Information Technology Security Manager remote jobs

We are seeking an experienced Senior IT Project Manager to lead and manage the migration of Guidewire PolicyCenter and ClaimCenter to a cloud-based environment. The successful candidate will oversee the planning, execution, and delivery of this mission-critical project, ensuring alignment with business objectives, technical requirements, and timelines. This role requires expertise in enterprise software migrations, cloud technologies, and Guidewire products, as well as strong leadership skills to coordinate cross-functional teams and stakeholders. ROLE RESPONSIBILITIES Project Leadership: Lead and manage the end-to-end migration project of Guidewire PolicyCenter and ClaimCenter from on premise environment to the cloud. Develop and maintain comprehensive project plans, including scope, timelines, milestones, deliverables, and budgets for both systems. Ensure project alignment with organizational goals, regulatory requirements, and industry best practices. Ensure performance of implementation vendor(s). Stakeholder Management: Collaborate with business leaders, IT teams, and third-party vendors to ensure project objectives for both PolicyCenter and ClaimCenter are clearly defined and met. Communicate project progress, risks, and issues to stakeholders, including executive leadership, in a clear and timely manner. Serve as the primary point of contact for all project-related communications. Risk and Issue Management: Identify potential risks and develop mitigation strategies to ensure smooth migration of both PolicyCenter and ClaimCenter. Proactively address issues and roadblocks to minimize project delays and disruptions. Team Coordination: Coordinate cross-functional teams, including developers, architects, testers, and business analysts, ensuring effective collaboration and resource allocation across both PolicyCenter and ClaimCenter migration efforts. Provide guidance and support to team members to achieve project goals. Technical Oversight: Work closely with technical teams to ensure proper design, configuration, and implementation of Guidewire PolicyCenter and ClaimCenter in the cloud environment. Ensure data integrity, system interoperability, and security during migration processes. Oversee testing and validation of the migrated systems to ensure functionality and performance. Budget and Resource Management: Manage project financials, ensuring costs are controlled and align with financial expectations. Allocate resources effectively, balancing priorities across multiple project tasks. Documentation and Reporting: Maintain comprehensive documentation of project activities, decisions, and outcomes for both systems. Provide bi-weekly reports and updates to leadership on project status, performance metrics, and lessons learned. TECHNICAL QUALIFICATIONS · 8+ years of IT project management with a focus on M&A or IT integration projects · Proven experience managing Guidewire PolicyCenter and ClaimCenter implementations. · Expertise in cloud technologies, including cloud migration strategies, data security, and performance optimization. · Proven track record of managing large-scale IT integrations across multiple regions or business units · 3+ years' experience within Commercial Insurance. · Skilled in applying waterfall, agile, and hybrid project-delivery methodologies for traditional initiatives. · Detailed knowledge of project management (PMLC), software development life cycle (SDLC)methodologies. · Strong facilitation skills with the ability to effectively manage cross-functional team discussions and bridge business and IT priorities. · Proven ability to build and maintain strong business relationships, ensuring alignment between IT deliverables and business objectives. · Strong management skills with an ability to achieve results in a matrix management environment, fostering collaboration and accountability. · Experience using Project and Portfolio Management tools (e.g., MS Project) · Proficiency in managing vendor relationships · Experience with change management and risk management strategies. GENERAL QUALIFICATIONS Detail-oriented and highly organized, with the ability to manage complex projects and maintain focus on both the big picture and finer details. Strong analytical, managerial, and leadership abilities, with a proven track record of delivering successful outcomes. Ability to handle multiple priorities, proactively identify risks to project timelines, and develop effective mitigation strategies. Exceptional written and verbal communication skills, with the ability to translate technical concepts into business terms and vice versa. Proficient in fostering collaboration between IT and business stakeholders, ensuring alignment and mutual understanding of goals and objectives. EDUCATION REQUIREMENTS B.A. / B.S. degree in Technology, Computer Science, Business Administration, or a related field. Master's degree preferred. Project Management Professional (PMP) is a plus but not required.

