Information Security Consultant remote jobs - 589 jobs

About the role We're looking for a detail oriented, technically skilled engineer to join our Application Security team. This role offers opportunities to influence the group's growth and direction while integrating security within the entire Software Development Life Cycle (SDLC). Security Engineers will collaborate with Product and Engineering teams to embed security into all phases of the SDLC from feature design and implementation to deployment. They also establish and evaluate authentication, authorization, and privacy controls for B2C, B2B and M2M entity types and use cases. They will identify, prioritize, and remediate vulnerabilities identified via internal and third party penetration testing, Software Composition Analysis (SCA), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST). They will also deploy, maintain and tune the tools used to perform this testing. Security Engineers serve as subject matter experts on authentication and authorization security, partnering with product and engineering teams to implement security and privacy best practices for healthcare applications. The ideal candidate will have experience securing, hardening, and identifying vulnerabilities in web applications, RESTful and GraphQL APIs, and mobile applications (iOS and Android) in a cloud hosted microservice environment. The ideal candidate will also have experience risk assessing the results of automated SCA, SAST and DAST to validate severity before assigning to engineers for remediation. They may also have experience in securing Generative AI LLM services, including, but not limited to security guardrails to prevent jailbreaks, sensitive information disclosure, data/model poisoning, and safety guardrail verification and testing. What You'll Accomplish Implement and maintain automated security scanning tools (SCA, SAST, DAST) and perform manual and AI assisted security assessments including source code review to identify and remediate vulnerabilities in Hinge Health web applications, mobile applications and API endpoints. Enable the product teams to create secure by design product features and services by working alongside product managers and engineers during the design phase of projects including Generative AI projects. Assist with third party security assessments and penetration tests of Hinge Health web applications, API endpoints, and mobile applications, including interpretation of results and verification of remediations. Contribute to the improvement of Software Development Life Cycle management policies, procedures, and standards. Basic Qualifications 3+ years of experience in application security, product security, or related security engineering roles Experience securing web applications, mobile applications (iOS/Android), or API endpoints Experience with automated security testing, including configuring and automating security scans as part of the CI/CD process, and interpreting the results and working directly with engineers on prioritization and remediation. Experience in examining source code in multiple languages to evaluate security controls and identifying common coding and design vulnerabilities. Experience with OWASP Top 10 and other common security flaw patterns. Demonstrated ability to collaborate with engineering and product teams to address security concerns. Preferred Qualifications Experience securing applications in Health Care, securing ePHI and HIPAA/HITECH regulations. Experience with modern authentication and authorization technologies including OAuth 2.0, OIDC, SAML, JWT validation, SSO integrations, MFA/OTP implementations, API tokens, and identity platforms such as Auth0 or Okta. Understanding of session management, refresh tokens, and secure authentication flows for B2C, B2B, and M2M use cases. Experience assessing the security and safety of Generative AI LLM solutions and in evaluating and implementing solutions for their continuous monitoring Familiarity with HITRUST CSF and NIST control frameworks. Experience in Threat Modeling Experience performing security assessments and secure design of hardware and firmware of medical devices communicating over Bluetooth Experience with any of the following, deploying web based services on AWS infrastructure, Kubernetes, Typescript, ReactNative, Python, Go, Ruby on Rails, GraphQL, IaC using Terraform. Incident Handling: Be able to work as a subject matter expert in the security controls, internal communications, and infrastructure of Hinge Health applications during security incidents. Hinge Health Hybrid Model We believe that remote work and in-person work have their own advantages and disadvantages, and we want to be able to leverage the best of both worlds. Employees in hybrid roles are required to be in the office 3 days/week. The San Francisco office has a dog-friendly workplace program. Compensation This position will have an annual salary, plus equity and benefits. Please note the annual salary range is a guideline, and individual total compensation will vary based on factors such as qualifications, skill level, competencies, and work location. The annual salary range for this position is $192,000 - $230,400. About Hinge Health Hinge Health leverages software, including AI, to largely automate care for joint and muscle health, delivering an outstanding member experience, improved member outcomes, and cost reductions for its clients. The company has designed its platform to address a broad spectrum of MSK care-from acute injury, to chronic pain, to post-surgical rehabilitation-and the platform can help to ease members' pain, improve their function, and reduce their need for surgeries, all while driving health equity by allowing members to engage in their exercise therapy sessions from anywhere. The company is headquartered in San Francisco, California. Learn more at ************************** What You'll Love About Us Inclusive healthcare and benefits: On top of comprehensive medical, dental, and vision coverage, we offer employees and their family members help with gender-affirming care, tools for family and fertility planning, and travel reimbursements if healthcare isn't available where you live. Planning for the future: Start saving for the future with our traditional or Roth 401k retirement plan options which include a 2% company match. Modern life stipends: Manage your own learning and development Culture & Engagement Hinge Health is an equal opportunity employer and prohibits discrimination and harassment of any kind. We make employment decisions without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, pregnancy, or any other basis protected by federal, state or local law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. We provide reasonable accommodations for candidates with disabilities. If you feel you need assistance or an accommodation due to a disability, let us know by reaching out to your recruiter. By submitting your application you are acknowledging we are using your personal data as outlined in personnel and candidate privacy policy. #J-18808-Ljbffr

A leading data collaboration platform in San Francisco seeks a Senior Security Engineer to enhance threat detection and automation strategies. The role involves implementing detection logic, automating workflows, and developing scalable cloud solutions. Candidates should have a Bachelor's degree in a relevant field and strong skills in security automation and detection engineering. This position offers competitive compensation with a base range of $131,500 to $203,000. #J-18808-Ljbffr

