Information Security Director remote jobs - 189 jobs

Information Technology at Procter & Gamble is where business, innovation and technology integrate to build a competitive advantage for P&G. Our mission is clear -- we deliver IT to help P&G win with the over 5 billion consumers we serve worldwide. Our IT professionals are diverse business leaders who apply IT expertise to deliver innovative, tech-focused business models and capabilities for our 65 iconic, trusted brands. From Day 1, you'll be trusted to dive right in, take the lead, use your initiative, and build billion-dollar brands that help make everyday activities easier and make the world a better place! Our company offers purposeful work that will take your career places you never envisioned, in creative workspaces where innovation thrives and where your technical expertise is recognized and rewarded. The Opportunity P&G is seeking a Governance, Risk, and Compliance Director passionate about safeguarding data, enabling business through smart risk management, and shaping the future of cybersecurity. The IT Governance, Risk, and Compliance (GRC) Organization at Procter & Gamble is responsible for risk identification, assessment, and remediation across the IT landscape, as well as driving automated governance and compliance breakthroughs. As the GRC expert, you'll play a critical role in maturing and maintaining the security risk and compliance posture of our organization. You will lead initiatives that align our security program with business goals, ensure regulatory and policy compliance, and creatively solve problems to manage risk for the company. Responsibilities: Governance: Maintain and evolve the information security policy framework and controls aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Establish and track metrics to measure policy adherence and program maturity. Drive internal alignment on security roles, responsibilities, and expectations. Risk Management: Manage the enterprise risk management process including risk identification, analysis, treatment planning, and reporting. Conduct security risk assessments for internal systems, projects, vendors, and business processes. Facilitate risk-based decision-making at all levels of the organization. Compliance: Ensure ongoing compliance with applicable regulations and frameworks (e.g., GDPR, HIPAA, CCPA, SOX). Maintain a library of evidence and documentation to support audit and regulatory needs. Monitor the effectiveness of IT controls and identify gaps in compliance. Analyze control measurements for negative trends and reoccurrence frequency. Collaborate with internal/external auditors on compliance audits, audit findings, and issue remediation Awareness & Enablement: Contribute to the continuous improvement of the risk and compliance mindset across P&G. Build IT risk awareness by providing support and training to others. Collaborate cross-functionally with IT, Legal, Privacy, and Business Operations teams. Stay up to date with how current events, security focus areas, and the regulatory environment may impact P&G's compliance processes Estimated Percent of Time Spent on Work 25% - Risk identification, analysis, and assessment 40% - Plan and drive enterprise-wide initiatives to reduce risk and improve compliance across the organization 25% - Assess and improve the effectiveness of IT controls and compliance across the enterprise 10% - Collaboration with internal/external auditors, driving a risk-aware compliance mindset Job Qualifications Required: Bachelor's degree in Computer Science, Computer Systems Engineering, Cybersecurity, Industrial Engineering, Business Management Information Systems, Software Development, or related field Prior hands on experience working in a security-focused role, such as Information Security Analyst, SOC Analyst, Security Engineer, etc. 8+ years of experience in Governance, Risk, and Compliance with a focus on Information Security In-depth knowledge of major security frameworks (e.g., NIST CSF, ISO 27001, SOC 2). Experience conducting risk assessments, audits, and control testing. Strong understanding of regulatory compliance requirements (e.g., GDPR, HIPAA, SOX, PCI DSS). Proven ability to write policies, manage documentation, and communicate clearly to both technical and non-technical stakeholders. Ability to influence and build relationships with business unit stakeholders, external service providers, and architecture teams. The ability to work independently, collaborate, and learn quickly. English fluency (speak, write, and read) Preferred Skills: Certified in CISSP, ISACA CRISC, CGEIT, CISA, or similar Pay Range: $160,000 - $220,000 Compensation for roles at P&G varies depending on a wide array of equal opportunity factors including but not limited to the specific office location, role, degree/credentials, relevant skills, and level of experience. At P&G compensation decisions are dependent on the facts and circumstances of each case. Total rewards at P&G include salary + bonus (if applicable) + benefits. Your recruiter may be able to share more about our total rewards offerings and the specific salary range for the relevant location(s) during the hiring process. Our company is committed to providing equal opportunities in employment. We value diversity and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Immigration Sponsorship is not available for this role. For more information regarding who is eligible for hire at P&G along with other work authorization FAQ's, please click HERE. P&G participates in e-verify as required by law. Qualified individuals will not be disadvantaged based on being unemployed. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Job Schedule Full time Job Number R000136880 Job Segmentation Experienced Professionals Starting Pay / Salary Range $160,000.00 - $220,000.00 / year

As Director of Information Security at Moov you will be responsible for the comprehensive enterprise-wide information security policy, strategy, architecture, operations, and capability enhancements of Moov and our platform. This position collaborates with the senior leadership team on security strategy, capability enhancements, and the development of enterprise security awareness and accountability. You will: Key Responsibilities: Develop, implement, and maintain information security policies, practices, and operations. Oversee incident evaluation and response, ensuring swift and effective handling. Manage corporate information security risk and regulatory architecture and status reporting efforts. Create and roll out audit and compliance programs. Implement technical compliance solutions and support for security awareness and training programs to ensure compliance. Collaborate with cross-functional teams to maintain a high standard of cybersecurity posture and response. Build and operate a security and compliance program for money movement regulations, aligning with information security policies and standards. Foster a security-conscious culture and ensure the platform's security. Leadership and Strategy: Execute a plan to achieve and maintain industry compliance for SOC 1, SOC 2, PCI, NACHA, FedRAMP, and other compliance programs. Research, educate, and recommend technical solutions to support compliance efforts. Develop, implement, and manage a comprehensive organization-wide information security and risk management program. Deliver education on compliance with security policies. Conduct security risk assessments and manage risk management processes. Ensure compliance with relevant laws, regulations, and policies in Moov's information security practices. Lead the information security team that is protecting Moov. Recruit, motivate, mentor, and lead the best security talent. You have: Bachelor's degree in Computer Science, Engineering, Information Systems, Cyber Security, Business, or a related academic discipline. 7-10+ years of relevant experience or an equivalent combination of education and experience. Strong knowledge of regulatory requirements and information security management frameworks, including SOC 1, SOC 2, ISO/IEC 27001, ITIL, SOX, PCI, FedRamp, and NIST. Ability to work in a fast-paced environment. Knowledge of payment systems, fintech, or online banking. Certification in CISSP, CISM, CRISC, CISA, CFE, or similar is highly recommended. Experience with banking regulations. Knowledge of OSS tools and active participation in OSS community. Experience working with remote-only teams. Experience with mid-size organizations and startups. Our company: Moov is a 100% remote company with people from more than 26 states. We're backed by a16z and other respected investors. We won Visa's global Everywhere Initiative and our community of builders grows larger every day. We're committed to building a team that represents a variety of backgrounds, perspectives, and skills and we embrace diversity, creativity, and equal opportunity. Our people: Our customers come from all walks of life and so do we. We hire great people from a variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger. We have mountain bikers, skiers/boarders, runners, video gamers, musicians, movie buffs, weight lifters, and about every other type of person in between. We enjoy solving problems and tackling challenges with creativity. If we don't know the answer, we revel in the hunt to find it. We like helping people and choose to give first. We're patient, open, and honest. If you share our values and enthusiasm for making the complex simple and delightful, you'll find a home at Moov. Benefits include: Competitive base salary + employee stock options w/early exercise opportunity 100% remote. We make remote-work work. We match what you contribute to your 401(k) up to 5% of your salary Generous parental leave Medical Ins: Health Savings Account (HSA) option w/employer contribution EAP and other wellness resources Unlimited PTO+ generous paid holiday schedule Professional Development Budget, we have a culture that encourages and promotes professional growth and development Home office stipend Culture of people helping people who give first, celebrate wins together and embrace autonomy, transparency, and trust The opportunity to join an experienced and ambitious team passionate about solving customers' needs and who love what they do Partner with a community of 3000+ developers around the world, helping them focus on possibilities vs payments Employee referral incentive Salary range: $220k - $232k based on experience, geography, and other key factors Advice: If you're nervous about not meeting every qualification above, apply anyway. Moov is all about pushing boundaries-ours, yours, and the industry's-so we look for curious people willing to experiment and grow. While we can't teach curiosity and compassion, we can teach some technical skills. Of course, we can't guarantee anything, but as Michael Scott says,“You miss 100% of the shots you don't take!” (Or was that Wayne Gretzsky?) One more thing: Don't go iron your clothes for your interview (do people still own irons?). We're all pretty casual here, so you can wear whatever you are most comfortable in. Okay-last thing: When you meet with us, have some concrete, tangible examples of when you've added value, improved something, created something, or done some fantastic, customer-centric work. We also want to learn about you as a person. If you want to know what it's like working at Moov, check out stories from our employees. PS: Share our job roles with others! Wouldn't it be nice to make new friends and bring over old friends? We think so. Moov Financial is a participant of E-Verify. All potential employees and employees are bound by the guidelines in the MOU and the rules and responsibilities. For more or up to date information on E-verify, go to ********************** and click on E-verify.