Lead is a fintech building banking infrastructure for embedded financial products and services. We operate an FDIC-insured bank headquartered in Kansas City, Missouri. Additionally, we have offices in San Francisco, Sunnyvale, and New York City, where our technical, product, design, and legal teams operate. We are built for a constantly evolving financial landscape, where new ventures and technological advancements emerge daily. Guided by a team of entrepreneurs and technologists with decades of experience navigating intricate banking and payments regulations, Lead blends regulatory and technological expertise to help our fintech partners scale their operations with compliance and creativity. Simply put, Lead offers the essential attributes that every fintech seeks in a partner bank. First, unparalleled technical expertise from a distinguished team of developers with an extensive understanding of the banking and payments systems. Second, oversight expertise, automated compliance systems, and bespoke program management to navigate the ever-shifting regulatory landscape. Finally, a commitment to transparency and operational rigor to ensure everyone's money does what it's supposed to do. Role Description:Lead Bank is seeking an experienced Senior Internal Auditor with deep expertise in SOX or FDICIA compliance and IT audit. As a key member of Internal Audit, you will be an internal control champion who works across Lead Bank's landscape to assess and enhance IT and business process controls. Using your experience partnering with auditors, management team members, and process and control owners, you will provide guidance on control design and implementation, support remediation efforts, and coordinate and execute testing activities. This role will report into the Internal Audit Manager.In this role you will: Perform internal audit risk assessments and contribute to the annual audit plan Assist with performing and documenting scoping of the FDICIA audit as well as other operational audits Execute and document internal audits, including planning and coordinating walkthroughs, and testing the design and operating effectiveness of business process and IT controls, application controls, and key system generated reports Provide subject matter expertise around financial and IT processes, risks, and controls. Review system implementations to assess risks and potential impact to internal controls and for potential scoping into the FDICIA program Provide clear and concise observations to Internal Audit management and verify observations with operational management. Evaluate and track remediation of identified control deficiencies in a timely manner Qualifications: Bachelor's degree in a related field such as information systems, computer science, business, finance or accounting required Minimum experience of 5 years in internal or external IT auditing, with demonstrated SOX/FDICIA experience Strong hands-on experience with IT General Controls (ITGC) including access controls, change management, and IT operations A detailed understanding of the general computer control areas and the IT governance framework (COBIT), Sarbanes Oxley/FDICIA, and the COSO framework Proven experience with evaluating security and controls for homegrown and cloud-based and SaaS technologies Solid communication skills, including a proven ability to articulate complex risks, their impact, and required action plans to stakeholders outside of Internal Audit Demonstrated ability to effectively leverage AI tools (such as ChatGPT, Claude, or Copilot) to enhance audit efficiency while maintaining professional skepticism, validating outputs, and exercising sound judgment on when AI assistance is and is not appropriate One or more of the following professional certifications required: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professionals (CISSP), Certified Information Security Manager (CISM), or Certified Public Accountant (CPA) Proficient using spreadsheet, slide, and flowcharting tools Preferred: Big 4 accounting firm experience Preferred: Financial technology, banking, or financial services experience Preferred: Experience with audit and compliance management tools (e.g. Workiva, AuditBoard) What we offer: At Lead, we design our benefits to support company culture and principles, to foster an efficient and inspiring work environment, and to create the conditions for our team to give their best in both work and life Competitive compensation based on experience, geographic location, and role Medical, Dental, Vision, Life, 401k Matching, and other wellness benefits, including FSA, HSA and HRA Paid parental leave Flexible vacation policy, including PTO and paid holidays A fun and challenging team environment in a dynamic industry with ample opportunities for career growth *Lead Bank is proud to have an inclusive culture committed to ensuring equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status. *Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. *Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. *Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Zone 1: $176,000 - $204,000 (SF/Bay Area, NYC, Seattle) Zone 2: $161,000 - $183,000 (Los Angeles, Chicago, Austin, Denver, Boston, Washington DC, San Diego, Philadelphia, Portland, Sacramento, Miami) Zone 3: $148,000 - $173,000 (Other US Metros) #LI-AG1

Historically, US Healthcare has relied on a fee-for-service reimbursement system where providers are paid based on the quantity of patient visits and procedures, rather than the quality of health outcomes. At Stellar Health, we help primary care providers put patient health first. Our platform - a mix of technology, people, and analytics - supports providers at the point of care, delivering real-time patient information, activating practice staff, and empowering providers and care teams with incentives that reward the work they are already doing to keep patients healthy. Using the Stellar App, our web-based, point-of-care tool; practices receive a simple checklist of recommended actions that support the best quality care. Providers and care teams are then paid monthly for each action they complete, and Payors save money in reduced healthcare costs along the way. Stellar is a US-based Health-tech backed by Top VCs ( General Atlantic, Point72, & Primary Venture Partners) with an established product & proven operating model. We've shown that we make a real difference for physician practices and their patients. About the position: Stellar Health is