX compliance. Minimum of 3 years of experience managing SAP-GRC, ITGC, and SOX Experience leading IT GxP compliance practices Experience with operating and testing SOX controls a plus (in accordance with Governance Risk Compliance framework). Knowledge, Skills and Abilities: General knowledge of the Sarbanes-Oxley Act and the application to IT General knowledge of SOX IT controls and the operations and execution of SOX IT Controls Advance skills and abilities managing consultants and Managed Service Providers Comprehensive experience with IT development lifecycle and support methodologies Comprehensive experience with project management The salary range provided for this contract role represents our good faith estimate for this position. Within the range, individual offers will vary based on the selected candidate's experience, industry knowledge, technical and communication skills, location and other factors that may prove relevant during the interview process (W2 or C2C). In addition to compensation, the company provides eligible W2 employees with a comprehensive and highly competitive benefits package. I.T. Solutions, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

blue Stone Recruiting is a national search firm with a focus of placing top Cyber Security talent from the Analyst level to CISO with prestigious organizations nationwide Job Description Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional InformationWork with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

Mindlance is a national recruiting company which partners with many of the leading employers across the country. Feel free to check us out at ************************* Hope you are doing fine, Please have a look at the job description and if you are comfortable with the role and responsibilities please revert with your updated resume. Job title:- Threat Intelligence Analyst/Security Analyst Location:- San Francisco CA Duration:- 6- 12 Months Contract Responsibilities: • Differentiate, collect, and evaluate technical and open source data to produce threat intelligence products; • Identify credible, new intelligence and subject matter resources relative to current/emerging threats; • Analyze reports to understand threat campaign techniques and lateral movements and extract indicators of compromise (IOCs). • Manage and maintain threat intelligence platforms and feeds • Conduct research on emerging products, services, protocols, and standards relative to the information security arena Required Qualifications: • 3-5 year's experience performing threat i management operational activities, including threat intelligence gathering and analysis, and threat metrics development and reporting • Experience working with large/multi-national organizations • Demonstrated use of analytic tools and platforms • In-depth knowledge of information security threats Windows and Unix/Linux platforms • The demonstrated ability to work effectively in a collaborative team environment as an individual contributor. • The ability to provide support after normal business hours, as needed. Preferred Qualifications: • Direct experience with Threat intelligence Platform tools • Experience with developing threat intelligence briefings Additional Information Thanks & Regards, Vikrant Thakur ************

Our Company Changing the world through digital experiences is what Adobe's all about. We give everyone-from emerging artists to global brands-everything they need to design and deliver exceptional digital experiences! We're passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen. We're on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours! The Opportunity The Adobe Security organization seeks a proactive force multiplier with experience skillfully leading multiple technical programs, running a healthy portfolio, working directly with leadership, and delighting stakeholders. Our ideal candidate has superb communication and relationship-building skills and a solid track record of driving business outcomes through managing large programs. In addition, familiarity with fundamentals in key security operations and related security compliance frameworks could help this candidate have an immediate impact. If you excel at navigating complexity with multiple internal customers, are a master planner who helps teams foresee challenges and risks and guides them through them, and are equipped with a diverse technical program management toolbox, we can't wait for you to join our Security PMO team! What you'll Do * Partner directly with security leadership to build a portfolio of key programs. Lead and monitor the health and execution of several key initiatives with insights into status, risks, dependencies, roadblocks, and budget across the organization's program portfolio. * Ensure a healthy program portfolio in Adobe's Technology GRC (Governance, Risk, and Compliance) organization with a clearly defined roadmap. * Bring together cross-functional teams to deliver business outcomes for high-priority programs through clear planning, execution, partnership, and communication. * Make things easier for all collaborators of your program portfolio by driving simplicity, clarity, and efficiency in all aspects of your work. * Reduce program risk by proactively identifying, communicating, and removing roadblocks. * Build trust through visibility. Provide accurate and timely data-driven status reports for a broad audience and lead executive governance meetings. * Effectively handle program financials, including driving accurate budget forecasts. What you need to succeed * Exceptional communication skills for effective engagement with both engineers and executives in meetings, presentations, and writing. Excel at building strong and trusted partner relationships. * 7+ years as a program manager in the security domain with portfolio-level oversight experience. Demonstrate strong knowledge in the compliance field and have worked closely with the compliance teams on projects. * Experience leading programs involving AI systems and workflows (e.g., MCP servers, RAG capabilities, LLM integrations, or related AI infrastructure). * Established history of effectively managing programs from inception, prioritizing, and strategizing to implementation, reporting, and successful delivery of intricate projects with many significant internal customers. * Demonstrated Agile practice experience in software projects and familiarity with Jira (including query and dashboarding), O365 Suite, MS Teams, SharePoint, MS Project, Excel, and Miro or equivalent experience * Familiarity with compliance frameworks such as ISO 42001, SOC2, HIPAA, PCI DSS, ISO27001, ISO27017/18, ISO22301, and Geo-compliance programs. * Preferred Certifications: CISSP, CISM, PMP, or equivalent credentials demonstrating expertise in cybersecurity and program leadership. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The U.S. pay range for this position is $124,300 -- $234,600 annually. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience. Your recruiter can share more about the specific salary range for the job location during the hiring process. In California, the pay range for this position is $162,000 - $234,600 In New York, the pay range for this position is $162,000 - $234,600 At Adobe, for sales roles starting salaries are expressed as total target compensation (TTC = base + commission), and short-term incentives are in the form of sales commission plans. Non-sales roles starting salaries are expressed as base salary and short-term incentives are in the form of the Annual Incentive Plan (AIP). In addition, certain roles may be eligible for long-term incentives in the form of a new hire equity award. State-Specific Notices: California: Fair Chance Ordinances Adobe will consider qualified applicants with arrest or conviction records for employment in accordance with state and local laws and "fair chance" ordinances. Colorado: Application Window Notice If this role is open to hiring in Colorado (as listed on the job posting), the application window will remain open until at least the date and time stated above in Pacific Time, in compliance with Colorado pay transparency regulations. If this role does not have Colorado listed as a hiring location, no specific application window applies, and the posting may close at any time based on hiring needs. Massachusetts: Massachusetts Legal Notice It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Adobe is proud to be an Equal Employment Opportunity employer. We do not discriminate based on gender, race or color, ethnicity or national origin, age, disability, religion, sexual orientation, gender identity or expression, veteran status, or any other applicable characteristics protected by law. Learn more. Adobe aims to make Adobe.com accessible to any and all users. If you have a disability or special need that requires accommodation to navigate our website or complete the application process, email accommodations@adobe.com or call **************.