The Director - Information Security is a "CISO" type role. This is the role of a strategic leader responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. This role will report directly to the CIO and will be responsible for directing staff in identifying, developing, implementing, and maintaining processes across the organization to reduce information and information technology (IT) risks, respond to incidents, establish appropriate standards and controls, manage security technologies, and direct the establishment and implementation of policies and procedures. Leads company's IT technological strategies in support of the company's mission and core objectives, providing leadership, vision, and management of IT Teams. Ensures the effective operation of all IT systems and functions. Accountable for the management, mentoring, and career development of the IT staff members. PRIMARY RESPONSIBILITIES Strategic Planning and Financial Oversight Develops and maintains a culture of security that emphasizes the enterprise-wide responsibility for ALL COMPANY employees. Develops and maintains a comprehensive cloud security strategy aligned with the organization's overall security objectives and the larger organizational cloud strategy. Assures the alignment of IT and business strategy with particular focus on thought leadership and innovation. Must be able to design and execute multi-year road maps in order to transform COMPANY environment and collaborate with COMPANY, SBR and copany entities for technological efficiencies. Develops strategic annual and long-term business plans and operational budgets for responsible IT areas. Tracks implementations to ensure financial and service targets are met according to timelines. Leadership and Operations Management Creates a security strategy and roadmap to drive the organization towards a more secure future. Directs and manages IT Department activities and operations. Leads multiple teams of various levels of employees and consultants through the prioritization and implementation of project-related activities. Provides motivational career development and assessment of team members. Fosters and encourages a diverse, inclusive team. Service Delivery and Stakeholder Management Drives the incident response plan for the organization enrolling leadership to follow a well-rehearsed plan when a cyber event occurs. Oversees and negotiates service level agreements with internal and external stakeholders. Tracks service delivery to ensure agreed targets and standards are met. Directs relationships with vendors and ensures that vendors meet COMPANY business objectives/objectives, SLAs, and deliverables in a timely manner and within budget guidelines. Interacts with major suppliers, overseeing RFPs, bids, contracts, and service agreements. Project Planning and Resource Allocation Directs the design and implementation of security solutions that are secure, scalable, reliable, and cost-effective. Determines the value and ROI of every IT-related project. Prioritizes the scheduling and implementation of major IT projects to ensure the efficient utilization of resources. Identifies IT resources required to meet defined business objectives. Develops and defends opportunities for continuous creative improvement of processes and systems. Acts as a change agent for new technologies and processes in the COMPANY environment. Oversees the creation and maintenance of policies and procedures that protect the organization's computing infrastructure and data. Policy Development and Implementation Collaborates with Legal and Government Relations/Compliance teams to ensure compliance with relevant laws, regulations, and policies. Advocates for changes in other departments' practices to ensure compliance with security policies. Directs the planning, production, and implementation of information and for COMPANY technology-related systems policies, procedures, and regulations. QUALIFICATIONS Demonstrated senior-level IT management experience, adept at shaping and executing complex IT strategies. Executive presence in gaining consensus across all parties. Proven track record managing budgets ranging from $4 million to $10 million, showcasing financial acumen in IT operations. Proficiency in articulating intricate technical concepts to non-technical stakeholders in a clear concise manner. Proficient in leading multiple IT disciplines, including software development, technical support, and systems architecture, showcasing adept project management skills. In-depth understanding of computer systems, applications, operating systems, and robust knowledge of data security protocols. Ability to ensure all systems are secured at all times. Strong negotiation skills and a collaborative approach in dealings with third-party IT business partners. Critical Thinking and Decision-Making (proficiency: High): Advanced decision-making and problem-solving skills, essential for navigating complex IT landscapes and quickly addressing challenges. EDUCATION/EXPERIENCE BA/BS in Information Technology, Business Development, or a related field required. Master's Degree Information Technology, Business Development, or related field preferred. 12-15+ years of relevant professional experience. 5-7+ years in a similar size company and with relevant achievements IMPORTANT DETAILS This role does not support a work sponsorship therefore candidates MUST be eligible to work in the US and is not a C2C position Benefits and 401K are provided Hybrid Role - Remote work 2 days per week (after 90 days) [Wednesdays & Fridays]

We're seeking an experienced Director of Information Security to join our dynamic team and help drive our growth. In this role, your job will be to coordinate people and processes to instill a “security first” mindset for information management, systems development, acceptable use of these systems, staff awareness, and oversight of our vendors and partners. This security professional will lead the management of risk and compliance of intellectual property, including day-to-day network and cyber tool monitoring, oversight, and ongoing security testing. The individual performing this role will enforce policies and procedures that ensure compliance with state, federal, and industry standards and requirements, ensuring our customers' and company's data are protected. As the Director of Information Security, you will implement a security-readiness plan and provide guidance on how to quickly and effectively respond to any and all security incidents. In addition, this role will be instrumental in implementing controls and monitoring capabilities that provide visibility into the organization's security posture. At RxVantage we transform how medical practices engage with life sciences resources and expertise to improve patient care. Our platform intelligently connects healthcare providers with the precise life sciences experts that they need, when they need them. As a result, medical practices stay on the cutting edge of patient care without disrupting workflows. Trusted by more than tens of thousands of healthcare practitioners and all major life sciences companies, RxVantage has powered millions of educational exchanges between healthcare teams and life sciences companies. What you'll be doing: Creating and implementing a security roadmap based on current and ongoing assessments Ensuring policies are developed and maintained from both a business & technical perspective for the application, data, and security needs of the organization Working with Legal to ensure agreements are congruent with policies Overseeing the GRC (Governance Risk and Compliance) process Ensuring compliance with industry laws and regulations for data security and privacy to include CCPR, 21 CFR Part 11, SOC2, NIST SP800-53 Monitoring the Identity and Access Management Framework Benefits: Competitive Salary 100% Company-Paid Premiums for Employee's Medical Health (HDHP 4500), Vision, and Dental Plans + $4,400 company sponsored contribution into an HSA Short-term and Long-term Disability Life Insurance 401k Matching Work from Anywhere within the US Flexible PTO 100% Paid Parental Leave Post-Parental Leave Program - $5k stipend to assist with expenses, 4 week 100% paid “Ease-Back” return to work transition period Charitable donation matching Location: Our “Work from Anywhere” philosophy is aimed at making sure that we recruit a diverse range of thought leadership to ensure that our technology is better able to serve local health care providers. Our goal is to hire the country's top talent and allow them to create an environment within the U.S. where they can do their best work. About Our Organization: At RxVantage, we're a small company with a big mission: to connect healthcare providers with the right life science experts and resources they need, exactly when they need them, to improve patient care. We've built a software platform that's changing the way providers learn about the latest medical advancements and technologies. Every year, our platform powers over 1 million educational exchanges between medical practices and life science companies, making it easier for them to stay informed and provide better care. We have a proven product, a strong mission, and a passionate team. Now, we're looking for talented people to help us grow even more. If you're driven, eager to make an impact, and ready to be part of something meaningful, we want to hear from you! --- RxVantage is an equal opportunity employer and dedicated to ensuring that we represent the local communities where our health and wellbeing providers serve as pillars of support to our family, friends, and neighbors. Our representation within these communities allows us to embody a diverse set of backgrounds, experiences, abilities and perspectives; and provide an inclusive environment for our team to feel empowered to be their authentic selves, without fear of harassment or discrimination.

Why Montrose Montrose is on a mission to protect the planet and public health using science, data, and technology at scale. Our commitment to environmental intelligence, regulatory insight, and advanced digital platforms drives our approach to security and risk management. The CISO role is pivotal in safeguarding our business, our clients, and our mission, moving beyond compliance optics to build a resilient, risk-based security culture that enables growth and innovation. This is not a checkbox compliance role. This is enterprise security leadership with real-world impact: embedding security into every layer of our technology stack, business processes, and product delivery. If you're energized by building robust security programs, closing material risk gaps, and enabling modern engineering workflows, this role is built for you. The Role The Chief Information Security Officer (CISO) owns the strategy, architecture, and execution of Montrose's enterprise security program. The CISO leads a cross-functional security team (Governance, Risk & Compliance, Security Operations, Identity & Access Management) and partners with Legal, Infrastructure, Applications, and Product Engineering to deliver a comprehensive, scalable, and audit-ready security posture. You will define how security is designed, governed, and operationalized, driving clarity where there is complexity and accountability where there is fragmentation. You'll be bold about policy lifecycle management, asset visibility, and risk prioritization, while preparing the organization for the next generation of compliance, monitoring, and secure product delivery. What We Can Offer You Our mission is supported by our principles: We Value Our People, We Value Our Community, We Value Our Clients, We Value Our Shareholders. We differentiate ourselves with diverse talent. We care for the well-being and development of our people. So, we offer: Regular interaction and partnership with the executive team and senior leaders across Montrose Competitive compensation package: annual salary ranging from $275,000 - $300,000 USD; eligible for annual bonus of 30-40% Competitive medical, dental, and vision insurance coverage 401k with a competitive 4% employer match Progressive vacation policies and company holidays to ensure work/life balance A financial assistance program to help support peers in need known as the Montrose Foundation Access to attractive student loan rates to optimize your student loan payoff plans Key Responsibilities Enterprise Security Strategy & Architecture: Own the end-to-end vision and roadmap for Montrose's enterprise security program; define reference architectures and governance principles aligned to NIST 800-171, ISO 27001, NIST CSF, CIS Controls. Risk Management & Compliance: Build and maintain a CMMC L2 compliant enclave; align governance and controls to regulatory frameworks; lead incident readiness and response. Security Operations & Architecture: Establish a complete asset inventory and validate tool coverage; segment and secure lab networks; partner with CTO and engineering teams to enable secure, modern software development. Policies, Training & Culture: Publish clear policies and governance procedures; ensure annual reviews and training; govern guest/external data sharing in M365. Team & Leadership: Lead and grow a high-performing security organization spanning GRC, SecOps, and IAM; serve as a trusted partner to executives. What Success Looks Like (9-12 Months) A clearly defined, well-governed enterprise security architecture is in place. Asset inventory and tool coverage are complete and validated; continuous monitoring is operational. CMMC readiness achieved; SOC 2/ISO 27001 certification plan is underway. Security policies are published, enforced, and aligned to best practices. Security is embedded in engineering workflows and product delivery. Qualifications 10+ years of experience leading enterprise security programs and teams (GRC, SecOps, IAM) with direct CIO reporting. Demonstrated success aligning programs to NIST 800-171, ISO 27001, NIST CSF, CIS Controls, and achieving compliance. Proven ability to operationalize policy lifecycle management, incident response, and audit readiness. Track record partnering with Legal, Infrastructure, Applications, and engineering teams to reconcile control rigor with delivery needs. Ability to communicate effectively with executives, technical teams, and business leaders. You respectfully challenge your peers, and welcome the opportunity when others challenge you. You are flexible, resilient, and curious. Preferred Industry certifications (e.g., CISSP, CISM). Experience preparing for or implementing SOC 2/ISO 27001 audits and CMMC enclaves. Background in regulated, data-intensive, or multi-line-of-business environments. Why This Role Is Compelling As CISO at Montrose, you will own and shape the entire security program - transforming it from a reactive, compliance-driven function into a proactive, business-enabling force. You'll have the mandate and executive support to build a modern, risk-based security culture that not only protects the organization but also empowers innovation and growth. Your leadership will directly impact Montrose's ability to win and retain business, meet evolving regulatory demands, and deliver on our mission to protect the planet and public health. By partnering across IT, Legal, Product, and Operations, you'll ensure that security is a strategic enabler, removing friction, building trust with clients, and supporting the rapid adoption of new technologies. If you want to drive meaningful change, influence business outcomes, and lead a security program that is respected as a business partner - not just a gatekeeper - this is the role. Make The Right Move To Accelerate Your Career Montrose is a leading environmental solutions company focused on supporting commercial and government organizations as they deal with the challenges of today and prepare for what's coming tomorrow. With ~3,400 employees across 100+ locations worldwide, Montrose combines deep local knowledge with an integrated approach to design, engineering, and operations, enabling Montrose to respond effectively and efficiently to the unique requirements of each project. From comprehensive air measurement and laboratory services to regulatory compliance, emergency response, permitting, engineering, and remediation, Montrose delivers innovative and practical solutions that keep its clients on top of their immediate needs - and well ahead of the strategic curve. For more information, visit ********************* We are going to be blunt - the way we work may not suit everyone. Montrose is a fast-paced, dynamic and high-growth company. You are your own boss, but you will get ample guidance and support from talented, engaged, super-smart colleagues from Montrose and its service providers. Therefore, if freedom, autonomy, and head-scratching professional challenges attract you, we could be the perfect match. Want to know more about Montrose? Visit montrose-env.com and have fun! Montrose is an Equal Opportunity Employer. Montrose is committed to providing access and reasonable accommodation in its employment for individuals with disabilities.