looking for an Information Security Manager to help prioritize and drive our Information Security program and investments. We are looking for an individual that is passionate about building out new security processes that are thoughtful in their design for both external users, customers, and teammates. Stellar Health operates in the HealthTech space and is HITRUST R2 certified. This role will help ensure our security program is proactive as possible by: Helping reduce the effort to maintain and demonstrate our alignment to HITRUST by automating the collection of evidence, as well as deploy continuous testing of controls.Staying aligned with our cross-functional teams as they deliver on their controls and support our security processes. Bolster and improve our internal security processes as a security team by partnering with our leadership team to set strategic priorities for the team, informed by our organization and platform services' threat models. How you'll make an impact: By 3 months you will… Have a solid foundation of our current security posture, controls, and security processes, what is working well and where there are gaps Have a prioritized list of areas of improvement and/or investments to help reinforce and improve our security posture Implemented 1-2 improvements to current processes and/or automations to ensure a security control is working appropriately, examples of potential improvements:Ensure all Git repos align with our change management standards around PR reviews, automated code testing, deployments and any required security reviews Implement continuous testing of our endpoint configurations to ensure they align to our security standards (e.g. all endpoints are encrypted at rest, have security agents deployed) By 6 months you will… Aligned with senior leadership around team skillset and staffing needs to maintain security processes and operations Collaborated with other teams that support our security controls to expand the list of improvements to include non-security pain points in evidence collection or inefficient processes Delivered first quarter of 1-2 projects from the prioritized list of areas of improvement Established a process to review high risk applications and systems with System Owners to ensure they align to any applicable security standards/controls and other security recommendations What You'll Bring: 4-5 years of security program & engineering experience building and implementing security tooling and processes Strong familiarity and experience helping secure cloud environments and infrastructure, preferably AWSSupported, and preferably led, external audits of security frameworks (e.g. SOC 2 Type 2, ISO 27001, HITRUST) Experience with coding and automation, preferably Python and/or Terraform Who will love this job: You enjoy a tight partnership and daily interactions with DevOps and IT engineers to deliver on technical projects and process improvements You are passionate about designing thoughtful, business-focused solutions to security problems vs implementing a security “best practice” solution when not applicable You appreciate the need to audit and validate security controls, but would much rather automate the work where possible so you can focus your efforts on creating strong proactive partnerships and further reducing security risks elsewhere Pay: The salary range for this role is $170,000 - $200,000 + an annual performance based bonus. Where a new hire falls within this range will be based on their individual skills and experience, and how these competencies compare across other employees in the same role. Stellar's bands are designed to allow for individual compensation growth within the role. As such, new hires typically start at the lower end of the range. Stellar rewards performance and outcomes - should you join the company, you will have the opportunity to grow your salary over time. Perks & Benefits: Stellar offers a carefully curated selection of wellness benefits and perks to our employees: Medical, Dental and Vision Benefits Flexible PTO Universal Paid Family Leave Company sponsored One Medical memberships and Citibike memberships Medical Travel Benefits A monthly wellness stipend that gives employees the freedom to choose where they spend their cash, whether it be on wellness, pet care, childcare, WFH items, or charitable donations Stock Options & a 401k matching program Career development opportunities like Manager Training, coaching, and an internal mobility program A broad calendar of company sponsored social events that for our in-office and remote employees Diversity is the key to our success. Stellar Health is an equal opportunity employer and we are open to all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, veteran status, or any other legally protected status. We believe that diverse teams -and the different identities, cultures, and life experiences our team members bring to the table- enable us to create amazing products, find creative solutions to interesting problems, and build an inclusive working environment. Stellar Health Employment Privacy Notice At Stellar Health, your privacy and security as a job seeker is a priority no matter where you are in the interview process. As recruiting scams have become more prevalent, please take note of the following practices to ensure the legitimacy of any interaction with our team. Please note that any communication from our recruiters and hiring managers at Stellar Health about a job opportunity will only be made by a Stellar Health employee with an @stellar.health email address. Stellar Health does not utilize third-party agencies for recruitment services and does not conduct text message or chat-based interviews. Any other email addresses, agencies, or forums may be phishing scams designed to obtain your personal information. We will not ask you to provide personal or financial information, including, but not limited to, your social security number, online account passwords, credit card numbers, passport information, and other related banking information until we begin onboarding activities, which will be coordinated by a member of the Stellar Health People Ops Team with an @stellar.health email address. If you are ever unsure whether you are in contact with a legitimate Stellar Health teammate, please contact people-team@stellar.health. If you believe you've been a victim of a phishing attack, please mark the communication as “spam” and immediately report it by contacting the U.S. Federal Trade Commission.