Senior Security Engineer (Must have 3-5 years exp, Google SecOps & Security Command Center Enterprise) About Ladder We saw a problem within the life insurance industry: getting covered took too long, involved too much paperwork, and required too many in-person meetings with sales agents. Having lost his father at a young age, our CEO, Jamie, was determined to make it easier for people to get the coverage they needed to provide for their families. So, we got to work. We developed a method of real-time underwriting leveraging AI and, in doing so, reduced the months-long process of applying for life insurance to minutes. Our digital experience is quick (instant decisions!), loved by users (check out our Trustpilot or Google reviews) and prolific ($74 billion+ in coverage provided). About the role We're looking for a Senior Security Engineer to help us build out our monitoring and detection capabilities. Please note, this can be a hybrid role based in our Palo Alto headquarters or a remote role based role in one of the 23 States Ladder is currently hiring in - AZ, CA, CO, CT, FL, GA, IA, KS, MA, MD, MN, NC, NH, NJ, NV, NY, OH, OR, PA, TX, VA, WA, WI. Please note, Ladder is not currently sponsoring or transferring OPT or H1-B visa's. What You'll Do Improve ongoing monitoring and detection capabilities by adding data sources, creating detections, and building workflows in Google SecOps and Security Command Center Enterprise Ensure we are protected against the latest threat by staying current on emerging security threats and actively monitoring various threat intelligence sources for latest trends, campaigns, and adversary TTPs Collaborate with our Engineering and Product teams via threat modeling and design reviews Help secure our Googlebased corporate and production environments Assist IT in manage our SaaS applications and make sure people have access to what they should and not more Iterate on cloud, network, application, personnel, and device security Assess and secure internal and external applications, APIs, and CI/CD processes Assist with SOC2 and compliance program control implementation Triage alerts and respond to security incidents Collaborate with peers and stakeholders across the company to ensure our customers are protected as best as possible at all times Who You Are 3-5 years of experience in information security, with a strong focus on application security and/or detection engineering 1-2 years of experience in information technology Working knowledge of secure coding practices, application security frameworks, and common vulnerabilities OSCP, HTB-CPTS, PNPT, eCPPTv2, or equivalent training/certs Apple workstation security experience Familiarity with Google Cloud Platform, Datadog, Google SecOps (Chronicle), JAMF Protect, etc Passion for building security tooling to enhance and automate security processes Contributions to open-source projects or communities Experience in securing AI/ML models and pipelines What We Offer Whether you work in our beautiful office in Palo Alto or remotely, Ladder is highly collaborative and fun. To support you in your role, we offer fantastic perks and benefits that reflect our mission of care and support, including: Excellent medical, dental, and vision coverage | We offer competitive healthcare and dental plans for you and your family. Flexible paid time off | Take the time that you need to rest and recharge, including our week-long winter holiday closure. Stock options | We offer competitive stock option packages to participate in the success of building Ladder. A rewarding 401k match program | We'll match up to 4% of your contributions as you save for your retirement goals. Commuter benefits | When you work from the office, you will receive pre-tax benefits for your commute and free parking. A stocked, beautiful new office | Located in downtown Palo Alto, our office was specifically designed to accommodate all working styles. We've invested in technology to support our hybrid team, plus we provide office snacks and catered lunches so that team members can work well and have fun together. Paid parental leave | We think it's crucial that new parents have time to adjust to their new lives without worrying about work, so we provide all parents inclusive of birthing, adoption, or fostering ten weeks of paid baby bonding. Work-from-home flexibility and support | We recognize that everyone's homelife is different and support remote and hybrid work. Upon joining, we provide a one‑time $500 remote office stipend for all team members and then a monthly $150 stipend to cover WFH costs such as the internet. Fun company-wide events | Whether we work locally or remotely, we genuinely enjoy spending time together. That's why we plan fun virtual and in‑person events to let loose and laugh. The base pay range targeted for this position is $140,000.00 - $184,000.00 per year. Base pay is determined by market location and may vary depending on job‑related knowledge, skills, and experience. This role is eligible for equity and benefits as shared above. Voluntary Self-Identification For government reporting purposes, we ask candidates to respond to the below self‑identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file. Voluntary Self-Identification of Disability Form CC-305 Page 1 of 1 OMB Control Number 1250-0005 Expires 04/30/2026 Why are you being asked to complete this form? We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years. Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at ****************** How do you know if you have a disability? A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to: Alcohol or other substance use disorder (not currently using drugs illegally) Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS Blind or low vision Cancer (past or present) Cardiovascular or heart disease Celiac disease Cerebral palsy Deaf or serious difficulty hearing Diabetes Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders Epilepsy or other seizure disorder Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome Intellectual or developmental disability Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD Missing limbs or partially missing limbs Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports Nervous system condition, for example, migraine headaches, Parkinson's disease, multiple sclerosis (MS) Neurodivergence, for example, attention‑deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities Partial or complete paralysis (any cause) Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema Short stature (dwarfism) Traumatic brain injury Public burden statement: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete. EEO Statement Ladder is building a diverse team of talented and enthusiastic people. We are an equal opportunity workplace. At Ladder, differences are celebrated and supported to benefit our people, products, and community. Let us know why you're interested in this position and what unique contributions you can make to the Ladder team. We look forward to hearing from you. Interested in building your career at Ladder? Get future opportunities sent straight to your email. #J-18808-Ljbffr

A leading security training provider is seeking a Senior Security Engineer for their content engineering team. This role supports security professionals, builds hands-on content, and integrates security into DevOps. Ideal candidates have over 5 years of experience in application security and are passionate about improving security practices. The position is remote-first with competitive compensation and benefits. #J-18808-Ljbffr