Securitize, the leader in tokenizing real-world assets with $3.7B+ AUM (as of May 5, 2025), is bringing the world on-chain through tokenized funds in partnership with top-tier asset managers, such as Apollo, BlackRock, Hamilton Lane, KKR, and others. Securitize, through its subsidiaries, is a SEC-registered broker dealer, digital transfer agent, fund administrator, and operator of a SEC-regulated Alternative Trading System (ATS). Securitize is a global, fully remote team consisting of top talent from the blockchain and financial services industries. Having raised $170M overall to date, we are backed by some of the largest names in finance and technology, including BlackRock, Morgan Stanley, Blockchain Capital, MUFG, Sumitomo Mitsui Trust Bank, Sony Finance, Banco Santander, Coinbase, among others. Securitize has also been recognized as a 2025 Forbes Top 50 Fintech company. Before applying, we encourage you to visit us to learn more: Website | X/Twitter | LinkedIn Role Overview We are looking for a Chief Information Security Officer (CISO) to lead the company's information security, IT operations, and technical compliance functions. This role is strategic and hands-on, combining executive-level ownership of security and compliance with operational responsibility for corporate IT. The CISO will ensure the company meets regulatory, audit, and security obligations while enabling the business to scale safely across regulated entities, funds, and tokenized products. The CISO reports directly to the CEO, with a dotted-line relationship to the CTO / CPO organization, reflecting the strong collaboration required with Product & Engineering. Scope of Responsibilities 1. Corporate IT Operations & Support Own and operate the company's internal IT environment and end-user services across all business units and regulated entities, including: Endpoint lifecycle management (laptops, mobile devices, accessories) IT onboarding and offboarding processes Identity and Access Management (IAM) and RBAC for corporate systems Email, productivity, and collaboration tools Helpdesk and Tier 1 / Tier 2 support operations Software asset management and license compliance Endpoint security tooling (EDR, MDM, antivirus, DLP) Employee security awareness and phishing training IT support for regulatory exams, subpoenas, and information requests 2. Information Security Governance & Risk Management Define and own the company-wide security framework, policies, and risk posture, including: Corporate security policies (acceptable use, access control, incident response, vendor risk, etc.) Vendor and third-party risk management programs Security incident response governance for corporate systems Business continuity and disaster recovery planning (for internal systems) Asset inventory, audit logging, and evidence management Participation in all material security incidents and retrospectives as part of fundamental risk governance 3. Technical Compliance, Audits & Certifications Own security-related compliance and act as the primary executive counterpart for audits and regulators, including: SOC 1 / SOC 2 readiness and ongoing compliance SOX IT controls and coordination with Internal Controls DORA readiness and operational resilience requirements ISO 27001 or similar certifications (as applicable) Regulatory security reporting and remediation management Ownership of audit responses, findings, and corrective action plans 4. Platform Security Oversight (Tokenization & Lifecycle Management Platform) While Product & Engineering owns implementation and operations of platform security, the CISO is responsible for policy, assessment, and external defensibility of the platform's security posture, including: Reviewing and approving security architecture principles for the platform Oversight of secure software development practices (DevSecOps) Coordination and oversight of platform penetration tests Oversight of smart contract audits and third-party security reviews Participation in platform incident response when required Ability to clearly explain, present, and defend platform security controls to: Auditors Regulators Institutional clients and partners 5. Crypto & Tokenization Security Given the company's core business and growing use of crypto assets, the CISO must bring hands-on expertise in digital asset security, including: Private key management models MPC-based custody and signing infrastructures Secure operational processes for crypto asset handling Policy definition for wallets, signing authorities, and access controls Risk assessments related to on-chain activity and smart contracts Oversight of crypto-specific incident response scenarios Experience Must-have Senior leadership experience in Information Security (CISO, VP Security, or equivalent) Proven ownership of audits and certifications (SOC, SOX, ISO, regulatory exams) Strong understanding of cloud security (AWS or equivalent) Direct experience with: Crypto assets Private key management MPC or HSM-based infrastructures Smart contract audits and security reviews Ability to operate credibly with: Regulators Auditors Institutional partners Experience operating in regulated financial environment Nice-to-have Experience in fintech, capital markets, or digital securities Familiarity with SEC-regulated entities and fund structures Experience scaling security orgs in fast-growing companies Why Join Us? Become a part of our rapidly expanding organization and enjoy a supportive and rewarding work environment: Unlimited Paid Time Off (PTO) - Promoting a healthy work-life balance. Equity Grant Opportunities - Share in the success and future growth of the company. Remote Work Flexibility - Work from anywhere while staying connected with a dynamic and collaborative team. Additional Benefits for US employees Comprehensive Insurance Coverage - 100% employer-paid Medical, Dental, and Vision benefits for you and your family. 401(k) Retirement Plan - Secure your financial future with employer-sponsored savings.

All JerseySTEM roles are pro-bono (unpaid) positions. JerseySTEM is a mission-driven professional network of pro-bono contributors dedicated to improving access to STEM education and career pathways for underserved middle school girls in New Jersey. Members contribute their professional skills and leverage their networks in service of the organization's gender-equity agenda. Membership is a minimum six-month commitment of approximately six flexible hours per week and includes a $100 refundable deposit, returned after six months of active membership. K-12 educators, retirees, veterans, interns, and students are exempt from the deposit. Overview This is a pro-bono position. JerseySTEM is looking for experienced professionals to commit time and expertise as a long-term engagement in support of our mission to provide STEM education to underrepresented middle school girls. The Chief Information Security Officer (CISO) provides strategic leadership for information security, cybersecurity risk, and data protection across the organization, working collaboratively with Technology, Data, and leadership. This is not a technical or operational role, but a governance and advisory role focused on policy, risk management, and organizational security awareness. Responsibilities Define and lead the JerseySTEM's information security strategy to support and advance the organization's goals . Develop, implement, and maintain policies and procedures aligned with federal regulations appropriate for a nonprofit organization. Identify and assess cybersecurity risks from data, systems, and infrastructure. Work with stakeholders to communicate, manage, and mitigate risks. Partner with the JerseySTEM's TECH team and leadership to ensure security is embedded in systems, tools, and workflows. Establish and oversee JerseySTEM's security awareness and best practices. Develop the tailored training and communication for volunteers and team members. Continuously evaluate and improve defenses against evolving threats, including those driven by generative AI and adversarial ML techniques. Provide tailored guidance to JerseySTEM's data custodians handling sensitive and/or regulated datasets. Ensure compliance with relevant security, privacy, and data protection principles appropriate for a nonprofit organization. Support and champion the JerseySTEM's data classification. Participate in virtual meetings to align on organizational priorities and initiatives. Oversee cybersecurity incident response planning activities; investigate and manage response to security breaches as needed. Qualifications A minimum of ten (10) years of progressive experience in information security, cybersecurity, or risk management leadership roles. Familiarity with the cybersecurity implications of artificial intelligence and machine learning. Strong understanding of security frameworks, controls, and best practices (e.g., risk assessment, access management, data protection). Ability to translate technical security concepts into clear guidance for non-technical stakeholders. Experience working with cross-functional teams in a collaborative environment. Strategic mindset with a hands-on, pragmatic approach. Excellent communication, judgment, and decision-making skills. Comfortable working in a fully remote, volunteer-driven organization. Commitment for 5-6 hours per week Preferred Qualifications An advanced degree is preferred. A retired professional is a plus. Relevant certifications preferred (e.g., CISSP, CISM, CCSP, GIAC). This is a pro-bono volunteer position.