Arootah is a rapidly growing advisory and coaching firm specializing in Alternative Investment & Family Office Advisory, Executive & Leadership Coaching, and Talent Acquisition & Development. Founded by Rich Bello, co-founder and COO of Blue Ridge Capital, Arootah leverages deep industry expertise to drive peak performance for executives, teams, and firms across the alternative investments landscape. Join Arootah's Network of Business Advisors serving Arootah's clients on a project basis in the alternative investment industry, including hedge funds, private equity firms, and family offices. Our mission is to deliver top-tier business advisory services tailored to the multifaceted needs of the alternative investments landscape. As part of the network, you will take on project-based assignments that let you apply your expertise directly to our client initiatives. These consulting roles provide the opportunity to work on varied and impactful projects across the alternative investments industry. Our Services Include: Advising alternative investment managers with front-to-back office services, including but not limited to operations, business development strategy, due diligence, human resources, and compliance Providing fractional expert advisors in key operational areas for emerging and established investment firms Offering executive, life, health, and career coaching for individuals Delivering talent acquisition and leadership development solutions Developing SaaS applications for enterprise and consumer use Visit us at ******************************* more information. WHO WE NEED: Arootah is searching for experienced Chief Financial Officers to consult our client base across the alternative investment landscape. As a consultant, you will work with our Alternative Asset Firm and Family Office clients to provide expert advice. Having previously served in the role of Chief Information Security Officer you have specific, hands-on experience building, maintaining, and operating the full Cybersecurity Program for leading Alternative Asset Firms or Family Offices. What You'll Do Provide advice and guidance to Arootah clients who seek help with their Cybersecurity needs. This will involve consulting to some of the leading Alternative Asset Firms and Family Offices in the world and sharing your experience as a Chief Information Security Officer in helping clients to: Serve as strategic cybersecurity advisor to the Principal/Founder, providing expert guidance on information security strategy, risk management, and cyber threat mitigation for alternative asset firms and family offices. Develop and implement comprehensive cybersecurity programs, establishing security policies, procedures, standards, and control frameworks aligned with industry best practices and regulatory requirements (SEC cybersecurity rules, NYDFS, GDPR, etc.). Design enterprise-wide security architecture, assessing technology infrastructure, application security, cloud environments, network security, and data protection to identify vulnerabilities and implement risk mitigation strategies. Establish incident response and business continuity protocols, creating detection and response procedures, breach notification plans, disaster recovery frameworks, and conducting tabletop exercises to ensure preparedness. Build security awareness and training programs, developing onboarding materials, phishing simulations, ongoing education, and compliance training to foster a security-conscious culture across the organization. Conduct comprehensive risk assessments, performing vulnerability testing, penetration testing, security audits, and gap analyses to identify weaknesses and prioritize remediation efforts based on risk severity. Evaluate and manage vendor security, conducting third-party risk assessments for fund administrators, cloud providers, prime brokers, and other service providers to ensure adequate security controls and data protection. Implement security monitoring and threat intelligence, establishing security information and event management (SIEM) systems, intrusion detection, endpoint protection, and continuous monitoring to detect and respond to threats. Develop data governance and privacy frameworks, creating data classification policies, access controls, encryption standards, data loss prevention measures, and ensuring compliance with privacy regulations. Partner with IT and operations teams to integrate security into system implementations, application development, infrastructure changes, and business processes while balancing security requirements with operational efficiency. Advise on security technology and automation, recommending tools for identity and access management, multi-factor authentication, security orchestration, and leveraging AI/machine learning to improve scalability and threat detection. Report to executive leadership and boards on cybersecurity posture, emerging threats, security metrics, incident status, and budget requirements with clear, non-technical communications tailored to business decision-makers. Lead special projects including security assessments, regulatory compliance implementations, security tool selections, cloud migrations, merger integrations, and preparation for regulatory examinations. QUALIFICATIONS & REQUIREMENTS A Bachelor's degree in Computer Science, Computer/Electrical Engineering, Information Systems, Information Sciences, or a related field with a strong academic record. MBA or other relevant graduate degree is a plus. Certified Information Systems Security Professional (CISSP) or similar (CISA, CISM, etc.) is a plus. 7+ years of relevant experience at a hedge fund, family office, or financial institution serving as a Chief Information Security Officer. 5 or more years of IT implementation experience. Experience in cloud only, cloud first infrastructure, and deploying cloud information security solutions. Firm understanding and ability to implement zero-trust security. Firm understanding and experience with Software Defined Networking and Cloud Networking. Firm understanding of single sign-on and multi-factor authentication platforms. Experience driving discussions with senior personnel regarding trade-offs, best practices, project management, and risk mitigation. Firm understanding of work from anywhere models. Experience with IT compliance and risk management requirements. Job Status Contractor Hours are based on the needs of the assigned client (0-40 hours per week). Join a well-funded disruptor in finance and technology. Enjoy the flexibility of remote work and choosing your assignments. Be part of a dynamic, high-energy company in its expansion stage. Now is the time to join! For more information, visit us at Arootah.com.