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU. If you'd like to build the world's best AI cloud, join us. *Note: This position requires presence in our San Francisco or San Jose office location 4 days per week; Lambda's designated work from home day is currently Tuesday. What You'll Do Validate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives Manage IT Risk Register including risk identification, tracking, and prioritization. Assist with and drive remediation of control deficiencies and gaps Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.) Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting Assist with the Customer Trust program which may include managing customer assessments, and security questionnaires Assist control owners with root cause analysis and track risk management action plan progress. Create risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings Assist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements You Have a minimum of 8 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements Have experience managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks Have experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations Possess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives Nice to Have Experience in the machine learning or computer hardware industry Experience with Security by Design and/or Privacy by Design principles Experience with standard cyber controls frameworks, including CIS Top18, NIST Cyber Security Framework (CSF), NIST 800.53, NIST 800.171, CMMC, Cybersecurity Maturity Model Certification (CMMC), ISO 27001 and 27701, and SOX ITGC control frameworks. Broad knowledge of IT infrastructure and architecture of computer systems as well as exposure to a variety of platforms such as operating systems, networks, databases, and ERP systems Familiarity with using third-party tools such as Audit Board, Whistic, RSA Archer, ServiceNow for third-party risk management Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Experience in the AI infrastructure, machine learning and/or computer hardware industry Salary Range Information The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description. About Lambda Founded in 2012, with 500+ employees, and growing fast Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG Our values are publicly available: ************************* We offer generous cash & equity compensation Health, dental, and vision coverage for you and your dependents Wellness and commuter stipends for select roles 401k Plan with 2% company match (USA employees) Flexible paid time off plan that we all actually use A Final Note: You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills. Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.

xAI's mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company's mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All engineers are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates. About the Role You will be responsible for leading day-to-day security threat management. You will help identify and manage potential incidents and work with partner teams on known or suspected security threats. You will support threat intelligence, threat hunting, intrusion detection, and incident response efforts that adhere to, and push forward, best practices. Responsibilities Drive continual improvement in processes, procedures and automations to improve the quality and effectiveness of the team. Participate in a 24/7 on-call rotation performing security incident response Commandeering security incidents and updating stakeholders. Identify and develop new detection use cases and optimize existing detections. Collaborate on technical directions and solutions with other teams. Research and analyze patterns in security events across X's global infrastructure. Identify, design, and lead threat hunting missions to quantify and reduce threats. Manage and support the log collection, security scanning, intrusion detection, and other security-related systems. Design and assist in the development of automation to reduce false positives and handle events automatically. Analyze the security posture of systems via testing and vulnerability impact analysis. Required Qualifications 2+ years of relevant information security experience Self starter, can receive a task and execute with minimal supervision Strong Python scripting skills for implementing security automation Knowledge of networking and mac OS, Windows or Linux operating systems. Knowledge of cloud security fundamentals and practices (vendor agnostic). Experience managing and/or deploying security technology. Experience with building queries and dashboards for security monitoring. Knowledge of current threats and techniques and a desire to research and learn more. Experience with malware analysis, forensics or penetration testing. Problem solving skills or experience with troubleshooting. Preferred Qualifications Elastic / OpenSearch or similar platforms Open Source security automation tooling Annual Salary Range $140,000 - $180,000 USD Benefits Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks. xAI is an equal opportunity employer. California Consumer Privacy Act (CCPA) Notice

ABOUT THE ROLE You'll be our first dedicated security leader, owning the technical execution of our security and compliance program. You'll drive SOC 2 and PCI DSS compliance, manage our vulnerability program, and build security capabilities that enable our engineering teams to move fast while staying secure. This is a hands-on role-you'll design controls, write policies, respond to incidents, and work directly with auditors. This is initially an individual contributor role with high impact and visibility. As our security program matures, you'll have the opportunity to build and lead a security team. IN THIS ROLE, YOU WILL Own Compliance Lead SOC 2 Type II and PCI DSS programs through successful audit Design and implement security controls without blocking velocity Serve as primary technical contact for external auditors and assessors Manage third-party vendor security assessments and ongoing monitoring Build automated evidence collection and continuous compliance monitoring Report security metrics and program status to executive leadership Manage Security Operations Establish vulnerability management program with defined SLAs and remediation workflows Own end-to-end vulnerability management: identify, assess, prioritize, and drive remediation to completion across infrastructure and applications Manage external penetration testing program with third-party vendors, including scoping, assessment review, and remediation tracking Perform internal penetration testing and security assessments of applications, APIs, and infrastructure Build SIEM detection rules, security dashboards, and alert triage processes Develop and test incident response runbooks Conduct threat modeling for critical systems and architectural changes Lead security assessments of new technologies and third-party integrations Enable & Collaborate Partner with platform engineering to implement security roadmap: AWS landing zone design, PAM/JIT workflows, account segmentation, disaster recovery testing Enforce enterprise security controls (SSO, secrets management, RBAC) Build and deliver security awareness training program for all employees Develop and maintain security policies, standards, and procedures Translate compliance requirements into actionable engineering tasks and drive completion YOU HAVE Security & Compliance: 5+ years in information security, with 2+ years in fintech or highly regulated industry CISSP certification (or actively pursuing - must obtain within 12 months of hire) Hands-on experience leading SOC 2 and PCI DSS audits from start to finish Strong incident response background-you've led real security incidents Experience with vulnerability management platforms (Wiz, Snyk, Tenable) Technical Skills: Solid understanding of AWS security: IAM, Security Hub, GuardDuty, CloudTrail, KMS Experience with SIEM platforms (Splunk, Datadog, Elastic)-you can write detection rules and build dashboards Hands-on experience with vulnerability assessment and penetration testing tools (Burp Suite, Nessus, Qualys, or similar) Ability to read code (Ruby, JavaScript, Python) and assess security implications Knowledge of web application security, API security, and OWASP Top 10 Understanding of access control patterns (PAM, SSO, RBAC, least privilege) Core Competencies: Strong communication-you can explain risks to engineers and executives alike Pragmatic risk management in fast-paced environments Self-starter who builds programs from scratch Collaborative mindset-security as enabler, not blocker Ability to drive remediation to completion across teams NICE TO HAVE Additional certifications (CISM, CISA, CCSP, CEH, OSCP, CRISC) Experience managing WAF deployments (Palo Alto, Cloudflare, AWS WAF) Infrastructure-as-code experience (Pulumi, Terraform) Kubernetes security knowledge SOAR platform experience DevSecOps or security automation background Scripting skills (Python, Bash) for security tooling and automation Kikoff: A FinTech Unicorn Powering Financial Progress with AI At Kikoff, our mission is to provide radically affordable financial tools to help consumers achieve financial security. We're a profitable, high growth FinTech unicorn serving millions of people, many of whom are building credit or navigating life paycheck to paycheck. With innovative technology and AI, we simplify credit building, reduce debt, and expand access to financial opportunities to those who need them the most. Founded in 2019, Kikoff is headquartered in San Francisco and backed by top-tier VC investors and NBA star Stephen Curry. Why Kikoff: This is a consumer fintech startup, and you will be working with serial entrepreneurs who have built strong consumer brands and innovative products. We value extreme ownership, clear communication, a strong sense of craftsmanship, and the desire to create lasting work and work relationships. Yes, you can build an exciting business AND have real-life real-customer impact. 🏥 Medical, dental, and vision coverage - Kikoff covers the full cost of health insurance for the employee! 📈 Meaningful equity in the form of RSU's 🏝 Flexible vacation policy to help you recharge 💰 Competitive pay based on experience consisting of base + equity + benefits Location: Hybrid, 3 days onsite in San Francisco, CA. Visa sponsorship available: Kikoff is willing to provide sponsorship for H1-B visas and U.S. green cards for exceptional talent. Equal Employment Opportunity Statement Kikoff Inc. is an equal opportunity employer. We are committed to complying with all federal, state, and local laws providing equal employment opportunities and considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. Please reference the following for more information. If you need reasonable accommodation for a job opening please connect with us at ***************** and describe the specific accommodation requested for a disability-related limitation. Reasonable accommodations are modifications or adjustments to the application or hiring process that would enable you to fully participate in that process. San Francisco Fair Chance Ordinance: Pursuant to the San Francisco Fair Chance Ordinance, Kikoff will consider for employment qualified applicants with arrest and conviction records.

The Department of Public Health prioritizes equitable and inclusive access to quality healthcare for its community and values the importance of diversity in its workforce. All employees at the Department of Public Health work to advance equity, inclusion, and diversity with a specific lens and focus on race, ethnicity, gender, sex, sexuality, disability, and immigration status. This is a Position-Based Test conducted in accordance with CSC Rule 111A. Learn more about the City's hiring process here: ***************************************** * Application Opening: Friday, November 21, 2025 * Application Deadline: Application filing will close on or after Friday, January 9, 2026. * Salary: $180,440 - $230,308 Annually (Range A) * Appointment Type: Permanent Civil Service * Recruitment ID: PBT-0933-160818 Becoming a City employee means being a part of a team that cares about making a difference. Your work will shape both the present and future of San Francisco. When you work for the City, you're choosing a job with purpose. The mission of the San Francisco Department of Public Health (SFDPH) is to protect and promote the health of all San Franciscans. SFDPH strives to achieve its mission through the work of several divisions - the San Francisco Health Network, Population Health Division, Behavioral Health Services, and Central Administration. The San Francisco Health Network is the City's only complete system of care and has locations throughout the City, including Zuckerberg San Francisco General Hospital and Trauma Center, Laguna Honda Hospital and Rehabilitation Center, and over 15 primary care health centers. The Population Health Division (PHD) provides core public health services for the City and County of San Francisco: health protection, health promotion, disease and injury prevention, disease surveillance, and disaster preparedness and response. Behavioral Health Services operates in conjunction with SFHN and provides a range of mental health and substance use treatment services. Central Administration houses core support organizations, including Finance, Information Technology (IT), Human Resources, Privacy and Compliance, Business Office, Facilities Management, and Security Services. Role description The San Francisco Department of Public Health is seeking a dynamic and experienced cybersecurity professional to join its IT leadership team. As a key strategic leader, the Chief Information Security Officer (CISO) (0933 Manager V) will be responsible for developing and executing a comprehensive information security strategy that safeguards the department's systems, data, and services. This role leads the implementation of an enterprise-wide security program that promotes collaboration, strengthens governance, and aligns cybersecurity initiatives with organizational goals. The CISO serves as a trusted advisor to senior leadership, providing expert guidance on risk management, security investments, and policy development. The CISO oversees a team of cybersecurity professionals within the SFDPH IT division and collaborates extensively with the CISO for the City and County of San Francisco. We are looking for a visionary and collaborative leader who can balance innovation with risk mitigation, and who thrives in a complex, mission-driven environment. The CISO reports directly to the Chief Information Officer (CIO). The Chief Information Security Officer (0933 Manager V) performs the following essential job functions: * Provides strategic leadership in evaluating and mitigating information security threats across the organization using a structured, risk-based methodology. Advises executive leadership on identified risks and ensures timely execution of mitigation and remediation plans with integrity and discretion * Directs the ongoing development of the department's information security program, including project portfolio management, incident response, policy frameworks, compliance activities, threat and vulnerability management, and third-party risk management * Allocates and manages resources to support a robust security strategy. Identifies and advocates for strategic investments, oversees capital and operating budgets, and delivers ROI analyses and budget recommendations * Partners with the Office of Compliance and Privacy Affairs to assess data security risks related to contracts, projects, artificial intelligence solutions, and other initiatives. Develops tools and interventions to mitigate risks, establishes performance metrics, and monitors compliance through