Join us as we scale our business by building on our tremendous success around the world. The massive database market is going to double over the next few years and TiDB is a global player positioned as a major disruptor with TiDB Database and Database as a Service offering. TiDB is an open-source, cloud-native, distributed SQL database for elastic scale and real-time analytics. Large and high-growth organizations in markets as varied as financial services, logistics, gaming, e-commerce and software as a service have successfully deployed and expanded their TiDB footprint on mission-critical applications. Our strong open-source community roots (39,500+ stars on GitHub), innovative products and inclusive culture draw passionate and dedicated people to our company. Learn more about TiDB careers and join our team to be at the forefront of innovation and growth. Role Overview: We are seeking a part-time Chief Information Security Officer (CISO) to lead TiDB's global security strategy. This role will be responsible for defining and executing a comprehensive information security, risk management, and compliance program that protects TiDB's products, infrastructure, customers, and employees. As CISO, you will partner closely with product, sales, legal, and executive leadership to ensure security is embedded into everything we do - from the core of TiDB to our SaaS/cloud offerings and enterprise engagements. Responsibilities: Proven experience as a CISO or senior security leader in a high-growth B2B SaaS environment. Strong understanding of cloud security, DevSecOps, zero trust architectures, and modern compliance frameworks. Exceptional communicator with executive presence-comfortable interfacing with CISOs, CIOs, and security decision-makers. Experience supporting GTM motions, including joining sales calls, handling due diligence, and presenting to security-conscious enterprise buyers. Define, implement, and continuously evolve TiDB's global information security strategy and roadmap. Drive adoption of best practices in application security, data security, and infrastructure hardening. Establish and maintain a comprehensive risk management framework aligned with ISO 27001, SOC 2, GDPR, CCPA, and other relevant standards. Work with legal and compliance teams to monitor evolving regulations in key markets. Engage directly with enterprise customers to build trust in TiDB's security practices. Effectively represent the company through thought leadership, including written contributions and participation in public speaking engagements. Qualifications: Proven experience leading security at a global SaaS, cloud infrastructure, or database company. Deep understanding of distributed systems, cloud-native architectures, and DevSecOps practices. Strong knowledge of security frameworks and regulations (ISO 27001, SOC 2, NIST, GDPR, etc.). Demonstrated ability to lead incident response and crisis management. Excellent communication and executive presence; comfortable engaging with boards, regulators, and enterprise customers. Fluent public speaker or participates actively in a public facing security community. Salary: The annual anticipated base salary range for U.S. candidates for this role is USD $100,000 to $140,000K. Four zones are applied with different levels of the pay range. More details of the Geo Differential Pay Policy will be discussed during the HR conversation. The actual individual base pay will depend on various factors such as the complexity and responsibility of the role, work locations, job levels, and relevant experience and skills. This role is also eligible to participate in TiDB's Bonus and Equity Plan, as well as our Sales Compensation Plan if it is a sales role. In order to comply with local legislation and provide greater transparency to candidates, we share base salary ranges on all US job postings regardless of desired hiring location. Please note that actual salaries may vary and fall outside of this range depending on factors such as a candidate's qualifications, geographic location, skills, experience, and competencies. Other benefits include health insurance, flexible vacation time, paid holidays, and parental leave. Salaries for candidates outside the U.S. will vary based on local compensation structures. We encourage people from underrepresented groups to apply. Come advance with us! In keeping with our values, no employee or applicant will face discrimination/harassment based on: race, color, ancestry, national origin, religion, age, gender, marital domestic partner status, sexual orientation, gender identity, disability status, or veteran status. TiDB also strives to prevent other, subtler forms of inappropriate behavior (e.g., stereotyping) from ever gaining a foothold in our organization. Whether blatant or hidden, barriers to success have no place at TiDB.

DISCLOSURES The specific statements shown in each section of this are not intended to be all-inclusive. They represent typical elements and criteria considered necessary to perform the job successfully. The job's responsibilities/tasks may be modified and/or expanded over time. Company will inform the personnel member when changes in the respective job description are made. ABOUT ENTERPRISE MANAGEMENT SOLUTIONS, LLC Enterprise Management Solutions, LLC (Enterprise) is a full-spectrum administrative and operational management firm headquartered in Baltimore, Maryland. We provide contracted infrastructure support to independently governed organizations in sectors such as behavioral health, primary care, supportive housing, food service, commercial real estate, and nonprofit development. Enterprise does not own or govern the organizations we serve. Instead, we operate as a trusted administrative services provider under formal contractual agreements, offering high-level back-office services that allow our clients to focus on mission execution and program delivery. Our scope of service includes: Comprehensive fiscal systems and multi-entity accounting Human resource infrastructure and staff onboarding Legal compliance and audit readiness Technology integration and IT systems governance Organizational growth planning and fiscal sustainability analysis Federal and state grant compliance, budget monitoring, and reporting Financial and operational performance dashboards CEO- and executive-level strategy support Our goal is to relieve mission-driven companies of administrative burden by overseeing financial and operational systems that allow leadership teams to focus on quality care and innovation. COMPANY WEBSITE: ********************************* COMPANY PHONE NUMBER: ************** HUMAN RESOURCES PHONE NUMBER: ************** ext. 10 POSITION TITLE: Chief Information Security Officer (CISO) ALTERNATE TITLE(S): Chief Cybersecurity Officer (CCSO), Chief Security Officer (CSO - Cybersecurity), Senior Cybersecurity Executive COMPANY: Enterprise Management Solutions, LLC (in support of all customer companies under contract) DIVISION: Technology & Information Security DEPARTMENT: n/a UNIT: n/a BENEFITS PACKAGE: This position is eligible for standard W-2 employee benefits, including but not limited to those outlined in the Company's official benefits package. Eligibility and participation are subject to the terms and conditions of the applicable plans. Full details are provided in the current benefits package documentation. WORK SCHEDULE: Two days per week: Tuesday and Thursday, 8:00 AM - 5:00 PM (daily lunch break from 12:00 PM - 1:00 PM) ACCOUNTABLE TO: Chief Executive Officer (COO, in absence of CEO) ACCOUNTABLE FOR: Oversight of cybersecurity strategy, data protection, regulatory compliance, and the supervision of all information security systems, personnel, and vendors across all affiliated companies. This role is responsible for ensuring uninterrupted cybersecurity operations, incident response readiness, and cross-training protocols to protect critical client and company assets. CLASSIFICATION: W-2 employee; part-time hourly COMPENSATION RANGE: Ranges between $55.00 per hour to $90.00 per hour, and is commensurate with experience, expertise, verified credentials, and available company budget. ANTICIPATED TRAVEL: Up to 10% of the time (interoffice and site-based meetings) WORKPLACE POLICY: This is a 100% in-office role at Baltimore HQ, two days per week. Remote work or telework is prohibited unless explicitly pre-approved in writing by the CEO. SUMMARY OF POSITION RESPONSIBILITIES The Chief Information Security Officer (CISO) serves as the organization's highest-ranking cybersecurity executive, responsible for designing, implementing, and maintaining a resilient information security program that safeguards company and client systems against internal and external threats. The CISO oversees all areas of cybersecurity including policy development, risk management, threat detection, incident response, and compliance with federal and state regulations (HIPAA, HITECH, GDPR, SOC2, PCI-DSS, NIST, and others as applicable). This role also ensures that Enterprise delivers all contracted Information Security, IT Governance, and Cybersecurity Risk Management services to affiliated entities, protecting sensitive healthcare, housing, financial, and client records. The CISO plays a critical role in aligning technology security with enterprise goals, while proactively mitigating risks across all operational areas. SCHEDULED DUTIES AND RESPONSIBILITIES Cybersecurity Strategy & Leadership Develop and execute a company-wide cybersecurity program aligned with business and client requirements. Translate the CEO's strategic vision into measurable, risk-based security initiatives. Conduct long-term security planning, including disaster recovery and business continuity. Risk Management & Regulatory Compliance Ensure strict compliance with HIPAA, HITECH, GDPR, SOC2, PCI-DSS, NIST, and state regulations. Perform enterprise-wide risk assessments and vulnerability scans. Maintain and update incident response, breach notification, and audit readiness protocols. Threat Monitoring & Incident Response Direct the Security Operations Center (SOC) or equivalent vendor-managed services. Oversee intrusion detection, SIEM monitoring, log review, and malware defense. Lead incident response, forensic investigation, and breach communication with executive leadership. Identity, Access, and Data Security Manage identity and access management systems, including MFA and privileged access controls. Oversee endpoint, mobile device, and server security configurations. Ensure encryption, secure backups, and data loss prevention across all platforms. Vendor & Third-Party Oversight Review vendor contracts, security certifications, and compliance attestations. Establish standards for secure integration with external technology providers. Lead vendor risk management and third-party security audits. Internal Policies & Training Develop internal cybersecurity policies, acceptable use guidelines, and SOPs. Deliver quarterly staff training on phishing, ransomware, and cybersecurity awareness. Conduct simulated incident drills and security tabletop exercises. Collaboration & Executive Support Advise the CEO and COO on cybersecurity risks and budget needs. Partner with CFO, HR, and Operations Managers to ensure cross-department compliance. Provide security briefings to the Board of Directors and client executives. UNSCHEDULED DUTIES AND RESPONSIBILITIES Respond to emergent cybersecurity threats or system alerts. Support investigations of insider threats, fraud, or data misuse. Participate in interdepartmental workgroups to integrate new systems securely. Maintain active knowledge of evolving threats, ransomware tactics, and industry best practices. Lead recovery efforts in the event of a cyber-attack or natural disaster affecting IT infrastructure. PHYSICAL DEMANDS Prolonged periods sitting at a desk and working on a computer. Occasional lifting up to 25 pounds. WORKING CONDITIONS Cross-functional collaboration with executives and technical staff. 100% in-office role at Baltimore HQ (two days per week, no remote or hybrid unless CEO approved). Travel up to 10% may be required for audits, client meetings, or incident response. Must be available during scheduled hours with flexibility for emergent needs. COMPETENCIES AND SKILLS Visionary leadership with deep technical and cybersecurity acumen. Expertise in risk management, incident response, and compliance frameworks. Skilled in cloud security (AWS, Azure, Google Cloud), SaaS protection, and on-premises systems. Strong command of cybersecurity frameworks: NIST CSF, ISO 27001, COBIT. Familiarity with healthcare IT and HIPAA/HITECH security requirements. Effective communicator able to brief executives and train staff. Demonstrated ability to lead multidisciplinary teams and manage security vendors. LEVEL OF EDUCATION / TRAINING / QUALIFICATIONS Master's degree in Cybersecurity, Computer Science, or Information Technology (required). Certified Information Systems Security Professional (CISSP) in good standing (required). Additional certifications (CISM, CISA, CCSP, CRISC) strongly preferred. Minimum 8-10 years of progressive cybersecurity leadership experience, with at least 5 years in a senior or CISO role. Experience overseeing security in healthcare, housing, financial, or government environments strongly preferred. Demonstrated track record of regulatory compliance, successful incident response, and enterprise-level security program development.