THE OPPORTUNITY The Director of Technology, Innovation, and Data Security is a forward-looking leader responsible for shaping the technology vision, infrastructure, and security posture of UNC Kenan-Flagler Executive Development. This role ensures that our technology environment is secure, reliable, and future-ready while actively advancing innovation in how we design, deliver, and scale transformative learning experiences. Serving as both a strategic technology steward and an innovation catalyst, this leader balances the core responsibilities of IT infrastructure and cybersecurity with a focus on enabling cutting-edge, value-adding tools and practices. The Director partners closely with learning designers, client relationship managers, marketing, finance, sales, and program operations teams to identify and deploy technologies that enhance organizational effectiveness and enrich the client experience across in-person, digital, and hybrid modalities. This role also ensures world-class security protocols and practices, developed in close partnership with Kenan-Flagler IT and UNC Information Technology Services, to safeguard organizational and client trust. KEY RESPONSIBILITIES T echnology Vision & Innovation: Develop and execute a technology roadmap that balances robust IT operations with forward-looking innovation. Identify and implement emerging tools (AI, data analytics, digital learning platforms) where they create measurable value for clients, staff, and faculty. Serve as a thought partner to program design and delivery teams in creating transformative, technology-enabled learning experiences. Infrastructure & Systems Management: Oversee enterprise IT systems-including Microsoft 365, CRM platforms (e.g., Salesforce), data management systems, and collaboration tools-to ensure reliability, scalability, and seamless integration. Standardize practices and processes that drive operational efficiency and support growth. Ensure optimal uptime, user experience, and performance across all technology touchpoints. Cross-Functional Partnership & Enablement: Serve as a trusted business partner to internal teams by providing tools and processes to improve effectiveness and training and enablement that makes secure technology adoption intuitive and accessible. Act as a connector between operational needs and technology solutions, ensuring alignment with organizational goals. Leadership & Vendor Management: Lead and mentor IT and security professionals, fostering a culture of excellence, innovation, and continuous learning. Manage relationships with technology vendors and partners to maximize value, security, and performance. Advocate for responsible investment in technologies that drive innovation while protecting institutional resources. Innovation & Engagement: Embed compliance into technology initiatives (learning systems, CRM, program delivery). Collaborate with Kenan-Flagler IT to enable secure, compliant innovation, advocating for Executive Development needs while aligning with University standards. Communicate requirements effectively to technical and non-technical audiences. Governance, Risk, and Compliance (GRC) Governance & Policy: Develop and enforce security and data governance policies aligned with university standards and regulations. Direct data classification, protection, and custodial responsibilities and serve as Executive Development's lead on security and compliance. Risk Management: Conduct risk assessments of systems, vendors, and cloud services. Oversee enterprise risk management and provide regular reporting. Develop mitigation strategies and maintain continuity/disaster recovery plans. Compliance: Ensure compliance with laws, regulations, and University standards. Manage audits, compliance reviews, and third-party assessments. Partner with University offices to protect research and student data. Deliver staff training on data protection and security. QUALIFICATIONS AND EXPERIENCE The ideal candidate will have demonstrated success leading IT and digital transformation initiatives in dynamic, growth-oriented environments, with deep experience in enterprise IT systems, CRM platforms, cloud services, and security architectures, as well as proven familiarity with AI-enabled tools, advanced analytics, and digital learning technologies. They will bring an innovation mindset, balancing operational excellence with experimentation-evaluating and adopting emerging technologies that add measurable client and organizational value-along with cybersecurity and compliance mastery through a strong grounding in global data protection regulations and industry-leading security frameworks (GDPR, CCPA, NIST, ISO 27001). This candidate will excel in collaborative business partnering, building trust and influence across functional teams and translating business needs into technology solutions. They will have the ability to partner with a wide range of internal and external stakeholders in delivering secure, innovative technology solutions at scale. They will also have a strong record of operational excellence, maintaining secure, scalable, and reliable systems for complex, multi-stakeholder organizations. They will demonstrate outstanding communication and problem-solving skills, simplifying complexity, inspiring confidence, and driving adoption of future-proof solutions. 7-10 years of progressive IT leadership, with responsibilities spanning security, enterprise systems, and innovation; or equivalent experience preferred. Experience leading and managing in professional services, higher education, or learning-focused organizations preferred. ABOUT THE ROLE Job Type: Full-time FLSA Status: Salaried, Exempt Work Schedule: Hybrid (mix of in-office and remote work); some travel required Location: Chapel Hill, North Carolina - must be within commuting distance to office Benefits: Group health, dental and vision plans 401(k) retirement plan with employer match Life & disability insurance provided and funded by the LLC Paid holidays and time-off Paid parental leave Professional development opportunities The Director of Technology, Innovation and Data Security is an employee of the Kenan-Flagler Business School Executive Education, LLC, an affiliated organization of UNC-Chapel Hill. This position is not a University or State of North Carolina position. Applications will be accepted through October 10, 2025. Kenan-Flagler Business School Executive Education, LLC is an equal opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to age, color, disability, gender, gender expression, gender identity, genetic information, race, national origin, religion, sex, sexual orientation, or status as a protected veteran. EOE M/F/D/V.