San Francisco, CA Metriport is an open-source data intelligence platform that helps healthcare organizations access and exchange patient data in real-time. We integrate with all major US healthcare IT systems and tap into comprehensive medical data for 300+ million individuals. We've found product-market fit with multi-million ARR, 100+ customers (including Strive Health, Circle Medical, and Brightside Health), backing from top VCs, and years of runway. We're ready to scale. We're a tight-knit, high-performing team of mostly former founders (including two YC alumni). We're engineering-heavy, operate with minimal bureaucracy and high autonomy, and hire based on competence, not prestige. We push hard-founders work six days a week from our SF office-but give everyone freedom to craft their schedule. We measure output and we're committed to sustainable intensity. About you In a nutshell, we're looking for a security engineer with the following specific qualities: You're entrepreneurial-minded, with an olympian-level work ethic (nearly our entire engineering team consists of former founders). You are passionate about security and are excited to own security related projects within the company end-to-end. You are confident in your ability to build scalable systems across the full stack, and people usually come to you for technical guidance. You believe you can solve any problem that comes at you, and don't shy away from diving deep into areas where you may lack domain expertise. You have a strong sense of ownership over your work, and have demonstrated ability to lead others. You know how to move fast - while still maintaining a strong security posture. You care more about the end result and delivering value, rather than what new and frilly tech is being used under the hood for a given feature. When someone scopes out a project with an ETA of 3 weeks, you ask yourself "why can't it be done in 3 days?". You're a hacker at heart, and have a good sense of what rules should, and shouldn't, be broken. What you'll be doing After quickly ramping up using our comprehensive onboarding materials to get familiar with our domain, product, and codebase, the goal would be to get you shipping product directly to customers as quickly as possible. Specifically, day to day, this looks like: Evangelizing security across Metriport's growing team - we will look to you for guidance, and training. Driving full-stack security projects , big and small, end-to-end from ideation to production rollout. These projects could include things like: Implement an enterprise-grade audit logging solution for a new national healthcare network infrastructure stack. Implement fine grained RBAC on the API key access layer, and more robust roles on our UIs. Help us revamp our internal security policies and put tools in place to keep the platform, and employees, secure while still allowing the team to be efficient. Helping the engineering team with PR reviews with a security-focused lens. Work with the Go to Market team to complete customer security assessments and questionnaires. Work with the engineering team to harden security across the development lifecycle - think secret management, access controls, and vulnerability scanning. Managing your own work in Linear. Participating in bi-weekly sprint planning / retro sessions, and quarterly planning sessions. Attending a daily 30 minute remote stand-up at 7:30am PST Mon-Fri (our only regular mandatory meeting). Requirements You have 6+ years experience in security engineering and information security. You're located in San Francisco or the Bay Area (or willing to relocate). Familiar with HIPAA compliant environments. Experience rolling out and maintaining security frameworks like SOC 2, NIST, HITRUST, FedRAMP, etc. Experience rolling out data protection technologies like SSO, MFA, VPN, FIPS, etc. Experience with organizational secret management. Experience implementing SCA, SAST, DAST in CICD workflows. Experience with Mobile Device Management (MDM). Proficiency in cloud security & networking on AWS - IAM, WAF, KMS, etc. Proficiency in authentication, cryptography, encryption, and security protocols such as: mTLS, RSA, SSL, HMAC, RBAC, etc. Bonus: experience with IHE profiles (ATNA, CT, XUA). Benefits Competitive equity + compensation package 🚀 Full family Platinum health insurance, dental, and vision coverage 🦷 401(k) retirement plan + matching 💰 Flexible work from home or in-office 🏢 Healthy lunches are complimentary when working in-office (and breakfast + dinners as needed) 🍏 Quarterly company off-sites with the team ⛷️ MacBook provided by us 💻 Unlimited PTO (we work hard, but trust you to take time you need to be at your best) 🧘♂️ Our tech On the frontend, we use React - on the backend, we rely on Node.js and TypeScript for writing core business logic. We deploy a wide range of AWS cloud services (ie ECS, Fargate, Lambda, etc), and manage our infrastructure as code with AWS CDK. Data lives in PostgreSQL, DynamoDB, S3, Snowflake, FHIR servers, and more. We use Oneleet for security and compliance. Metriport provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, genetics, sexual orientation, gender identity, or gender expression. We are committed to a diverse and inclusive workforce and welcome people from all backgrounds, experiences, perspectives, and abilities. #J-18808-Ljbffr

Lightning Labs is seeking to hire a Security Engineer for the ongoing scaling of our growing engineering organization. This is a hands-on role that consists of devising and implementing policies and procedures around best practices in systems security. The ideal candidate has experience in securing web, Bitcoin, and other public-facing network services, penetration testing, and both automated and manual source code security reviews. Due to the domain in which we work, experience with Bitcoin and the Lightning Network is extremely desirable as is knowledge of the cryptographic aspects involved in this area. As we are an international organization, experience and comfort working with highly distributed teams is a must. In addition, the ideal candidate should have a passion for our mission of bringing financial freedom to the world, as well as for Bitcoin as a whole. Although a part of the engineering organization, candidates in this position will work across functional team boundaries to ensure all aspects of the business are appropriately considered and covered by security best practices. Responsibilities may include but are not limited to: Designing and deploying active fuzzing, black+white box testing and penetration testing infrastructure for open source and production systems Performing security audits and review of both internal production systems as well as open source software which interacts with Bitcoin+Lightning in a security critical manner Provide mentorship and guidance to level up your teammates Creating global security policy, standards, guidelines, and procedures to ensure ongoing maintenance of security Overseeing security aspects of software release processes and infrastructure Determining security team requirements for future growth Developing and ensuring responsiveness of security incident management processes Performing risk management assessments Preferred experience: At least 5 years prior experience in in systems security An ability to work with a high impact, fast-moving startup team Extensive knowledge of operating system and computer architecture internals Strong understanding of cryptography, protocol design and adversarial analysis Experience in reverse engineering and exploiting of cryptographic protocol (cryptocurrencies like Bitcoin) systems Extensive expertise with professional software development experience in Go, Rust, C/C++, and/or Java Experience in security incident response Experience in security code review and vulnerability triaging Prior experience running an open source facing bug bounty program 2+ years management experience or experience as a senior decision maker Experience working with remote teams Experience working with Kubernetes and AWS infrastructure Working knowledge of fundamental Bitcoin and Lightning design principles Candidates with additional experience are welcome to apply as we are open to adjusting the role accordingly #J-18808-Ljbffr

A leading identity platform company in San Francisco is seeking a Corporate Security Lead to fortify defenses against evolving threats. This full-time role involves developing endpoint security solutions and collaborating with cross-functional teams. The ideal candidate has over 3 years of IT security experience, including endpoint hardening and scripting skills. Enjoy competitive benefits like unlimited PTO, mental health days, and professional development stipends in a vibrant work culture. #J-18808-Ljbffr