audits and assessments * Builds alignment and support for security goals and initiatives across internal and external stakeholders. Communicates effectively with leadership at all levels on trends, risks, and the overall effectiveness of the security program * Promotes awareness and understanding of regulatory requirements across the organization. Leads or collaborates on testing and auditing activities to ensure ongoing compliance and successful certifications * Analyzes security requirements and ensures compliance with industry standards such as HIPAA, NIST, and PCI-DSS * Establishes and maintains comprehensive policies and procedures to support effective and sustainable security operations * Serves as the department's representative in security-related matters with City agencies and partners * Continuously monitors emerging trends, technologies, and best practices in cybersecurity to ensure the department's security posture remains current and effective The Chief Information Security Officer (0933 Manager V) may perform other duties as assigned/required. How to qualify 1. Education: Bachelor's degree from an accredited college or university; AND 2. Experience: Five (5) years of professional healthcare information systems security experience, of which three (3) years must include supervising IT professionals. Education Substitution: Additional experience as described above may be substituted for the required degree on a year-for-year basis. One (1) year is equivalent to thirty (30) semester units / forty-five (45) quarter units. Applicants must meet the minimum qualification requirements by the final filing date unless otherwise noted. One-year full-time employment is equivalent to 2,000 hours (2,000 hours of qualifying work experience is based on a 40-hour work week). Desirable Qualifications: The stated desirable qualifications may be considered at the end of the selection process when candidates are referred for hiring: * Possession of a Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) certification Verification of Education and Experience: Every application is reviewed to ensure that you meet the minimum qualifications as listed in the job ad. Review SF Careers Employment Applications for considerations taken when reviewing applications. Applicants may be required to submit verification of qualifying education and experience at any point during the recruitment and selection process. If education verification is required, information on how to verify education requirements, including verifying foreign education credits or degree equivalency, can be found at ******************************************************* Note: Falsifying one's education, training, or work experience or attempted deception on the application may result in disqualification for this and future job opportunities with the City and County of San Francisco. What else should I know? Selection Procedures: After application submission, candidates deemed qualified must complete all subsequent steps to advance in this selection process, which includes the following: Supplemental Questionnaire (SQ) Examination (Weight: 100%) Candidates that meet the minimum qualifications will be invited to participate in a Supplemental Questionnaire (SQ) examination that is designed to measure the knowledge, skills, and abilities in job related areas which may include but not be limited to: Knowledge of local, State and Federals laws and regulations relating to information security, including but not limited to HIPAA and HITECH; Knowledge of information security technology frameworks and standards, including but not limited to NIST, HITRUST, COBIT, ISO 27001, PCI-DSS or similar cyber security frameworks; Knowledge of technology relating to enterprise wide information security protection; Knowledge of structured systems analysis and design practices and techniques; common operating systems software and relational database systems; hospitals or community health network environments; Ability to apply principles and practices of management, administration, budgeting, training, and personnel management; Ability to manage, supervise, train and coordinate complex functional area of responsibility and groups of employees; Ability to analyze and report on activities, issues and problems and recommend appropriate solutions; Ability to communicate effectively orally; Ability to communicate effectively in writing; Ability to exercise judgement, decisiveness and creativity required in situations involving the direction, control and planning of a program(s); manage critical timelines effectively; Ability to establish and maintain good working relationships with department personnel, staff, vendors, peers, and management, and engage and influence a broad range of stakeholders (e.g. HR, IT, Legal, Compliance, senior management, etc.) Candidates must achieve a passing score on the Supplemental Questionnaire exam in order to continue in the selection process and will be placed on the confidential eligible list in rank order according to their final score. Additional selection processes may be conducted by the hiring department prior to making final hiring decisions. Certification The certification rule for the eligible list resulting from this examination will be the Rule of the List. Eligible List/Score Report: A confidential eligible list of applicant names that have passed the civil service examination process will be created and used for certification purposes only. An examination score report will be established, so applicants can view the ranks, final scores, and number of eligible candidates. Applicant information, including names of applicants on the eligible list, shall not be made public unless required by law. However, an eligible list shall be made available for public inspection, upon request, once the eligible list is exhausted or expired and referrals resolved. The eligible list/score report resulting from this civil service examination process is subject to change after adoption (e.g., as a result of appeals), as directed by the Human Resources Director or the Civil Service Commission. The duration of the eligible list resulting from this examination process will be of six months and may be extended with the approval of the Human Resources Director. To find Departments which use this classification, please see the city's Position Counts by Job Codes and Departments. Terms of Announcement and Appeal Rights: Applicants must be guided solely by the provisions of this announcement, including requirements, time periods and other particulars, except when superseded by federal, state or local laws, rules, or regulations. Clerical errors may be corrected by the posting the correction on the Department of Human Resources website at ************************ The terms of this announcement may be appealed under Civil Service Rule 111A.35.1. The standard for the review of such appeals is 'abuse of discretion' or 'no rational basis' for establishing the position description, the minimum qualifications and/or the certification rule. Appeals must include a written statement of the item(s) being contested and the specific reason(s) why the cited item(s) constitute(s) abuse of discretion by the Human Resources Director. Appeals must be submitted directly to the Executive Officer of the Civil Service Commission within five business days of the announcement issuance date. Additional information regarding Employment with the City and County of San Francisco: * Information about the Hiring Process * Conviction History * Employee Benefits Overview * Equal Employment Opportunity * Disaster Service Workers * ADA Accommodation * Right to Work * Copies of Application Documents * Diversity Statement * Veterans Preference * Seniority Credit in Promotional Exams Where to Apply All job applications for the City and County of San Francisco must be submitted through our online portal. Please visit *********************** to begin your application