Our Director of Information Security provides strategic leadership and vision for enterprise-wide security operations. This role oversees and matures the organization's operations security program, ensuring alignment with business objectives, regulatory requirements, and industry best practices. The Director partners with senior leadership, technology leaders, and business stakeholders to embed security into products, services, and culture. This position reports to the Vice President of Information Security and leads a growing team (4-6 ICs) of security professionals across operational security, incident response, compliance, and governance. Responsibilities Strategic Leadership & Vision Help define and execute the enterprise information security strategy, ensuring alignment with corporate objectives and customer trust. Serve as an advisor to the various teams, technology leaders, and business stakeholders on emerging threats, risks, and security requirements. Lead the evolution of security as a business enabler and differentiator, ensuring resilience, trust, and compliance are built into tools and operations Team & Program Leadership Manage, mentor, and scale a high-performing security team across security operations, incident response, and data security functions. Establish clear career paths, KPIs, and success metrics to drive accountability, engagement, and professional growth. Foster a culture of continuous improvement, innovation, and proactive risk management. Operational Security & Incident Response Oversee enterprise security operations, including SIEM, log correlation, endpoint security, threat hunting, and vulnerability management. Direct incident response efforts, ensuring effective playbooks, rapid resolution, and post-incident learning. Drive automation, orchestration, and AI/ML-enabled threat detection to increase efficiency and reduce response times. Governance, Risk, & Compliance Partner with the GRC Team with security compliance frameworks (e.g., SOC 2, ISO 27001, PCI-DSS, HIPAA, FedRAMP, etc.) and ensure continuous readiness for audits. Develop and maintain enterprise security procedures, standards, and controls aligned to NIST, CIS, and OWASP frameworks. Participate in third-party risk management, vendor security assessments, and business continuity planning. Innovation & Emerging Technologies Provide guidance on secure adoption of cloud, SaaS, and SASE platforms. Champion responsible and secure use of emerging technologies (e.g., AI/ML, automation, zero trust, secure access). Anticipate future risks and proactively shape organizational security posture. Qualifications Education/Experience 10+ years of progressive information security experience, including significant leadership responsibility. 5+ years leading security teams in enterprise environments. Industry-recognized certifications strongly preferred (CISSP, CCISO, CISM, GSEC, GCIH, CEH, etc.). Required Skills/Abilities Proven success in building and maturing security programs that align with business strategy. Strong knowledge of security technologies (firewalls, DLP, IDS/IPS, MDM, SIEM, EDR, etc.) and modern architectures (SaaS, SASE, Zero Trust). Deep technical foundation across cloud/SaaS systems, network and endpoint security, cloud security, and secure configurations. Familiarity with penetration testing, forensic practices, and threat modeling. Strong executive communication skills with experience presenting to leadership, audit committees, and regulators. Demonstrated ability to lead cross-functional initiatives and drive measurable risk reduction. National Debt Relief Role Qualifications: Computer competency and ability to work with a computer. Prioritize multiple tasks and projects simultaneously. Exceptional written and verbal communication skills. Punctuality expected, ready to report to work on a consistent basis. Attain and maintain high performance expectations on a monthly basis. Work in a fast-paced, high-volume setting. Use and navigate multiple computer systems with exceptional multi-tasking skills. Remain calm and professional during difficult discussions. Take constructive feedback. Compensation Information Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for each position across the US. Within the range, individual pay is determined by work location, job-related skills, experience, and relevant education or training. This good faith pay range is provided in compliance with NYC law and the laws of other jurisdictions that may require a salary range in job postings. The salary for this position is $198,500 - $228,500. About National Debt Relief National Debt Relief was founded in 2009 with the goal of helping an expanding number of consumers deal with overwhelming debt. We are one of the most-trusted and best-rated consumer debt relief providers in the United States. As a leading debt settlement organization, we have helped over 450,000 people settle over $10 billion of debt, while empowering them to lead a healthier financial lifestyle and feel free to live their best life. At National Debt Relief, we treat our clients like real people. Our purpose is to elevate, empower, and transform their lives. Rated A+ by the Better Business Bureau, our goal is to help individuals and families get out of debt with the least possible cost through conducting financial consultations, educating the consumer and recommending the appropriate solution. We become our clients' number one advocate to help them reestablish financial stability as quickly as possible. Benefits National Debt Relief is a team-oriented environment full of rewards and growth opportunities for our employees. We are dedicated to our employee's success and growth within the company, through our employee mentorship and leadership programs. Our extensive benefits package includes: Generous Medical, Dental, and Vision Benefits 401(k) with Company Match Paid Holidays, Volunteer Time Off, Sick Days, and Vacation 12 weeks Paid Parental Leave Pre-tax Transit Benefits No-Cost Life Insurance Benefits Voluntary Benefits Options ASPCA Pet Health Insurance Discount Access to your earned wages at any time before payday National Debt Relief is a certified Great Place to Work ! National Debt Relief is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other status protected by law. For information about our Employee Privacy Policy, please see here For information about our Applicant Terms, please see here #LI-REMOTE