A cybersecurity firm in Boston seeks a Principal Lead, Security Consultant with a strong background in threat detection and malware analysis. This role encompasses leading technical pre-sales efforts across various modules, conducting Proof-of-Value (POV) assessments, and managing security consultant teams. Ideal candidates should possess 8-10 years of experience in cybersecurity, proven communication skills, and deep technical knowledge. Join us in forging a transformative journey in enterprise cybersecurity. #J-18808-Ljbffr

A leading cryptocurrency platform is seeking a Senior Platform Security Engineer in San Francisco. This role involves securing infrastructure through hardening services and enhancing cloud and non-cloud systems. Candidates should have 5+ years in Information Security, strong development skills in Python or Go, and experience with AWS and Kubernetes. The position requires in-person collaboration twice a week, and offers a competitive salary range of $140,000 - $200,000, alongside comprehensive benefits and a hybrid work model. #J-18808-Ljbffr

A technology company is seeking a skilled software engineer to join their Radar team, focusing on building systems for real-time identity event processing. The ideal candidate will have over 5 years of experience in software development, a background in large-scale systems, and strong collaboration skills. This position offers flexible remote work and comprehensive benefits, including healthcare coverage, equity grants, and generous paid time off. Join a growing team committed to delivering a seamless identity security platform. #J-18808-Ljbffr

Information Technology at Procter & Gamble is where business, innovation and technology integrate to build a competitive advantage for P&G. Our mission is clear -- we deliver IT to help P&G win with the over 5 billion consumers we serve worldwide. Our IT professionals are diverse business leaders who apply IT expertise to deliver innovative, tech-focused business models and capabilities for our 65 iconic, trusted brands. From Day 1, you'll be trusted to dive right in, take the lead, use your initiative, and build billion-dollar brands that help make everyday activities easier and make the world a better place! Our company offers purposeful work that will take your career places you never envisioned, in creative workspaces where innovation thrives and where your technical expertise is recognized and rewarded. The Opportunity P&G is seeking a Governance, Risk, and Compliance Director passionate about safeguarding data, enabling business through smart risk management, and shaping the future of cybersecurity. The IT Governance, Risk, and Compliance (GRC) Organization at Procter & Gamble is responsible for risk identification, assessment, and remediation across the IT landscape, as well as driving automated governance and compliance breakthroughs. As the GRC expert, you'll play a critical role in maturing and maintaining the security risk and compliance posture of our organization. You will lead initiatives that align our security program with business goals, ensure regulatory and policy compliance, and creatively solve problems to manage risk for the company. Responsibilities: + Governance: + Maintain and evolve the information security policy framework and controls aligned with industry best practices (e.g., NIST, ISO 27001, CIS). + Establish and track metrics to measure policy adherence and program maturity. + Drive internal alignment on security roles, responsibilities, and expectations. + Risk Management: + Manage the enterprise risk management process including risk identification, analysis, treatment planning, and reporting. + Conduct security risk assessments for internal systems, projects, vendors, and business processes. + Facilitate risk-based decision-making at all levels of the organization. + Compliance: + Ensure ongoing compliance with applicable regulations and frameworks (e.g., GDPR, HIPAA, CCPA, SOX). + Maintain a library of evidence and documentation to support audit and regulatory needs. + Monitor the effectiveness of IT controls and identify gaps in compliance. Analyze control measurements for negative trends and reoccurrence frequency. Collaborate with internal/external auditors on compliance audits, audit findings, and issue remediation + Awareness & Enablement: + Contribute to the continuous improvement of the risk and compliance mindset across P&G. Build IT risk awareness by providing support and training to others. + Collaborate cross-functionally with IT, Legal, Privacy, and Business Operations teams. + Stay up to date with how current events, security focus areas, and the regulatory environment may impact P&G's compliance processes Estimated Percent of Time Spent on Work 25% - Risk identification, analysis, and assessment 40% - Plan and drive enterprise-wide initiatives to reduce risk and improve compliance across the organization 25% - Assess and improve the effectiveness of IT controls and compliance across the enterprise 10% - Collaboration with internal/external auditors, driving a risk-aware compliance mindset Job Qualifications Required: + Bachelor's degree in Computer Science, Computer Systems Engineering, Cybersecurity, Industrial Engineering, Business Management Information Systems, Software Development, or related field + Prior hands on experience working in a security-focused role, such as Information Security Analyst, SOC Analyst, Security Engineer, etc. + 8+ years of experience in Governance, Risk, and Compliance with a focus on Information Security + In-depth knowledge of major security frameworks (e.g., NIST CSF, ISO 27001, SOC 2). + Experience conducting risk assessments, audits, and control testing. + Strong understanding of regulatory compliance requirements (e.g., GDPR, HIPAA, SOX, PCI DSS). + Proven ability to write policies, manage documentation, and communicate clearly to both technical and non-technical stakeholders. + Ability to influence and build relationships with business unit stakeholders, external service providers, and architecture teams. + The ability to work independently, collaborate, and learn quickly. + English fluency (speak, write, and read) Preferred Skills: + Certified in CISSP, ISACA CRISC, CGEIT, CISA, or similar Pay Range: $160,000 - $220,000 Compensation for roles at P&G varies depending on a wide array of equal opportunity factors including but not limited to the specific office location, role, degree/credentials, relevant skills, and level of experience. At P&G compensation decisions are dependent on the facts and circumstances of each case. Total rewards at P&G include salary + bonus (if applicable) + benefits. Your recruiter may be able to share more about our total rewards offerings and the specific salary range for the relevant location(s) during the hiring process. Our company is committed to providing equal opportunities in employment. We value diversity and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Immigration Sponsorship is not available for this role. For more information regarding who is eligible for hire at P&G along with other work authorization FAQ's, please click HERE (******************************************************* . P&G participates in e-verify as required by law. Qualified individuals will not be disadvantaged based on being unemployed. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Job Schedule Full time Job Number R000136880 Job Segmentation Experienced Professionals Starting Pay / Salary Range $160,000.00 - $220,000.00 / year