process. Applicants may be contacted by email about this recruitment. Please consider using a personal email address that you check regularly rather than a work or school account. Computers are available for the public (9:00 a.m. to 4:00 p.m. Monday through Friday) to file online applications in the lobby of the Dept. of Human Resources at 1 South Van Ness Avenue, 4th Floor and at the City Career Center at City Hall, 1 Dr. Carlton B. Goodlett Place, Room 110. Ensure your application information is accurate, as changes may not be possible after submission. Your first and last name must match your legal ID for verification, and preferred names can be included in parentheses. Use your personal email address, not a shared or work email, to avoid unfixable issues. Applicants will receive a confirmation email from ******************************** that their online application has been received in response to every announcement for which they file. Applicants should retain this confirmation email for their records. Failure to receive this email means that the online application was not submitted or received. If you have any questions regarding this recruitment or application process, please contact the analyst, Marielle Saldajeno at **************************** or **************. We may use text messaging to communicate with you on the phone number provided in your application. The first message will ask you to opt in to text messaging. The City and County of San Francisco encourages women, minorities and persons with disabilities to apply. Applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical disability, mental disability, medical condition (associated with cancer, a history of cancer, or genetic characteristics), HIV/AIDS status, genetic information, marital status, sexual orientation, gender, gender identity, gender expression, military and veteran status, or other protected category under the law.

Job Description About us: Lucence is a pioneering precision oncology company with a bold vision: a world where cancer is defeated through early detection and timely treatment. Our cutting-edge liquid biopsy tests use advanced molecular profiling to guide personalized cancer therapies, transforming how cancer is diagnosed and treated. At Lucence, we are shaping the future of precision medicine by capturing both genetic and cellular data from a single blood draw, bringing us closer to our mission of overcoming cancer. We are looking for an Information Security & Compliance Manager to lead Lucence's SOC 2 compliance programmes. You will own our internal controls, audits, and security governance frameworks, ensuring the company meets the standards required for global diagnostics operations. Key Responsibilities Compliance Ownership Own SOC 2 Type I/II, and build on HIPAA and cybersecurity certification roadmaps. Maintain documentation, evidence repositories, and ongoing readiness. Internal Controls & Policies Build, refine, and enforce security policies, risk registers, and access-control processes. Audit Management Partner with external auditors, coordinate internal contributors, drive remediation plans, and ensure timely closure of findings. Vendor & Data Protection Reviews Conduct security due diligence for vendors, manage DPAs, and ensure data-flow compliance for global partners. Security Governance Implement quarterly control testing, internal audits, DR/BCP drills, and continuous monitoring of compliance gaps. Cross-Functional Partnering Work closely with external vendors, Informatics, IT, Lab Ops, and Commercial teams to embed security into product and operational workflows. Preferred Qualifications Experience owning SOC 2 or ISO audit cycles end-to-end. Familiarity with cloud environments (AWS/Azure/GCP) and modern security tooling. Attention to detail to improve policies, controls, and audit documentation. Certifications: ISO Lead Auditor, CISA, CISSP, or equivalent.

Magic's mission is to build safe AGI that accelerates humanity's progress on the world's most important problems. We believe the most promising path to safe AGI lies in automating research and code generation to improve models and solve alignment more reliably than humans can alone. Our approach combines frontier-scale pre-training, domain-specific RL, ultra-long context, and inference-time compute to achieve this goal. About the role As a Software Engineer on the Supercomputing Platforms and Infrastructure team, you will build the next generation systems that power large scale AI research and deployment. You will focus on sandboxed execution environments, distributed systems orchestration, and performance optimized compute workflows. You will work closely with ML and Research teams and infrastructure teams to deliver both high throughput, scale, and strong isolation guarantees in a cluster environment. What you might work on Build highly scalable, highly performant, software that facilitates arbitrary code execution with strong isolation guarantees. Design and build systems that allow our AI models to interface with machines in various modes, interactive terminal, GUI applications, etc. Provision and operate high density compute and storage nodes (NVMe, high IOPS SSDs, high bandwidth networks), and build software that performs efficient load balancing, and resource utilization across them. Instrument and optimize end to end performance including storage IO, network bandwidth, CPU, memory, and endurance constraints. Develop APIs, self service platforms, and automation and tools so researchers and engineers can deploy and monitor workloads at scale. Troubleshoot complex infrastructure issues across OS, drivers, hardware, storage systems (local NVMe, block storage, NFS), networking, namespace isolation, and cloud or hybrid environments. Produce clean, documented code and developer workflows, and collaborate with SRE and security teams to ensure safe, reliable, and self serviceable compute offerings. What we are looking for Strong software engineering background (C, C++, Go, Rust, or similar systems languages). Experience designing or operating sandboxed or isolated execution environments (namespaces, cgroups, container runtime internals), or strong interest in this area. Experience building or operating distributed systems or parallel processing frameworks (scatter aggregate processing, worker pools, multi thread and multi process coordination, shared memory, atomics, merging strategies). Solid understanding of storage and IO subsystems (NVMe, SSD endurance, write amplification), network performance, CPU and memory resource constraints in high performance compute clusters. Comfortable working on low level systems (OS, threading, memory management, synchronization) as well as higher level orchestration or automation. Experience with cloud infrastructure (GCP, AWS, Azure, etc.) including IaC tools such as OpenTofu, Terraform, Pulumi, or CDK is a plus. Intellectual curiosity, strong ownership, and the ability to make tradeoffs in ambiguous environments such as latency versus throughput and isolation versus performance. Nice to haves Prior experience with GPU scheduling, RDMA networking, or bare metal HPC clusters Contributions to open source container runtimes or sandboxing frameworks Experience with kernel internals, device drivers, or SSD and NVMe endurance modeling Familiarity with Rust for systems programming or Go for infrastructure orchestration Why join us You will work at the cutting edge of AI infrastructure including large compute clusters, advanced metrics engines, and next generation sandboxing systems for untrusted workloads. The problems you solve will be foundational, for example how to securely and efficiently run arbitrary research code across thousands of GPUs or high end SSDs. You will join a collaborative and hands-on team where you are building rather than only modeling. Excellent compensation and equity, generous benefits, and high impact. Our culture: Integrity. Words and actions should be aligned Hands-on. At Magic, everyone is building Teamwork. We move as one team, not N individuals Focus. Safely deploy AGI. Everything else is noise Quality. Magic should feel like magic Compensation and benefits (US) Annual salary range: 200,000 USD to 550,000 USD depending on seniority Significant equity component 401(k) with matching, comprehensive health, dental, and vision insurance, unlimited paid time off, visa sponsorship and relocation support Fast paced, mission driven environment focused on safely advancing AGI for humanity