What Information Security and Risk contributes to Cardinal Health Information Security and Risk develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure or destruction. This job family develops system back-up and disaster recovery plans. Information Technology also conducts incident response, threat management, vulnerability scanning, virus management and intrusion detection and completes risk assessments. The Director, Information Security and Risk (Identity & Access Management) is responsible for leading the organization's Identity & Access Management (IAM) strategy, governance, and operations to ensure secure, efficient, and compliant access to technology resources. This role requires a leader with proven ability to execute large-scale enterprise IAM programs that directly impact how employees, contractors, and customers interact with Cardinal Health technology. Success in this role demands a balance between delivering a frictionless, user-friendly experience and maintaining the highest standards of security. The Director must also excel at building partnerships across the organization and collaborating on program delivery, while driving operational excellence and anticipating business risks associated with IAM changes. Location - Ideally targeting individuals local to Central Ohio, but open to candidates located nationwide (fully remote). If living within commutable distance of our corporate HQ in Dublin, OH - the expectation would be to come in-office two or three days a month for team meetings. Responsibilities * Act as a visionary in designing and executing multi-year IAM strategy that aligns with business goals and customer needs * Develop and oversee enterprise IAM policies, standards, and procedures, ensuring consistent enforcement across the organization. * Lead IAM initiatives including identity lifecycle management (provisioning, de-provisioning, role-based access, entitlement reviews). * Direct privileged access management (PAM) programs to safeguard critical systems and sensitive data. * Ensure compliance with internal policies and external regulatory requirements (e.g., SOX, HIPAA, GDPR, PCI-DSS) through strong access controls. * Execute enterprise IAM programs with significant business impact, ensuring seamless access for employees, contractors, and customers. * Balance user experience with security by designing IAM solutions that are simple, intuitive, and resilient. * Drive operational excellence by establishing repeatable processes, KPIs, and service delivery models for IAM functions. * Build strong partnerships across IT, Security, HR, and business units to align IAM delivery with organizational priorities. * Establish metrics and reporting mechanisms to monitor IAM effectiveness, operational performance, and program maturity for executive leadership. * Lead training and awareness programs related to IAM policies, secure access practices, and identity governance. Qualifications * Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field preferred. * Ideally targeting individuals with 12+ years of IT/security experience with at least 5 years in IAM leadership roles preferred. * Proven track record of executing enterprise IAM programs with measurable business impact. * Prior people leadership experience and demonstrated ability to manage operational IAM teams, highly preferred. * Expertise with IAM tools and platforms (e.g., Okta, SailPoint, CyberArk, Azure AD). * Strong understanding of relevant Regulatory and Compliance requirements (HIPAA, SOX, HITRUST CSF, etc.). * Strong understanding of authentication protocols (SAML, OAuth, OpenID Connect, Kerberos) and cloud IAM (AWS IAM, Azure RBAC, GCP IAM). * Certifications such as CISSP, CIAM, or CISM preferred. * Strong analytical, relationship management, and communication skills (both written and verbal). * Ability to collaborate across functions and influence stakeholders to achieve IAM program success. What is expected of you and others at this level * Provides leadership to managers and experienced professional staff; may also manage front line supervisors * Manages an organizational budget * Develops and implements policies and procedures to achieve organizational goals * Assists in the development of functional strategy * Decisions have an extended impact on work processes, outcomes, and customers * Interacts with internal and/or external leaders, including senior management * Persuades others into agreement in sensitive situations while maintaining positive relationships #LI-LP #LI-Remote Anticipated salary range: $135,400 - $228,910 Bonus eligible: Yes Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being. * Medical, dental and vision coverage * Paid time off plan * Health savings account (HSA) * 401k savings plan * Access to wages before pay day with my FlexPay * Flexible spending accounts (FSAs) * Short- and long-term disability coverage * Work-Life resources * Paid parental leave * Healthy lifestyle programs Application window anticipated to close: 12/25/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply. Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.