As Director of Information Security at Moov you will be responsible for the comprehensive enterprise-wide information security policy, strategy, architecture, operations, and capability enhancements of Moov and our platform. This position collaborates with the senior leadership team on security strategy, capability enhancements, and the development of enterprise security awareness and accountability. You will: Key Responsibilities: Develop, implement, and maintain information security policies, practices, and operations. Oversee incident evaluation and response, ensuring swift and effective handling. Manage corporate information security risk and regulatory architecture and status reporting efforts. Create and roll out audit and compliance programs. Implement technical compliance solutions and support for security awareness and training programs to ensure compliance. Collaborate with cross-functional teams to maintain a high standard of cybersecurity posture and response. Build and operate a security and compliance program for money movement regulations, aligning with information security policies and standards. Foster a security-conscious culture and ensure the platform's security. Leadership and Strategy: Execute a plan to achieve and maintain industry compliance for SOC 1, SOC 2, PCI, NACHA, FedRAMP, and other compliance programs. Research, educate, and recommend technical solutions to support compliance efforts. Develop, implement, and manage a comprehensive organization-wide information security and risk management program. Deliver education on compliance with security policies. Conduct security risk assessments and manage risk management processes. Ensure compliance with relevant laws, regulations, and policies in Moov's information security practices. Lead the information security team that is protecting Moov. Recruit, motivate, mentor, and lead the best security talent. You have: Bachelor's degree in Computer Science, Engineering, Information Systems, Cyber Security, Business, or a related academic discipline. 7-10+ years of relevant experience or an equivalent combination of education and experience. Strong knowledge of regulatory requirements and information security management frameworks, including SOC 1, SOC 2, ISO/IEC 27001, ITIL, SOX, PCI, FedRamp, and NIST. Ability to work in a fast-paced environment. Knowledge of payment systems, fintech, or online banking. Certification in CISSP, CISM, CRISC, CISA, CFE, or similar is highly recommended. Experience with banking regulations. Knowledge of OSS tools and active participation in OSS community. Experience working with remote-only teams. Experience with mid-size organizations and startups. Our company: Moov is a 100% remote company with people from more than 26 states. We're backed by a16z and other respected investors. We won Visa's global Everywhere Initiative and our community of builders grows larger every day. We're committed to building a team that represents a variety of backgrounds, perspectives, and skills and we embrace diversity, creativity, and equal opportunity. Our people: Our customers come from all walks of life and so do we. We hire great people from a variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger. We have mountain bikers, skiers/boarders, runners, video gamers, musicians, movie buffs, weight lifters, and about every other type of person in between. We enjoy solving problems and tackling challenges with creativity. If we don't know the answer, we revel in the hunt to find it. We like helping people and choose to give first. We're patient, open, and honest. If you share our values and enthusiasm for making the complex simple and delightful, you'll find a home at Moov. Benefits include: Competitive base salary + employee stock options w/early exercise opportunity 100% remote. We make remote-work work. We match what you contribute to your 401(k) up to 5% of your salary Generous parental leave Medical Ins: Health Savings Account (HSA) option w/employer contribution EAP and other wellness resources Unlimited PTO+ generous paid holiday schedule Professional Development Budget, we have a culture that encourages and promotes professional growth and development Home office stipend Culture of people helping people who give first, celebrate wins together and embrace autonomy, transparency, and trust The opportunity to join an experienced and ambitious team passionate about solving customers' needs and who love what they do Partner with a community of 3000+ developers around the world, helping them focus on possibilities vs payments Employee referral incentive Salary range: $220k - $232k based on experience, geography, and other key factors Advice: If you're nervous about not meeting every qualification above, apply anyway. Moov is all about pushing boundaries-ours, yours, and the industry's-so we look for curious people willing to experiment and grow. While we can't teach curiosity and compassion, we can teach some technical skills. Of course, we can't guarantee anything, but as Michael Scott says,“You miss 100% of the shots you don't take!” (Or was that Wayne Gretzsky?) One more thing: Don't go iron your clothes for your interview (do people still own irons?). We're all pretty casual here, so you can wear whatever you are most comfortable in. Okay-last thing: When you meet with us, have some concrete, tangible examples of when you've added value, improved something, created something, or done some fantastic, customer-centric work. We also want to learn about you as a person. If you want to know what it's like working at Moov, check out stories from our employees. PS: Share our job roles with others! Wouldn't it be nice to make new friends and bring over old friends? We think so. Moov Financial is a participant of E-Verify. All potential employees and employees are bound by the guidelines in the MOU and the rules and responsibilities. For more or up to date information on E-verify, go to ********************** and click on E-verify.

We're seeking an experienced Director of Information Security to join our dynamic team and help drive our growth. In this role, your job will be to coordinate people and processes to instill a “security first” mindset for information management, systems development, acceptable use of these systems, staff awareness, and oversight of our vendors and partners. This security professional will lead the management of risk and compliance of intellectual property, including day-to-day network and cyber tool monitoring, oversight, and ongoing security testing. The individual performing this role will enforce policies and procedures that ensure compliance with state, federal, and industry standards and requirements, ensuring our customers' and company's data are protected. As the Director of Information Security, you will implement a security-readiness plan and provide guidance on how to quickly and effectively respond to any and all security incidents. In addition, this role will be instrumental in implementing controls and monitoring capabilities that provide visibility into the organization's security posture. At RxVantage we transform how medical practices engage with life sciences resources and expertise to improve patient care. Our platform intelligently connects healthcare providers with the precise life sciences experts that they need, when they need them. As a result, medical practices stay on the cutting edge of patient care without disrupting workflows. Trusted by more than tens of thousands of healthcare practitioners and all major life sciences companies, RxVantage has powered millions of educational exchanges between healthcare teams and life sciences companies. What you'll be doing: Creating and implementing a security roadmap based on current and ongoing assessments Ensuring policies are developed and maintained from both a business & technical perspective for the application, data, and security needs of the organization Working with Legal to ensure agreements are congruent with policies Overseeing the GRC (Governance Risk and Compliance) process Ensuring compliance with industry laws and regulations for data security and privacy to include CCPR, 21 CFR Part 11, SOC2, NIST SP800-53 Monitoring the Identity and Access Management Framework Benefits: Competitive Salary 100% Company-Paid Premiums for Employee's Medical Health (HDHP 4500), Vision, and Dental Plans + $4,400 company sponsored contribution into an HSA Short-term and Long-term Disability Life Insurance 401k Matching Work from Anywhere within the US Flexible PTO 100% Paid Parental Leave Post-Parental Leave Program - $5k stipend to assist with expenses, 4 week 100% paid “Ease-Back” return to work transition period Charitable donation matching Location: Our “Work from Anywhere” philosophy is aimed at making sure that we recruit a diverse range of thought leadership to ensure that our technology is better able to serve local health care providers. Our goal is to hire the country's top talent and allow them to create an environment within the U.S. where they can do their best work. About Our Organization: At RxVantage, we're a small company with a big mission: to connect healthcare providers with the right life science experts and resources they need, exactly when they need them, to improve patient care. We've built a software platform that's changing the way providers learn about the latest medical advancements and technologies. Every year, our platform powers over 1 million educational exchanges between medical practices and life science companies, making it easier for them to stay informed and provide better care. We have a proven product, a strong mission, and a passionate team. Now, we're looking for talented people to help us grow even more. If you're driven, eager to make an impact, and ready to be part of something meaningful, we want to hear from you! --- RxVantage is an equal opportunity employer and dedicated to ensuring that we represent the local communities where our health and wellbeing providers serve as pillars of support to our family, friends, and neighbors. Our representation within these communities allows us to embody a diverse set of backgrounds, experiences, abilities and perspectives; and provide an inclusive environment for our team to feel empowered to be their authentic selves, without fear of harassment or discrimination.