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Information System Security Manager - REMOTE. In this role, you will have the opportunity to make a significant impact by ensuring that information system security is upheld within critical governmental operations. You will lead initiatives to implement security programs, conduct audits, and maintain compliance with the established regulations. As part of a collaborative team, you will help elevate the standards of cybersecurity, all while working from anywhere. Your contributions will directly enhance the security posture of the organization and support various missions.Accountabilities Conduct information system security inspections, tests, and reviews to maintain an Authority to Operate (ATO). Implement and enforce a formal information system security program and develop security policies and plans. Demonstrate knowledge of systems engineering, network security concepts, and IT security principles. Ensure software and hardware complies with security configuration guidelines. Report cybersecurity-related events that impact IT authorization. Implement Security Information and Event Management processes. Requirements Bachelor's Degree in Information Systems, Information Assurance Management, Computer Science, or related field (or equivalent experience). 2-7 years of relevant experience in information systems security. IAM Level II DoD approved cybersecurity certification or higher (e.g., CAP, CASP, CISA, CISM, CISSP). Experience with the Risk Management Framework (RMF) and NIST publications (NIST 800-53 and NIST 800-37). Active Secret Security Clearance required. Located within 2 hours of Joint Base Andrews for potential onsite meetings. Benefits Opportunity to work remotely with flexibility. Engagement in meaningful projects that influence national security. Possibility for professional growth and development. A supportive work environment that values diversity and inclusion. Recognition as a military-friendly employer with a commitment to veterans. Why Apply Through Jobgether? We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.#LI-CL1

Compliance & Information Security Manager Department: Compliance Reports To: VP of Compliance Installation Made Easy (“IME”) provides software and process management that enable retailers and contractors to offer installed home improvements to homeowners in a convenient, consistent, and affordable manner. IME senior management has over 100 years of retail management and home improvement industry experience. We are seeking a Compliance & Information Security Manager to build and manage our corporate compliance and information security governance program. The role will lead regulatory compliance initiatives, manage audit and certification efforts, and partner closely with Compliance, IT, and Security teams to support a strong risk and compliance posture. The candidate must be able to work independently in a remote environment. Essential Functions: Manage compliance programs related to PCI DSS, SOC 1 / SOC 2, and related frameworks. Serve as project manager for external audits and certifications, coordinating internal teams and external auditors. Maintain compliance with U.S. consumer privacy and data protection laws, including state privacy and breach notification requirements. Develop and maintain compliance, privacy, and information security policies and documentation. Review and redline agreements with customers, partners, and vendors, focusing on data protection, security, and compliance terms. Oversee the maintenance of the company's certifications and licenses, such as money services licensure and/or business registrations Support information security governance, risk assessments, vendor risk reviews, and remediation tracking. Provide compliance support during security incidents and investigations. Partner cross-functionally and provide compliance guidance and training across the organization. Perform other duties as required. Minimum Qualifications: 5+ years of experience in compliance, information security, risk management, or GRC roles. Hands-on experience managing PCI and SOC audits. Working knowledge of U.S. consumer privacy and data protection laws. Experience reviewing and redlining commercial agreements. Strong project management and communication skills. Bachelor's degree in a related field or equivalent experience. Preferred Qualifications: Certifications such as CISSP, CISM, CRISC, CISA, or CIPP/US. Experience in a SaaS or software environment. Familiarity with NIST or ISO 27001 frameworks. Physical Requirements: Prolonged periods of sitting at a desk and working on a computer. Benefits to working with IME: 100% remote work environment Employer provided equipment. Medical, dental, and vision insurance Health savings plan includes employer contribution to health savings account. Medical and dental flexible spending accounts Company paid basic life, short-term disability, and long-term disability insurance. 401K plan with employer match Company matches 100% of the first 4% of salary deferrals. All contributions, including employer contributions, are 100% vested immediately. Employee discount program for Electronics, Groceries, Travel, Entertainment, and more Employee assistance program Pay on demand. Critical illness, hospital indemnity, group accident, and legal insurance Paid time off. And more! We are an Equal Opportunity and Drug-Free Workplace. The is not an exhaustive statement of all duties, responsibilities, or qualifications of the job, nor is it intended to limit opportunities for necessary modifications. The Job Description does not constitute an employment contract of any kind.

Introduction KLDiscovery offers a fantastic opportunity for you to use your talents to make a meaningful impact in a fast-paced, growing technology and services organization! KLDiscovery is a global leader in eDiscovery, compliance, and data management solutions, empowering law firms, corporations, and government agencies to tackle their most complex legal and regulatory challenges. We are looking for a Vice President, Chief Information Security Officer to join our team who is passionate about our mission and brings initiative, authenticity, and collaborative spirit to everything they do. If you're fueled by innovation and committed to delivering exceptional results, KLDiscovery is the perfect place to grow your career. Work Status: Remote, work from home opportunity. Is This Role For You? The Vice President, Chief Information Security Officer provides strategic and operational direction to the organization to ensure the attainment of business objectives. Ensure that all revenue and profit goals are met. Revise objectives and policies in response to changes in internal and external conditions. Coordinate operations between divisions and departments. Establish responsibilities and procedures for attaining objectives. Establish strategies and objectives, coordinating with all organizational goals and standards. Responsible for financial performance and attainment of profit goals. A Day in The Life Development of policies and standards aimed at minimizing costs related to acquisition, implementation, and operation of IT systems across business units. This includes the management of vendor relationships and ensuring this is leveraged across business units. Manage and develop key performance indicators to assure customer satisfaction and operational performance; manage problem escalation and communication with senior management and customers where appropriate. Ensure software and hardware license compliance through documented, established process. Coordinate gap analysis to identify training needs for department. Define requirements and ensure compliance for next level of advancement. Direct, coach, and mentor management staff in performance management skills. Build a department that optimizes senior talent, while promoting the growth of junior talent. Performance Management including collecting data on regular basis, organize and create annual reviews, provide regular coaching of individuals. Manage the timeliness of reviews for the department. Provide daily operational direction and oversight in meeting committed service level agreements (SLAs). Maintain and improve operational policies and procedures. Provide quarterly updates to the BoD and Senior Level Management. Travel as necessary for internal needs as well as client requested audits. What You Will Bring To The Role Bachelor's degree in technology-related field or equivalent work experience. 15+ years' experience; Ten to Thirteen years management. This experience should include: Management of production data centers and external customer SLA support Demonstrated success in providing best practice process and support implementation Proven track record and managing teams of 20 or more people Demonstrated knowledge of global telecommunications Demonstrated quality control implementation experience Demonstrated success in change management Extensive experience with the build out, growth, management, and support of high-volume Data Centers Fiscal responsibility, including creating and managing to a budget Demonstrated ability to create a vision for IT Operations focused on IT Service Management and ITIL Demonstrated success in defining, tracking, and communicating internal and business focused metrics Demonstrated success in defining and implementing a global IT shared services model Coaching, developing, and mentoring direct reports and ensure processes are in place to develop the future leaders of the IT organization Skills: Must be able to synthesize large amounts of data/concepts effectively into understandable terms both written and oral Must be capable of communicating with Sr. Level Management both verbally and in written communications Must be adaptive with varied skill sets that can fit into a variety of project situations Must be quick learning and possess a high comfort-level with non-repetitive projects and new challenges Must be quick thinking: ability to listen, grasp concepts and engage during interactive discussions Should be able to work with limited supervision Should have strong organizational and time management skills Should be well rounded with an exceptional work ethic Should be results-oriented with an exceptional ability to be independent, motivated, and proactive Should be customer-focused and possess resilient interpersonal talents and poise to manage change Excellent communication (oral, listening, and writing) skills Strong problem solving, time management and organizational skills Understanding of data center commercial market space General knowledge of applications management processes and methodologies Expert knowledge of system management and process methodologies and practices Strong understanding with practical application of WAN/LAN and internet connectivity and concepts. Driving Career Growth, Benefit Excellence: The KLD Advantage At KLD we invest in employees and their families by placing their wellbeing first. We offer competitive total compensation that includes base pay, bonus potential, inclusive benefits, wellness programs, and perks. We use market and industry data to inform pay decisions while considering geography and labor markets, individual experience, and business needs. Individual compensation will vary, although a reasonable estimate of the current annualized base pay range for this position is $200,000 to $250,000. We offer a high-performance laptop computer, options for wireless headset or external speaker, up to two 24” 2K monitors, and a mobile phone for business use. Generous paid time off, offering various time off options to help employees maintain a work-life balance, such as vacation, paid sick leave, parental leave, paid jury leave, and more! Comprehensive health, dental, vision and supplemental benefits packages that include life insurance, short- and long-term disability, to promote the health of our employees. Remote-friendly, flexible working culture, where you can apply to work from several global locations. A focus on continuous professional development through various training and education reimbursement programs. A diverse and inclusive workplace where we all learn, grow, and achieve the greatest heights…together. A surrounding team of mission-driven individuals who genuinely love what they do. Equity incentives and company bonus programs; that way, we all share in the success of KLDiscovery. Free, fun, interactive and incentivized global wellness program that promotes the wellbeing of our employees plus offers a wide range of perks and discounts! Free Employee Assistance Program (EAP) because we all could use a little help and support every now and then. 401(k) with employer match, to help our employees achieve financial success. KLD supports the communities where our employees live and offers a paid community service day for employees to volunteer with what resonates with them. To keep our furry, 4-legged family members healthy, KLD employees can opt for Pet Insurance. Who We Are KLDiscovery provides technology-enabled services and software to help law firms, corporations, and government agencies solve complex data challenges. With offices in 26 locations across 17 countries, KLDiscovery is a global leader in delivering best-in-class data management, information governance, and eDiscovery solutions to support the litigation, regulatory compliance, and internal investigation needs of clients. Our Nebula Ecosystem provides powerful end-to-end eDiscovery and enterprise-grade information governance. Through its global Ontrack data recovery business, KLDiscovery delivers world-class data recovery, disaster recovery, email extraction and restoration, data destruction, and tape management. We Provide Equal Employment Opportunity At KLDiscovery we believe that inclusion and diversity make us stronger. We are committed to fostering an inclusive environment for all employees that enhances wellbeing and belonging. We welcome and celebrate individuals of all backgrounds, experiences, and perspectives. We do not discriminate on the basis of race, color, religion, gender, pregnancy, gender identity, sexual orientation, national origin, age, disability, genetic information, veteran status, or any other protected status. We are happy to support you with any accommodation request at any stage in our hiring process. Texas PI# A04094801 #LI-TF1 #LI-Remote