Palo Alto, CA (on-site) About 1X We build humanoid robots that work alongside people to solve labor shortages and create abundance. The Role We are seeking a Product Security Engineer with expertise in operating system security to strengthen the foundation of our robotics platform. In this role, you will design and implement security features such as secure boot, trusted execution environments, and system service hardening. Your work will ensure that sensitive operations and data remain protected while enabling developers to follow security best practices. This position is critical to increasing the resilience and trustworthiness of our systems. You Will * Develop and maintain secure critical services for Linux systems * Implement secure boot chains using fused hardware keys with rollback protection * Integrate OP-TEE to safeguard sensitive assets including mTLS certificates and disk encryption keys * Harden system services using least-privilege operations, systemd features, namespacing, and syscall filtering * Build hardening templates and automation tools to streamline security enforcement for developers * Automate security validation processes within CI/CD pipelines * Design and enforce device access controls for Linux systems * Contribute and ship C/C++ code (or similar) to production environments

We are seeking a Cybersecurity Risk Analyst to support managing and mitigating security risks across processes, technologies, and cloud environments. The ideal candidate will combine technical expertise, business acumen, and cybersecurity experience to advise partners, assess risks, and drive improvements in secure operations. This role requires hands on experience with Kusto Query Language (KQL), cloud security, and risk assessment, as well as the ability to communicate effectively with stakeholders at all levels. Must be local to San Francisco or Los Angeles (LA) or Salt Lake City (SLC). Responsibilities: Support risk strategies by identifying and mitigating security risks in bank systems and processes. Apply and interpret security policies, provide guidance and input on policy enhancements. Advise business and technical partners on security controls, procedures, and best practices. Assess cloud and on-prem environments to identify risks and recommend control improvements. Conduct security control assessments, document findings, and develop actionable remediation plans. Evaluate third-party vendors to determine shared security responsibilities and associated risks. Communicate security risks and mitigation strategies effectively to technical teams and executives. Collaborate across teams to drive secure operations and deliver results in a fast-paced environment. Qualifications: Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related technical discipline (or equivalent experience). 3+ years of experience in cybersecurity, information security, or technology risk management. Proficiency in Kusto Query Language (KQL) for data analysis, log correlation, and threat detection. In-depth understanding of security frameworks such as NIST, ISO 27001, or FedRAMP. Demonstrated experience assessing and improving security posture across Cloud (Azure, AWS) and on-premises environments. Proven ability to conduct security control assessments, identify risk exposures, and develop actionable remediation plans. Skilled at translating technical security concepts into clear, business-relevant insights for stakeholders and executives. Excellent communication, collaboration, and interpersonal skills, with a focus on building trusted partnerships across technical and business teams. Strong organizational and analytical skills, with the ability to manage multiple initiatives in a fast-paced, results-driven environment.

About the Company Atomus' mission is to provide world class cybersecurity for the world's most critical organizations. We build security compliance software delivered as managed services sold directly, with relevant professional services and support. Examples of our commercial customers include hypersonic aircraft companies, satellite and space mission systems companies, AI and software companies, among many other companies serving primarily the aerospace and defense industry. At Atomus we are hardworking, we move fast, and we put our customers first. About the Role As a Cybersecurity Engineer will work closely with customers to help them implement and fully leverage Atomus' cybersecurity products, maintain compliance with NIST 800-171 and CMMC cybersecurity standards, and solve technical challenges. Our customers depend on Atomus to manage and secure their Windows, MacOS, Ubuntu, iOS, Android devices, and Firewalls while ensuring compliance. We aim to provide the best possible support when they have questions. Our team's main goal is to simplify our customers' lives, for compliance and security. You will serve as the voice of the customer by sharing their feedback and insights with our product team and reporting any issues to our software engineers. We take pride in delivering amazing experiences for our customers. Responsibilities Manage and guide new customers through the onboarding process, ensuring proper setup, configuration, and alignment with their security programs and establishing baseline compliance requirements of NIST 800-171 and CMMC while performing technical tasks/project management required for onboardings. Serve as the first point of contact for technical inquiries, providing debugging, troubleshooting, and solutions for technical IT/security issues related to the Atomus platform. Work closely with internal teams (sales, product, engineering) along with partners/vendors for customer requirements to communicate customer feedback and advocate for customer needs in product development and rolling out 3rd party products. Assist customers in managing and maintaining NIST 800-171 and CMMC compliance requirements, ensuring IT documentation is updated and maintained. Required Skills Experience in a customer-facing technical role, IT administrator, solutions engineer, Technical Customer Success, or TAM role preferably in cybersecurity or compliance. Strong experience with cybersecurity frameworks and technologies (e.g., NIST, CMMC, firewalls, routers, encryption tools). Intermediate networking knowledge of WAN and LAN connectivity, routers, firewalls, switches, security, etc. Experience with Microsoft Intune, Active Directory, Windows, MacOS and ABM, as well as mobile platforms like Android and iOS. Advanced understanding of Microsoft products (Exchange, SharePoint, Windows, Windows Server, Active Directory, etc.). Familiarity with command-line tools (e.g., PowerShell, Terminal) for troubleshooting and deployment. Strong troubleshooting skills, particularly related to network security, software issues, and IT environments. Excellent verbal and written communication skills; ability to explain complex topics to both technical and non-technical audiences. Applicants must have strong emotional intelligence to intuit and match customer sentiment for effective communication. Preferred Skills Prior experience with NIST 800-171, CMMC, or other compliance standards. Ability to manage multiple customer accounts and onboarding projects simultaneously. Familiarity with CRM platforms (HubSpot), and compliance documentation tools while managing SLAs which include customer satisfaction, initial response, and issue resolution times.

Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional Information Work with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

: Company Description The Department of Public Health prioritizes equitable and inclusive access to quality healthcare for its community and values the importance of diversity in its workforce. All employees at the Department of Public Health work to advance equity, inclusion, and diversity with a specific lens and focus on race, ethnicity, gender, sex, sexuality, disability, and immigration status. This is a Position-Based Test conducted in accordance with CSC Rule 111A. Learn more about the City's hiring process here: **************** sf. gov/knowledge/process/Application Opening: Friday, November 21, 2025Application Deadline: Application filing will close on or after Friday, January 9, 2026. Salary: $180,440 - $230,308 Annually (Range A) Appointment Type: Permanent Civil ServiceRecruitment ID: PBT-0933-160818 Becoming a City employee means being a part of a team that cares about making a difference. Your work will shape both the present and future of San Francisco. When you work for the City, you're choosing a job with purpose. The mission of the San Francisco Department of Public Health (SFDPH) is to protect and promote the health of all San Franciscans. SFDPH strives to achieve its mission through the work of several divisions - the San Francisco Health Network, Population Health Division, Behavioral Health Services, and Central Administration. The San Francisco Health Network is the City's only complete system of care and has locations throughout the City, including Zuckerberg San Francisco General Hospital and Trauma Center, Laguna Honda Hospital and Rehabilitation Center, and over 15 primary care health centers. The Population Health Division (PHD) provides core public health services for the City and County of San Francisco: health protection, health promotion, disease and injury prevention, disease surveillance, and disaster preparedness and response. Behavioral Health Services operates in conjunction with SFHN and provides a range of mental health and substance use treatment services. Central Administration houses core support organizations, including Finance, Information Technology (IT), Human Resources, Privacy and Compliance, Business Office, Facilities Management, and Security Services. Job Description The San Francisco Department of Public Health is seeking a dynamic and experienced cybersecurity professional to join its IT leadership team. As a key strategic leader, the Chief Information Security Officer (CISO) (0933 Manager V) will be responsible for developing and executing a comprehensive information security strategy that safeguards the department's systems, data, and services. This role leads the implementation of an enterprise-wide security program that promotes collaboration, strengthens governance, and aligns cybersecurity initiatives with organizational goals. The CISO serves as a trusted advisor to senior leadership, providing expert guidance on risk management, security investments, and policy development. The CISO oversees a team of cybersecurity professionals within the SFDPH IT division and collaborates extensively with the CISO for the City and County of San Francisco. We are looking for a visionary and collaborative leader who can balance innovation with risk mitigation, and who thrives in a complex, mission-driven environment. The CISO reports directly to the Chief Information Officer (CIO). The Chief Information Security Officer (0933 Manager V) performs the following essential job functions:Provides strategic leadership in evaluating and mitigating information security threats across the organization using a structured, risk-based methodology. Advises executive leadership on identified risks and ensures timely execution of mitigation and remediation plans with integrity and discretion Directs the ongoing development of the department's information security program, including project portfolio management, incident response, policy frameworks, compliance activities, threat and vulnerability management, and third-party risk management Allocates and manages resources to support a robust security strategy. Identifies and advocates for strategic investments, oversees capital and operating budgets, and delivers ROI analyses and budget recommendations Partners with the Office of Compliance and Privacy Affairs to assess data security risks related to contracts, projects, artificial intelligence solutions, and other initiatives. Develops tools and interventions to mitigate risks, establishes performance metrics, and monitors compliance through audits and assessments Builds alignment and support for security goals and initiatives across internal and external stakeholders. Communicates effectively with leadership at all levels on trends, risks, and the overall effectiveness of the security program Promotes awareness and understanding of regulatory requirements across the organization. Leads or collaborates on testing and auditing activities to ensure ongoing compliance and successful certifications Analyzes security requirements and ensures compliance with industry standards such as HIPAA, NIST, and PCI-DSSEstablishes and maintains comprehensive policies and procedures to support effective and sustainable security operations Serves as the department's representative in security-related matters with City agencies and partners Continuously monitors emerging trends, technologies, and best practices in cybersecurity to ensure the department's security posture remains current and effective The Chief Information Security Officer (0933 Manager V) may perform other duties as assigned/required. Qualifications 1. Education: Bachelor's degree from an accredited college or university; AND 2. Experience: Five (5) years of professional healthcare information systems security experience, of which three (3) years must include supervising IT professionals. Education Substitution: Additional experience as described above may be substituted for the required degree on a year-for-year basis. One (1) year is equivalent to thirty (30) semester units / forty-five (45) quarter units. Applicants must meet the minimum qualification requirements by the final filing date unless otherwise noted. One-year full-time employment is equivalent to 2,000 hours (2,000 hours of qualifying work experience is based on a 40-hour work week). Desirable Qualifications: The stated desirable qualifications may be considered at the end of the selection process when candidates are referred for hiring:Possession of a Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) certification Verification of Education and Experience: Every application is reviewed to ensure that you meet the minimum qualifications as listed in the job ad. Review SF Careers Employment Applications for considerations taken when reviewing applications. Applicants may be required to submit verification of qualifying education and experience at any point during the recruitment and selection process. If education verification is required, information on how to verify education requirements, including verifying foreign education credits or degree equivalency, can be found at **************** sf. gov/knowledge/experience-education/. Note: Falsifying one's education, training, or work experience or attempted deception on the application may result in disqualification for this and future job opportunities with the City and County of San Francisco. Additional Information Selection Procedures: After application submission, candidates deemed qualified must complete all subsequent steps to advance in this selection process, which includes the following: Supplemental Questionnaire (SQ) Examination (Weight: 100%) Candidates that meet the minimum qualifications will be invited to participate in a Supplemental Questionnaire (SQ) examination that is designed to measure the knowledge, skills, and abilities in job related areas which may include but not be limited to: Knowledge of local, State and Federals laws and regulations relating to information security, including but not limited to HIPAA and HITECH; Knowledge of information security technology frameworks and standards, including but not limited to NIST, HITRUST, COBIT, ISO 27001, PCI-DSS or similar cyber security frameworks; Knowledge of technology relating to enterprise wide information security protection; Knowledge of structured systems analysis and design practices and techniques; common operating systems software and relational database systems; hospitals or community health network environments; Ability to apply principles and practices of management, administration, budgeting, training, and personnel management; Ability to manage, supervise, train and coordinate complex functional area of responsibility and groups of employees; Ability to analyze and report on activities, issues and problems and recommend appropriate solutions; Ability to communicate effectively orally; Ability to communicate effectively in writing; Ability to exercise judgement, decisiveness and creativity required in situations involving the direction, control and planning of a program(s); manage critical timelines effectively; Ability to establish and maintain good working relationships with department personnel, staff, vendors, peers, and management, and engage and influence a broad range of stakeholders (e. g. HR, IT, Legal, Compliance, senior management, etc. ) Candidates must achieve a passing score on the Supplemental Questionnaire exam in order to continue in the selection process and will be placed on the confidential eligible list in rank order according to their final score. Additional selection processes may be conducted by the hiring department prior to making final hiring decisions. Certification The certification rule for the eligible list resulting from this examination will be the Rule of the List. Eligible List/Score Report: A confidential eligible list of applicant names that have passed the civil service examination process will be created and used for certification purposes only. An examination score report will be established, so applicants can view the ranks, final scores, and number of eligible candidates. Applicant information, including names of applicants on the eligible list, shall not be made public unless required by law. However, an eligible list shall be made available for public inspection, upon request, once the eligible list is exhausted or expired and referrals resolved. The eligible list/score report resulting from this civil service examination process is subject to change after adoption (e. g. , as a result of appeals), as directed by the Human Resources Director or the Civil Service Commission. The duration of the eligible list resulting from this examination process will be of six months and may be extended with the approval of the Human Resources Director. To find Departments which use this classification, please see the city's Position Counts by Job Codes and Departments. Terms of Announcement and Appeal Rights: Applicants must be guided solely by the provisions of this announcement, including requirements, time periods and other particulars, except when superseded by federal, state or local laws, rules, or regulations. Clerical errors may be corrected by the posting the correction on the Department of Human Resources website at **************** sf. gov/. The terms of this announcement may be appealed under Civil Service Rule 111A. 35. 1. The standard for the review of such appeals is ‘abuse of discretion' or ‘no rational basis' for establishing the position description, the minimum qualifications and/or the certification rule. Appeals must include a written statement of the item(s) being contested and the specific reason(s) why the cited item(s) constitute(s) abuse of discretion by the Human Resources Director. Appeals must be submitted directly to the Executive Officer of the Civil Service Commission within five business days of the announcement issuance date. Additional information regarding Employment with the City and County of San Francisco:Information about the Hiring ProcessConviction HistoryEmployee Benefits OverviewEqual Employment OpportunityDisaster Service WorkersADA AccommodationRight to WorkCopies of Application DocumentsDiversity StatementVeterans PreferenceSeniority Credit in Promotional Exams Where to Apply All job applications for the City and County of San Francisco must be submitted through our online portal. Please visit **************** sf. gov/ to begin your application process. Applicants may be contacted by email about this recruitment. Please consider using a personal email address that you check regularly rather than a work or school account. Computers are available for the public (9:00 a. m. to 4:00 p. m. Monday through Friday) to file online applications in the lobby of the Dept. of Human Resources at 1 South Van Ness Avenue, 4th Floor and at the City Career Center at City Hall, 1 Dr. Carlton B. Goodlett Place, Room 110. Ensure your application information is accurate, as changes may not be possible after submission. Your first and last name must match your legal ID for verification, and preferred names can be included in parentheses. Use your personal email address, not a shared or work email, to avoid unfixable issues. Applicants will receive a confirmation email from notification@smartrecruiters. com that their online application has been received in response to every announcement for which they file. Applicants should retain this confirmation email for their records. Failure to receive this email means that the online application was not submitted or received. If you have any questions regarding this recruitment or application process, please contact the analyst, Marielle Saldajeno at marielle. saldajeno@sfdph. org or **************. We may use text messaging to communicate with you on the phone number provided in your application. The first message will ask you to opt in to text messaging. The City and County of San Francisco encourages women, minorities and persons with disabilities to apply. Applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical disability, mental disability, medical condition (associated with cancer, a history of cancer, or genetic characteristics), HIV/AIDS status, genetic information, marital status, sexual orientation, gender, gender identity, gender expression, military and veteran status, or other protected category under the law.