Compliance & Information Security Manager Department: Compliance Reports To: VP of Compliance Installation Made Easy (“IME”) provides software and process management that enable retailers and contractors to offer installed home improvements to homeowners in a convenient, consistent, and affordable manner. IME senior management has over 100 years of retail management and home improvement industry experience. We are seeking a Compliance & Information Security Manager to build and manage our corporate compliance and information security governance program. The role will lead regulatory compliance initiatives, manage audit and certification efforts, and partner closely with Compliance, IT, and Security teams to support a strong risk and compliance posture. The candidate must be able to work independently in a remote environment. Essential Functions: Manage compliance programs related to PCI DSS, SOC 1 / SOC 2, and related frameworks. Serve as project manager for external audits and certifications, coordinating internal teams and external auditors. Maintain compliance with U.S. consumer privacy and data protection laws, including state privacy and breach notification requirements. Develop and maintain compliance, privacy, and information security policies and documentation. Review and redline agreements with customers, partners, and vendors, focusing on data protection, security, and compliance terms. Oversee the maintenance of the company's certifications and licenses, such as money services licensure and/or business registrations Support information security governance, risk assessments, vendor risk reviews, and remediation tracking. Provide compliance support during security incidents and investigations. Partner cross-functionally and provide compliance guidance and training across the organization. Perform other duties as required. Minimum Qualifications: 5+ years of experience in compliance, information security, risk management, or GRC roles. Hands-on experience managing PCI and SOC audits. Working knowledge of U.S. consumer privacy and data protection laws. Experience reviewing and redlining commercial agreements. Strong project management and communication skills. Bachelor's degree in a related field or equivalent experience. Preferred Qualifications: Certifications such as CISSP, CISM, CRISC, CISA, or CIPP/US. Experience in a SaaS or software environment. Familiarity with NIST or ISO 27001 frameworks. Physical Requirements: Prolonged periods of sitting at a desk and working on a computer. Benefits to working with IME: 100% remote work environment Employer provided equipment. Medical, dental, and vision insurance Health savings plan includes employer contribution to health savings account. Medical and dental flexible spending accounts Company paid basic life, short-term disability, and long-term disability insurance. 401K plan with employer match Company matches 100% of the first 4% of salary deferrals. All contributions, including employer contributions, are 100% vested immediately. Employee discount program for Electronics, Groceries, Travel, Entertainment, and more Employee assistance program Pay on demand. Critical illness, hospital indemnity, group accident, and legal insurance Paid time off. And more! We are an Equal Opportunity and Drug-Free Workplace. The is not an exhaustive statement of all duties, responsibilities, or qualifications of the job, nor is it intended to limit opportunities for necessary modifications. The Job Description does not constitute an employment contract of any kind.

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Information System Security Manager - REMOTE. In this role, you will have the opportunity to make a significant impact by ensuring that information system security is upheld within critical governmental operations. You will lead initiatives to implement security programs, conduct audits, and maintain compliance with the established regulations. As part of a collaborative team, you will help elevate the standards of cybersecurity, all while working from anywhere. Your contributions will directly enhance the security posture of the organization and support various missions.Accountabilities Conduct information system security inspections, tests, and reviews to maintain an Authority to Operate (ATO). Implement and enforce a formal information system security program and develop security policies and plans. Demonstrate knowledge of systems engineering, network security concepts, and IT security principles. Ensure software and hardware complies with security configuration guidelines. Report cybersecurity-related events that impact IT authorization. Implement Security Information and Event Management processes. Requirements Bachelor's Degree in Information Systems, Information Assurance Management, Computer Science, or related field (or equivalent experience). 2-7 years of relevant experience in information systems security. IAM Level II DoD approved cybersecurity certification or higher (e.g., CAP, CASP, CISA, CISM, CISSP). Experience with the Risk Management Framework (RMF) and NIST publications (NIST 800-53 and NIST 800-37). Active Secret Security Clearance required. Located within 2 hours of Joint Base Andrews for potential onsite meetings. Benefits Opportunity to work remotely with flexibility. Engagement in meaningful projects that influence national security. Possibility for professional growth and development. A supportive work environment that values diversity and inclusion. Recognition as a military-friendly employer with a commitment to veterans. Why Apply Through Jobgether? We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.#LI-CL1We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