What if you could build a career where ambition meets innovation? At LPL Financial, we empower professionals to shape their success while helping clients pursue their financial goals with confidence. What if you could have access to cutting-edge resources, a collaborative environment, and the freedom to make an impact? If you're ready to take the next step, discover what's possible with LPL Financial. Job Overview: The Principal, Business Information Security Officer (BISO) plays a crucial role in ensuring the secure evolution of LPL Financial's product portfolio. Aligned with specific executives across the business, this role is responsible for the alignment with their business unit's cybersecurity strategy with the overall corporate cybersecurity strategy. The BISO will drive risk remediation efforts, educate members of their business unit on operationalization of cybersecurity policies and procedures, and be the primary interface point for the business unit. They become the cybersecurity subject matter expert for their domain and use that knowledge to report back to the cybersecurity team on the direction the business is going, and vice-versa. Responsibilities: * Act as the primary InfoSec liaison for Product, Business, and Technology Leadership, ensuring security integration into business strategies. * Serve as the primary point of contact for the assigned business unit. * Drive security-related change management, ensuring transparent communication with advisors and key stakeholders. * Provide technical and business guidance on cybersecurity risk, including application security (OWASP), cloud security (AWS/Azure), and IAM principles. * Facilitate risk-adjusted security exception management, supporting product leaders in remediation efforts. * Collaborate with security and product teams to reduce friction and improve alignment between InfoSec practices and business goals. * Understand cybersecurity objectives and assist business leaders with resource planning * Offer executive-level reporting on security posture and risk management efforts. What We Are Looking For: We seek innovative, strategic thinkers who thrive in fast-paced environments, are highly collaborative, and can translate complex security concepts for executive and non-executive audiences. Requirements: * 7+ years of cybersecurity risk management experience, including identification, synthesis, and remediation strategies. * Strong knowledge of NIST CSF 2.0 and other industry security frameworks. * Extensive experience working in a matrix reporting model, supporting both operational and transformational cybersecurity initiatives. * Executive presence with a proven ability to engage stakeholders, influence decision-making, and communicate security strategies effectively. * Technical expertise across cloud security (AWS/Azure), DevSecOps, application security, and secure data-handling processes. Preferences: * Bachelor's degree in Computer Science, Information Systems, or a related field. * 10+ years in cybersecurity, risk management, or security program management. * Strong relationship-building and cross-functional collaboration skills. * Certifications such as CISSP, GIAC, CCSP, or other cloud security credentials. * Experience in Agile security methodologies and understanding of Software Development Life Cycle (SDLC). * Practical offensive security experience such as penetration testing or red teaming #LI-Hybrid Pay Range: $143,100-$238,500/year Actual base salary varies based on factors, including but not limited to, relevant skill, prior experience, education, base salary of internal peers, demonstrated performance, and geographic location. Additionally, LPL Total Rewards package is highly competitive, designed to support your success at work, at home, and at play - such as 401K matching, health benefits, employee stock options, paid time off, volunteer time off, and more. Your recruiter will be happy to discuss all that LPL has to offer! Company Overview: LPL Financial Holdings Inc. (Nasdaq: LPLA) is among the fastest growing wealth management firms in the U.S. As a leader in the financial advisor-mediated marketplace. LPL supports over 29,000 financial advisors and the wealth-management practices of 1,100 financial institution, servicing and custodying approximately $1.9 trillion in brokerage and advisory assets on behalf of approximately 7 million Americans. The firm provides a wide range of advisor affiliation models, investment solutions, fintech tools and practice management services, ensuring that advisors and institutions have the flexibility to choose the business model, services, and technology resources they need to run thriving businesses. At LPL, independence means that advisors and institution leaders have the freedom they deserve to choose the business model, services, and technology resources that allow them to run a thriving business. They have the flexibility to do business their way. And they have the freedom to manage their client relationships, because they know their clients best. Simply put, we take care of our advisors and institutions, so they can take care of their clients. For further information about LPL, please visit ************ Join LPL Financial: Where Your Potential Meets Opportunity At LPL Financial, we believe that everyone deserves objective financial guidance. As the nation's leading independent broker-dealer, we offer an integrated platform of cutting-edge technology, brokerage, and investment advisor services. Why LPL? * Innovative Environment: We foster creativity and growth, providing a supportive and responsive leadership team. Learn more about our leadership team here! * Limitless Career Potential: Your career at LPL has no limits, only amazing potential. Learn more about our careers here! * Unified Mission: We are one team on one mission-taking care of our advisors so they can take care of their clients. Learn more about our mission and values here! * Impactful Work: Our size is just right for you to make a real impact. Learn more here! * Commitment to Equality: We support workplace equality and embrace diverse perspectives and backgrounds. Learn more here! * Community Focus: We care for our communities and encourage our employees to do the same. Learn more here! * Benefits and Total Rewards: Our Total Rewards package goes beyond just compensation and insurance. It includes a mix of traditional and unique benefits, perks, and resources designed to enhance your life both at work and at home. Learn more here! Join the LPL team and help us make a difference by turning life's aspirations into financial realities. Please log in or create an account to apply to this position. Principals only. EOE. Information on Interviews: LPL will only communicate with a job applicant directly from ******************** email address and will never conduct an interview online or in a chatroom forum. During an interview, LPL will not request any form of payment from the applicant, or information regarding an applicant's bank or credit card. Should you have any questions regarding the application process, please contact LPL's Human Resources Solutions Center at **************. EAC1.22.25

Company Credit Genie is a mobile-first financial wellness platform designed to help individuals take control of their financial future. We leverage artificial intelligence to provide personalized insights and are building a financial ecosystem by offering tools and services that provide instant access to cash, and building credit. Our goal is to empower every customer to achieve long-term financial stability. Founded in 2019 by Ed Harycki, former Swift Capital Founder (acquired by PayPal in 2017). Backed by Khosla Ventures and led by industry pioneers from companies such as; PayPal, Square, and Cash App, we are well positioned to build the future of inclusive finance through cutting-edge technology and customer-centric solutions. Overview As Chief Information Security Officer (CISO), you will be the primary leader responsible for developing and implementing our information security strategy. You'll protect our systems, data, and customer trust by overseeing cybersecurity operations, ensuring compliance with regulatory standards, and mitigating risks in a dynamic fintech environment. This role demands a visionary leader with deep expertise in cybersecurity, preferably in fintech, and a passion for securing innovative financial products. What you'll do Develop and execute a comprehensive cybersecurity strategy to protect our platform, customer data, and intellectual property. Ensure compliance with fintech and data privacy regulations, including GDPR, CCPA, PCI-DSS, and other relevant standards. Oversee the design, implementation, and monitoring of security controls for payment processing, lending platforms, and other financial products. Lead incident response, including managing and mitigating cybersecurity breaches, vulnerabilities, and regulatory inquiries. Collaborate with product, engineering, and compliance teams to embed security-by-design principles into new features and services. Build and maintain a robust security framework for credit and lending operations, ensuring protection against fraud and data breaches. Conduct risk assessments and implement mitigation strategies for emerging threats in the fintech landscape. Manage relationships with external security vendors, auditors, and regulatory bodies. Develop and lead a high-performing security team, fostering a culture of proactive risk management. Support international expansion by aligning security practices with global data protection and financial regulations. Stay ahead of cybersecurity trends, advising the executive team on evolving threats and technologies. Who you are Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or a related field. 10+ years of progressive experience in cybersecurity, with at least 5 years in a senior leadership role at a fintech or high-growth tech company. Deep expertise in securing credit and lending platforms, preferably in the fintech industry, with knowledge of fraud prevention, secure payment processing, and regulatory compliance (e.g., Truth in Lending Act, Fair Credit Reporting Act). Proven track record in designing and implementing security architectures for cloud-based systems, APIs, and financial applications. Strong understanding of data privacy, encryption, and consumer protection laws in a fintech context. Experience leading incident response, penetration testing, and vulnerability management programs. Exceptional communication skills, with the ability to explain complex security concepts to non-technical stakeholders, from engineers to board members. Strategic mindset with the ability to balance security rigor with business innovation in a fast-paced startup environment. Nice to have Experience at a fintech company with exposure to payment processing, lending, or brokerage platforms. Familiarity with SOC 2, ISO 27001, or other cybersecurity certifications and frameworks. Knowledge of international cybersecurity regulations to support global operations. Experience building and scaling security teams in high-growth environments. Benefits and Perks Our goal is to provide a comprehensive offering of benefits and perks that promote better financial, mental, and physical wellness. We believe working alongside each other in person is the best way to build a great product and foster a strong company culture. Our expectation is that employees are in the office five days a week, allowing for optimal collaboration, inclusivity, and productivity. At the same time, we understand that life happens and recognize the importance of flexibility. We are committed to supporting our employees when circumstances arise that require remote work or adjusted schedules. Our goal is to ensure everyone can effectively balance personal and professional responsibilities while maintaining our collaborative and productive environment. Here are some highlights of our benefits and perks offerings, feel free to ask your recruiting partner for more details on our comprehensive offering for employees. 100% company-paid medical, dental, and vision coverage for you and your dependents on your first day of employment. Monthly fitness reimbursement up to $100 or a full membership to LifeTime Fitness 401(k) with a 3.5% match and immediate vesting Meal program for breakfast, lunch, and dinner Life and accidental insurance Flexible PTO Your actual level and base salary will be determined on a case-by-case basis and may vary based on the following considerations: job-related knowledge and skills, education, and experience. Base salary is just one part of your total compensation and rewards package at Credit Genie. You may also be eligible to participate in the bonus and equity programs. You will also have access to comprehensive medical, vision, and dental coverage, a 401(k) retirement plan with company match, short & long term disability insurance, life insurance, and flexible PTO along with many other benefits and perks. Credit Genie is a proud Equal Opportunity Employer where we welcome and celebrate differences. We are committed to providing a workspace that is safe and inclusive, where everyone feels supported, connected, and inspired to do their best work. If you require any accommodations to participate in our recruitment process, please inform us of your needs when we contact you to schedule an interview.