HJ Staffing is seeking an Information Security Analyst to join a prominent Managed Care Plan serving over 456,000 members. In this role, you will be the primary lead in analyzing security practices, investigating breaches, and ensuring the organization remains aligned with rigorous healthcare industry standards. We are looking for a technical expert who can bridge the gap between complex infrastructure and staff education to protect sensitive member data. What You Will Do Security Monitoring & Investigation: Monitor computer networks for security issues, lead the investigation of breaches in collaboration with the Information Security Manager, and document damage assessments. Compliance & Auditing: Assess the efficacy of existing measures to ensure they meet HIPAA and FISCAM security standards; conduct proactive system vulnerability audits and manage annual penetration testing with vendors. Solution Implementation: Participate in the evaluation, design, and implementation of new security solutions, including firewalls and data encryption programs, to protect the organization's computer networks from cyber-attacks. Risk Advisory: Analyze software and systems requirements to provide objective advice on security risks and develop clear remediation options for management and senior ITS staff. Policy & Documentation: Assist with the development of security policies, procedures, and standards; maintain comprehensive documentation of computer security procedures and tests. Training & Phishing Defense: Develop high-impact training materials and presentations to educate the organization on data security, including frequent training on how to detect and avoid phishing attempts. What You Will Bring Education: Bachelor's degree in IT, Cybersecurity, Computer Science, or a related field (a Master's degree may substitute for 2 years of experience). Experience: 8 years of professional-level IT experience, with at least 3 years specifically performing information security functions in a healthcare environment. Certifications: Current CISSP, CISM, or CEH (Certified Ethical Hacker) certification is required. Technical Knowledge: Strong understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts, along with proficiency in virtualization and Windows-based systems. Regulatory Expertise: In-depth knowledge of HIPAA and FISCAM security guidelines and a working knowledge of frameworks such as NIST, ISO 27001, or COBIT. You Will Be Successful If: You are a Strategic Problem Solver: You can manage multiple priorities, meet strict deadlines, and adapt to shifting security needs. You are an Effective Communicator: You possess clear writing skills and the ability to present complex technical content to non-technical audiences. You are Collaborative & Diplomatic: You have the leadership ability to facilitate meetings and build strong relationships across infrastructure and administrative teams. You are Proactive: You stay informed of emerging technologies (AI, IoT, blockchain) and look for ways to eliminate technical debt before it becomes a vulnerability. You are Incident-Ready: You are willing to respond to after-hours information security incidents as needed. Important Details Residency Requirement: Candidate must reside in the state of California. Work Status: 100% Remote; must be a US Citizen or Green Card holder. Market Context: This is a competitive role for a major managed care plan; qualified candidates are encouraged to submit their credentials immediately.

At Crypto.com, our dedication to user security is led by our highly experienced Security Team. Comprising an international roster of seasoned cybersecurity experts, our team leads the company's Security, Privacy, and Security Compliance endeavors. The team includes holders of international patents for technologies integrated in our security architecture. Under the stewardship of a distinguished CISO recognized by the Forbes Technology Council and among the Global Top 100 CISOs, our team has consistently championed industry standards, acquiring certifications like ISO27001, ISO27701, ISO22301, PCI:DSS 3.2.1 (Level 1), NIST Tier 4, and SOC 2 Type II, in addition to the MPI License from Singapore MAS. Our Chief Information Security Officer reports directly to the CEO, underscoring the prioritization of security in our organization's hierarchy. Our Security Team not only places great emphasis on credentials and expertise but also deeply values hands-on experience, rapid cognition, and dynamic learning. The challenges in the world of crypto are ever-evolving, and as such, our team prides itself on quick adaptability and robust teamwork, ensuring that we stay ahead of potential threats and always safeguard our user base. About the Role As our Security Compliance Senior Analyst, you will be tasked with security compliance activities along with our journey. You are expected to take the initiative to assist us with several security compliance programs and certifications. You are required to address and review compliance gaps and give recommendations and support on remediation activities. You will also be trusted to provide technical advice to ensure that security compliance requirements are met throughout all business units. This role requires technical knowledge of network security, especially on-prem and cloud native architectures. A familiarity with US derivatives regulatory frameworks would be advantageous. Job Responsibilities: Assist in our security compliance programs, including ISO27001, ISO27701, PCI-DSS, SOC2 Type 2, and local regulations Participate in internal security and privacy assessments, internal and external audits, compliance certifications, and risk management Provide complete and accurate responses to internal and third-party enquiries on security compliance Perform security compliance assessment activities, including periodic technical, organizational, and third-party risk and control assessments, and managing remediation activities to completion Design and manage necessary control and framework required to comply with international standards and US local regulations Identify and drive process improvements for streamlining global security compliance operations Qualifications: 3-5 years of experience in information security, privacy, IT audit or IT risk management related roles. Prefer experience with one or more of the following: In-house security and privacy operations, conducting security control assessments, risk assessments or audits. Prefer experience with any of the following: ISO27001, ISO27701, SOC1, SOC2, PCI, SOX, COSO, cloud technologies, and data protection regulations and requirements. Ability to analyze and review US and Global privacy and information security compliance and provide guidance. Holders of security-related certifications/qualifications will be an advantage: CISSP, CRISC, CISM, CISA, ISO27001 LA, CIPT, CIPP/E, or other relevant certifications Experience leading compliance initiatives and working with auditors and/or external regulators It's a plus if you: Have experience in information security and privacy management in virtual assets, fintech, online services, platform services, or global services. Have experience in establishing information security and privacy framework to meet US regulations, (CFTC, FINRA, SEC, and other US based regulators.) Are a strong commitment to personal learning and development Are detail minded with an analytical mindset Have good communication skills with an ability to explain complex technical issues to non-technical business users Have prior experience with project management Have an interest and understanding of Blockchain and AI technologies ***************** Empowered to think big. Try new opportunities while working with a talented, ambitious and supportive team.Transformational and proactive working environment. Empower employees to find thoughtful and innovative solutions.Growth from within. We help to develop new skill-sets that would impact the shaping of your personal and professional growth.Work Culture. Our colleagues are some of the best in the industry; we are all here to help and support one another.One cohesive team. Engage stakeholders to achieve our ultimate goal - Cryptocurrency in every wallet. Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up Aspire career alternatives through us - our internal mobility program offers employees a new scope. Are you ready to kickstart your future with us? BenefitsCompetitive salary Attractive annual leave entitlement including: birthday, work anniversary 401(k) plan with employer match Eligible for company-sponsored group health, dental, vision, and life/disability insurance Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up Aspire career alternatives through us. Our internal mobility program can offer employees a diverse scope. Our Crypto.com benefits packages vary depending on region requirements, you can learn more from our talent acquisition team. About Crypto.com:Founded in 2016, Crypto.com serves more than 150 million customers and is the world's fastest growing global cryptocurrency platform. Our vision is simple: Cryptocurrency in Every Wallet™. Built on a foundation of security, privacy, and compliance, Crypto.com is committed to accelerating the adoption of cryptocurrency through innovation and empowering the next generation of builders, creators, and entrepreneurs to develop a fairer and more equitable digital ecosystem. Learn more at ******************* Crypto.com is an equal opportunities employer and we are committed to creating an environment where opportunities are presented to everyone in a fair and transparent way. Crypto.com values diversity and inclusion, seeking candidates with a variety of backgrounds, perspectives, and skills that complement and strengthen our team. Personal data provided by applicants will be used for recruitment purposes only. Please note that only shortlisted candidates will be contacted.