The Chief of Information Security and Security Officer (CISO) is responsible for providing leadership and operational excellence for developing and supporting security initiatives and policies along with developing strategies to protect sensitive data, managing security risks, investigating and remediating security incidents and promoting security awareness and compliance across the organization. The CISO acts as the primary contact for security-related matters and serves as the organization's HIPAA Security Officer. Job Responsibilities: Leadership & Strategy: Develop and manage a comprehensive information security and risk management program aligned with business objectives and regulatory requirements. Serve as the organization's HIPAA Security Officer and lead all activities related to ensuring the security of protected health information (PHI). Collaborate with executive leadership, legal, compliance, and IT teams to integrate security into all aspects of operations and technology. Serves in a leadership capacity in the execution of the organizations Cyber Incident Response plan, coordinating action, communication, and mitigation efforts in conjunction with Executive Leadership. Keep current with emerging security trends, conduct research and make recommendations for improvements to current processes. Advise, counsel and educate executive and management teams on technology's relative importance and financial impact. Governance, Risk & Compliance: Establish, implement, maintain, and audit information security policies, procedures, and controls in accordance with PathGroup's Compliance Program, federal laws, and industry-standard best practices. Conduct regular risk assessments and security audits to identify vulnerabilities and recommend mitigations. Oversee security incident response planning and investigation of security breaches, including documentation and reporting. Work closely with the Chief Information Officer and Privacy Officer to develop and administer security awareness training for all employees and contractors. Security Operations: Lead strategic security and incident response planning to achieve business goals by prioritizing defense initiatives through the deployment, monitoring, maintenance, development, and upgrading of current and future security tools, technologies, and systems. Ensure regular risk assessments, penetration testing, and remediation efforts are conducted on a regular and timely basis. Monitor and analyze network and system activity for anomalies and trends to prevent and remediate security incidents in a timely manner. Work with IT to implement secure system configurations and DevSecOps practices. Third-Party, Vendor and Client Management: Evaluate third-party vendors and partners for security and compliance posture. Complete all required security assessments from existing or prospective clients. Participate in contract negotiations to ensure appropriate security requirements and data protection terms are in place. Management: Manage the employee hiring process including developing and updating s, developing performance expectations, identifying essential functions and knowledge, skills and abilities required for applicable positions, and selecting and assigning staff. Supervise and manage employee and team performance by coaching, counseling, motivating, and evaluating employees on a continual basis. Implement disciplinary action as needed and in consultation with Human Resources. Coordinate team projects, schedule work assignments, set priorities, and direct the work of subordinate employees. Ensure effective employee relations by sustaining an ethical, non-discriminatory and safe work environment and establishing effective communication lines and methods. Identify and solve employee problems, manage conflict, and respond to grievances as needed. Perform all job responsibilities in alignment with the industry's best security practices and regulatory guidelines to protect confidentiality, integrity, and availability of protected health information and other sensitive company data. Must be familiar with and abide by the Corporate Compliance Program and all Corporate policies, including the Privacy and Security policies. NON-ESSENTIAL FUNCTIONS: Nothing in the job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. Other duties as assigned

Director, Business Process Architecture; ServiceNow, IRM, SecOps Remote - West Coast Please note that this position will cover the Western US region, we will consider applicants within California, Oregon, Washington, Arizona, Nevada. Why Us NewRocket is a ServiceNow Global Elite Service Partner, delivering solutions that revolutionize the world of work. We are a leading global technology strategy, design, and enterprise operations partner to public and private sector clients. We work with some of the world's biggest brands, bridging the gap between what customers expect and what their technology can deliver. We are “Raising the Bar” in delivering technology's promise to create new kinds of experiences for our customers. The Role Our primary objective for this position is to find enthusiastic candidates who are strong hands-on leaders experienced with industry risk and security regulations, standard and frameworks and capable of leading the delivery of consulting, implementation and integration services of IRM (Integrated Risk Management) and/or solutions to external customers, primarily on the ServiceNow platform. This senior-level Business Process Architect (Risk and Security) will within our Service Delivery organization and will be responsible for leading, coaching and mentoring teams to capture customers' business processes and desired outcomes. The Business Process Architect will manage customer outcomes on complex level, enterprise projects. Our Core Values: Excellence, Creativity, Integrity, Teamwork and Empathy #ExCITE At NewRocket, these values guide everything we do: they are the foundation of our culture and define how we Go Beyond for our clients. What You Will Be Doing Facilitate executive level workshops, translating business requirements into prioritized outcomes Provide input to the Global Engineering Capability Leader on strategic decisions, budgets, hiring, and process changes Conduct workshops and lead multiple implementations from a customer strategy standpoint Lead customers in process definition and mapping Define customer needs, determine strategies, develop plans/proposals, and make recommendations around customer's internal processes and functions for improved efficiency and effectiveness Collaborate with Solution and/or Technical Architects to develop the overall project implementation plan Collaborate with other Delivery teams on Special projects or Assignments (such as the Centers of Innovation and Industrialization). Facilitate sessions on requirements definition, product architecture and workflow, develop mapping between current modes of operations and future modes of operation Develop strategic plans for measurable implementation approach Develop supporting tactical plans for strategic scope Develop and present SOWs with supporting task breakdowns with the Program Managers and Account Managers Develop and maintain delivery standards for ServiceNow solutions and the enabling technology from vendor partners Develop and nurture relationships with technology vendors and services partners Maintain an updated holistic view of changing architecture for solution environments, updated with each release of capability Define customer needs, determine strategies, develop plans/proposals and make recommendations around customer's internal processes and functions for improved efficiency and effectiveness Collaborate with Solution and/or Technical Architects to develop the overall project implementation plan Collaborate with other Delivery teams on Special projects or Assignments (such as the Centers of Innovation and Industrialization). Oversee the development of Business Process Architects. Manage career progression including hiring, performance reviews, mentoring, and coaching Mentor customer and partner technical resources during implementation projects. As needed, conduct informal, ad-hoc training sessions. Support the Company's vision and promote the Company's core operating values What You Bring Along Strong knowledge of business process architecture principles for cloud-based platforms Experience working and managing team with industry risk and security regulations, standards, and frameworks such as NIST, ISO, CoBIT, ISF, PCI, SANS, FedRAMP, GDPR Experience facilitating executive level workshops ServiceNow Certified System Administrator (CSA), ServiceNow Certified Implementation Specialist (CIS), ITIL Foundations (nice to have and ability to obtain) Experience designing business processes around software tools. Must be able to guide customers through the implementation both from process and technology perspective. Consulting orientation, able to handle stressful customer situations diplomatically Excellent written and oral communication skills. Must be able to communicate effectively with both business-oriented and technically oriented customers and partners. Also, must be able to effectively communicate customer requirements and issues to other team members. Experience with Risk Frameworks/ServiceNow IRM Experience with SecOps applications and frameworks Strong problem-solving skills: ability to simplify complex situations Comfortable working in a matrixed organization Strong relationship management skills with all levels Ability to lead a group of teams located across multiple time zones Comfortable working with ambiguity and change BSc in CS, IT or similar technical discipline or equivalent experience Minimum of five (5) years of experience as a client-facing technical consultant customizing and deploying packaged software as a billable resource would be nice to have Experience facilitating executive level workshops We Take Care of Our People NewRocket is committed to a diverse and inclusive workplace. We value and celebrate diversity, believing that every employee matters and should be respected and heard. We are proud to be an equal opportunity workplace and affirmative action employer, committed to providing employment opportunity regardless of sex, race, creed, color, gender, religion, marital status, domestic partner status, age, national origin, or ancestry, physical or mental disability, medical condition, sexual orientation, pregnancy, citizenship, military, or Veteran status. For individuals with disabilities who would like to request an accommodation, please contact ******************* *****************************************************************