Do you love learning and managing technology? Do you enjoy working with a variety of people and technologies each day? Do you excel at providing technology and business solutions to smart, driven individuals? If you answered yes to these questions then we have an exciting opportunity that's right up your alley. We're eagerly seeking a Senior IT Consultant who has a solid background in cloud system management, cybersecurity, network infrastructure (firewalls, routers, switches), and system administration to join our growing team in an important client-facing support capacity. Job Description: This is for a full-time, permanent position at growing IT consulting company allowing you to work with many different technologies but within a regular, stable base of clients. As a Senior IT Consultant you will be working in a highly visible role at client locations between San Francisco and Palo Alto, working both independently and as part of a team to provide creative solutions and resolve a wide range of technical challenges. Your experience managing on-premise and cloud systems, driving adoption of new technologies, applying cybersecurity best practices, and providing top-notch service to members at all levels in an organization will allow you to hit the ground running and to contribute immediately. Our capital management clients have over $150B under management and we work with some of the Bay Area's most prestigious independent schools. Required Qualifications: Excellent communication skills (including demanding, high touch executive level clients) Strong experience with Office 365 and/or G Suite administration, Active Directory / Azure Directory, storage (OneDrive, Box, DropBox, Egnyte) and other cloud services Switches, router, firewall and other network devices experience Deep Windows (server and desktop) and MacOS support and management knowledge History of IT Support Experience Ability to work independently and proactively with little supervision, while managing multiple priorities Strong experience with LAN and WAN technologies. Excellent documentation skills. Willingness to work at client sites in San Francisco and along the Peninsula. This is hybrid role that involves some work in the office as well as work from home. Desirable Qualifications: Previous consulting experience Prior work with Venture Capital, Private Equity, Hedge Fund, Law Firm, or Independent Schools Palo Alto Networks and Panorama experience Virtualization experience (preferably VMware) Citrix experience Cybersecurity experience Certifications: Certified Ethical Hacker (CEH), GIAC Security Essentials Certification (GSEC), CompTIA Network+, CompTIA Security+ Bachelor's Degree in Computer Science or related field highly preferred Does this opportunity interest you? If you are eager to expand your expertise by rolling up your sleeves and diving into a high-profile role, join us today to help continue providing best-in-class technology solutions and service! About us: Founded in 2007, and profitable since inception, our company is self-funded with no outside investors. Every member of the management team has over 20 years of experience in the industry. Our employees work hard, enjoy their work, and have a life outside of work too. We provide best of breed technology solutions to SMB clients that have Fortune 500 technology needs. Our customers include Venture Capital, Private Equity, Hedge Funds, independent schools, and technology startups (our investment firm customers have over $150 Billion, combined, under management). We create tailored IT solutions for companies that need well-managed, secure, highly available, disaster recovery protected systems. We augment IT departments by bringing special expertise and experience and are the IT department for clients without IT staff, who require high-touch support and superior systems management. We provide monitoring and remote management of systems, along with managed services. Powered by JazzHR jlc NvJc8mw

Why PlayStation? PlayStation isn't just the Best Place to Play - it's also the Best Place to Work. Today, we're recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation 5, PlayStation 4, PlayStation VR, PlayStation Plus, acclaimed PlayStation software titles from PlayStation Studios, and more. PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team. The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Group Corporation. Sony Interactive Entertainment LLC seeks a Staff Information Security Analyst in San Mateo, CA to define strategic GRC (Governance, Risk and Compliance) input in global initiatives, including Artificial Intelligence (AI) and Machine Learning (ML) adoption, cloud security, and enterprise wide policies, ensuring resilience while balancing business and regulatory needs. Requires a Master's degree in Cybersecurity, Information Security, or related field or equivalent, and four (4) years of experience conducting risk assessments on critical information systems to maintain and manage risk registers; facilitating the Security Risk Assessment methodology, policy, strategy and process; writing security assessment reports following security breaches and detailing the associated impact; monitoring and reviewing IT Security controls to identify operational effectiveness; mapping security controls to policies, standards, procedures and processes to ensure compliance with security measures; managing security remediation efforts and tracking status of security deficiencies; translating security risk mitigation plans into actionable items to mitigate risk in coordination with technical and business teams; developing and implementing policy frameworks for emerging technologies, including AI/ML and cloud security, with governance and legal stakeholders; applying industry standards including NIST, ISO 27001, and PCI DSS in support of organizational security objectives; supporting the evaluation of third-party vendor security through documentation review and risk assessment; contributing to the enhancement of vendor onboarding and compliance workflows; and, in executing duties, utilizing Archer GRC, ServiceNow, Splunk, JIRA, Confluence, SharePoint, Palo Alto Prisma Cloud and AWS. Telecommuting and/or working from home may be permissible pursuant to company policies. Sony is an EOE. Salary range: $185,639.00 - $261,000.00/year Equal Opportunity Statement: Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category. We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond. PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.