Description AmeriSave Mortgage has set the standard in online mortgage lending with over $130 billion in funded loan volume. As one of the top-rated, largest privately-owned online mortgage lenders in the nation, our mission is to deliver beneficial, responsible home lending solutions with unwavering integrity, dedication and excellence. Our employees are the driving force behind our success. We believe in the power of a dynamic and talented workforce and creating an environment where your contributions are not just recognized, they're celebrated. Your success is our success, and we are seeking skilled professionals who are ready to bring their A-game, exceed benchmarks and enhance the overall excellence of AmeriSave, while also growing and advancing their careers. At AmeriSave, we're one team with one shared dream - to be the best. Let's redefine excellence together! Role Overview:AmeriSve is seeking an IT Security Analyst/Manager (level dependent on skills and experience). You will be responsible for safeguarding AmeriSave's digital infrastructure by managing IT risk, implementing cybersecurity controls, optimizing secure email gateway configurations, and deploying AI-ready data loss prevention strategies. This role ensures compliance with internal policies and external regulations while supporting secure and efficient business operations. What You'll Do: Cybersecurity Operations Monitor and respond to security incidents across endpoints, networks, and cloud environments. Stay current on emerging threats and recommend proactive defense strategies. IT Risk Management Perform risk assessments for systems, vendors, and AI applications. Document and escalate risk acceptance decisions in alignment with AmeriSave's IT Risk Acceptance Procedure. Collaborate with Compliance and Legal to ensure alignment with GLBA, CCPA/CPRA, and PCI-DSS. Secure Email Gateway (SEG) Administration Manage and tune SEG platforms. Analyze threat reports and enforce email protection policies against phishing, spam, and malware. Coordinate with IT Infrastructure to align SEG and Microsoft Purview DLP configurations. AI-Ready Data Loss Prevention Implement DLP policies that support AI-driven detection and encryption of sensitive data in outbound communications. Evaluate AI systems for data privacy, integrity, and intellectual property leakage risks. Develop incident response playbooks for AI-related security events, including model retraining and anomaly detection. What You'll Need: Bachelor's degree in Information Security or related field. 3+ years of experience in IT security, IT risk management, or third party risk management. Hands-on experience with SEG platforms and DLP tools. Familiarity with AI governance frameworks and anomaly detection tools. Strong understanding of regulatory compliance (GLBA, CCPA/CPRA, PCI-DSS). Preferred Skills: Certifications: CISSP, CISM, GIAC, or equivalent. Experience with AI LLMs for data extraction and security analysis. Knowledge of NIST and SANS Institute cybersecurity frameworks and incident response protocols. **Please note that the compensation information that follows is a good faith estimate for this position only and is provided pursuant to the Colorado Equal Pay for Equal Work Act and Equal Pay Transparency Rules. It is estimated based on what a successful Colorado applicant might be paid. It assumes that the successful candidate will be in Colorado or perform the position from Colorado. Similar positions located outside of Colorado will not necessarily receive the same compensation. ** Compensation: Target annual compensation is $100,000-$160,000 depending on level/experience. Benefits: · 401(k) · Dental insurance · Disability insurance · Employee discounts · Health insurance · Life insurance · Paid time off · 12 paid holidays per year · Paid training · Referral program · Vision insurance Supplemental pay types: · Referral bonuses AmeriSave is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. California Consumer Privacy Act Disclosure Acknowledgment Employment Applicants, New Hires, and Employees Residing in California AmeriSave Mortgage Corporation's Privacy Policy Statement (“Policy”) can be reviewed here: ******************************** AmeriSave Mortgage Corporation's California Consumer Privacy Act (“CCPA”) Recruitment Disclosure can be reviewed here: ****************************************************** When AmeriSave's Human Resources Department makes future requests for personal information, the same Policy is applicable. By applying, you understand this acknowledgment covers current and future personal information requests. You also acknowledge the business purpose of the personal information collected and that future requests may occur while applying for a position at AmeriSave and/or during employment, if applicable.

It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today - ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500 . Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone. Job Description Overview ServiceNow is seeking an experienced and visionary Director of AI & Access Security to lead strategy, product direction, and execution for our AI and access security portfolio. This role owns the end-to-end leadership of AI Control Tower security, AI communication security, MCP and Agent-to-Agent (A2A) protocol security, and platform access controls for users and non-users across the Now Platform. This is a high-impact, high-visibility leadership role responsible for shaping enterprises secure AI systems, govern access, meet regulatory demands, and scale securely in an increasingly autonomous and agentic future. The Director will serve as a strategic partner for Engineering, AI Control Tower, Platform Security, Identity & Authentication, Legal & Compliance, and Executive Leadership. What You'll Do Strategic Leadership & Vision Define and drive a multi-year strategy and product vision for AI & Access Security aligned with ServiceNow's platform and business priorities. Lead ServiceNow's Customer Zero adoption of AI and access security capabilities, influencing internal usage patterns and enterprise-scale best practices. Partner with executive leadership to articulate progress, outcomes, and business value to internal and external stakeholders. Product Strategy, Roadmap & Delivery Own the AI & Access Security product roadmap, including prioritization, sequencing, dependencies, and delivery outcomes. Translate complex requirements across AI security, access management, compliance, audit, privacy, and operational resilience into clear functional specifications and engineering deliverables. Champion AI-native features, agentic workflows, and automation-driven security capabilities that modernize enterprise risk management. Ensure solutions are scalable, resilient, automated, and deeply integrated with the ServiceNow platform and AI ecosystem. Cross-Functional Leadership Act as the central point of coordination across AI Control Tower, Identity & Authentication, Platform Security, Engineering, Audit, Risk, and Compliance teams. Lead cross-functional planning forums to define requirements, integration patterns, release plans, and adoption strategies. Influence decision-making across security, product, engineering, and business stakeholders without direct authority. Qualifications Domain & Technical Expertise Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI's potential impact on the function or industry. Apply deep expertise in AI security and cybersecurity frameworks, including but not limited to SOX ITGC, NIST, ISO, CMMC, privacy regulations, vendor risk, operational resilience, and the EU AI Act. Guide architectural decisions related to LLM security, agentic systems, authorization models, protocol security, data protection, and platform access controls. Evaluate data models, integrations, system architecture, and implementation quality to ensure long-term platform integrity. Change Management & Adoption Drive global enablement through training, documentation, communication, and adoption programs. Define and track KPIs and success metrics for adoption, utilization, risk reduction, and business value realization. The Impact You'll Make Shape how global enterprises secure AI systems and autonomous agents at scale. Influence regulatory readiness and compliance outcomes for customers operating in highly regulated environments. Modernize the AI & Access Security experience-simplifying workflows, improving decision-making, and accelerating platform adoption. Directly support ServiceNow's mission to make workflows smarter, more secure, and more resilient. Required Experience & Qualifications 10+ years of experience in AI security, access security, authorization, and data security. Deep expertise in LLM security, GenAI, agentic systems, and AI control frameworks. Proven experience designing and operating enterprise access management programs. Demonstrated history of building, mentoring, and leading high-performing teams. Strong customer-first mindset with the ability to balance innovation, risk, and usability. Experience with process automation and AI-driven security workflows. Strong analytical and systems-thinking skills, including exposure to AI & Access security tactics. Ability to clearly communicate complex technical and regulatory concepts to executives, customers, and cross-functional partners. Preferred Qualifications Experience working with or building on the ServiceNow Platform. Background in AI security product management for enterprise or platform-scale solutions. Experience operating in highly regulated, global enterprise environments. For positions in this location, we offer a base pay of $217,500 - $380,700, plus equity (when applicable), variable/incentive compensation and benefits. Sales positions generally offer a competitive On Target Earnings (OTE) incentive compensation structure. Please note that the base pay shown is a guideline, and individual total compensation will vary based on factors such as qualifications, skill level, competencies, and work location. We also offer health plans, including flexible spending accounts, a 401(k) Plan with company match, ESPP, matching donations, a flexible time away plan and family leave programs. Compensation is based on the geographic location in which the role is located and is subject to change based on work location. Additional Information Work Personas We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here . To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service. Equal Opportunity Employer ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. Accommodations We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact [email protected] for assistance. Export Control Regulations For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license.

Remote Opportunity The Senior Information Security Engineer plays a key role in safeguarding the company's cloud-based healthcare SaaS platforms, infrastructure, and customer data. This position is responsible for designing, implementing, and managing enterprise-grade security solutions that align with regulatory frameworks such as HIPAA, HITRUST, SOC 2, and NIST 800-53. The ideal candidate is a hands-on technologist with deep knowledge of cloud security (AWS/Azure), DevSecOps practices, endpoint protection, identity management, and security automation. Key Responsibilities 1. Cloud and Infrastructure Security · Design and maintain secure architectures across AWS, Azure, and GCP environments. · Implement guardrails and controls using services such as AWS Security Hub, GuardDuty, Config, and IAM. · Conduct regular vulnerability scans, configuration reviews, and remediation tracking for infrastructure and workloads. · Develop and enforce network segmentation, encryption, and key management policies. 2. Application & SaaS Security · Collaborate with DevOps and Engineering to integrate security into CI/CD pipelines (Snyk, StackHawk, etc.). · Perform threat modeling, code reviews, and secure design reviews for microservices and APIs. · Support penetration testing and application security validation efforts. · Help ensure PHI/PII is protected across all SaaS platforms. 3. Endpoint & Identity Security · Manage and enhance EDR/XDR solutions (e.g., Cortex, Defender for Endpoint). · Implement and monitor identity security controls through Microsoft Entra ID (Azure AD), Conditional Access, and PIM. · Support Intune and MDM compliance policies for Windows, mac OS, and mobile devices. 4. Security Operations & Incident Response · Monitor alerts, investigate incidents, and coordinate responses with the SOC. · Develop and improve incident response runbooks, playbooks, and forensic analysis procedures. · Support SIEM integrations and continuous improvement of detection use cases. 5. Governance, Risk & Compliance · Support audits and evidence collection for HIPAA, HITRUST, SOC 2, and customer security assessments. · Maintain asset inventories, risk registers, and remediation tracking. · Collaborate with Compliance to ensure alignment between security controls and policies. · Contribute to security awareness and training initiatives. Qualifications Required: · Bachelor's degree in Computer Science, Information Security, or equivalent experience. · 5+ years of experience in security engineering or related technical security roles. · Strong knowledge of cloud-native security (AWS, Azure) and modern SaaS architectures. · Hands-on experience with SIEM, EDR/XDR, IAM, vulnerability management, and security automation. · Familiarity with HIPAA, HITRUST, and SOC 2 requirements. · Experience securing containerized and serverless workloads (e.g., EKS, Lambda). Preferred: · Certifications such as CISSP, CISM, CCSP, AWS Security Specialty, or GIAC (GSEC, GCIA, GCIH). · Experience with Terraform, Ansible, or CloudFormation for infrastructure-as-code security. · Experience in DevSecOps pipelines and tools (e.g., Jenkins, Bitbucket). · Strong scripting skills (Python, PowerShell, or Bash). Key Competencies · Analytical and detail-oriented with strong problem-solving skills. · Ability to balance business needs with risk mitigation. · Excellent communication skills, able to translate complex technical topics for non-technical stakeholders. · Collaborative team player with a proactive approach to continuous improvement. Our compensation reflects the cost of labor across several US geographic markets. Pay is based on several factors including market location and may vary depending on job-related knowledge, skills, and experience. Reveleer E-Verifies all new hires. Reveleer is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, disability status or genetic information, in compliance with applicable federal, state and local law.