Introduction KLDiscovery offers a fantastic opportunity for you to use your talents to make a meaningful impact in a fast-paced, growing technology and services organization! KLDiscovery is a global leader in eDiscovery, compliance, and data management solutions, empowering law firms, corporations, and government agencies to tackle their most complex legal and regulatory challenges. We are looking for a Vice President, Chief Information Security Officer to join our team who is passionate about our mission and brings initiative, authenticity, and collaborative spirit to everything they do. If you're fueled by innovation and committed to delivering exceptional results, KLDiscovery is the perfect place to grow your career. Work Status: Remote, work from home opportunity. Is This Role For You? The Vice President, Chief Information Security Officer provides strategic and operational direction to the organization to ensure the attainment of business objectives. Ensure that all revenue and profit goals are met. Revise objectives and policies in response to changes in internal and external conditions. Coordinate operations between divisions and departments. Establish responsibilities and procedures for attaining objectives. Establish strategies and objectives, coordinating with all organizational goals and standards. Responsible for financial performance and attainment of profit goals. A Day in The Life Development of policies and standards aimed at minimizing costs related to acquisition, implementation, and operation of IT systems across business units. This includes the management of vendor relationships and ensuring this is leveraged across business units. Manage and develop key performance indicators to assure customer satisfaction and operational performance; manage problem escalation and communication with senior management and customers where appropriate. Ensure software and hardware license compliance through documented, established process. Coordinate gap analysis to identify training needs for department. Define requirements and ensure compliance for next level of advancement. Direct, coach, and mentor management staff in performance management skills. Build a department that optimizes senior talent, while promoting the growth of junior talent. Performance Management including collecting data on regular basis, organize and create annual reviews, provide regular coaching of individuals. Manage the timeliness of reviews for the department. Provide daily operational direction and oversight in meeting committed service level agreements (SLAs). Maintain and improve operational policies and procedures. Provide quarterly updates to the BoD and Senior Level Management. Travel as necessary for internal needs as well as client requested audits. What You Will Bring To The Role Bachelor's degree in technology-related field or equivalent work experience. 15+ years' experience; Ten to Thirteen years management. This experience should include: Management of production data centers and external customer SLA support Demonstrated success in providing best practice process and support implementation Proven track record and managing teams of 20 or more people Demonstrated knowledge of global telecommunications Demonstrated quality control implementation experience Demonstrated success in change management Extensive experience with the build out, growth, management, and support of high-volume Data Centers Fiscal responsibility, including creating and managing to a budget Demonstrated ability to create a vision for IT Operations focused on IT Service Management and ITIL Demonstrated success in defining, tracking, and communicating internal and business focused metrics Demonstrated success in defining and implementing a global IT shared services model Coaching, developing, and mentoring direct reports and ensure processes are in place to develop the future leaders of the IT organization Skills: Must be able to synthesize large amounts of data/concepts effectively into understandable terms both written and oral Must be capable of communicating with Sr. Level Management both verbally and in written communications Must be adaptive with varied skill sets that can fit into a variety of project situations Must be quick learning and possess a high comfort-level with non-repetitive projects and new challenges Must be quick thinking: ability to listen, grasp concepts and engage during interactive discussions Should be able to work with limited supervision Should have strong organizational and time management skills Should be well rounded with an exceptional work ethic Should be results-oriented with an exceptional ability to be independent, motivated, and proactive Should be customer-focused and possess resilient interpersonal talents and poise to manage change Excellent communication (oral, listening, and writing) skills Strong problem solving, time management and organizational skills Understanding of data center commercial market space General knowledge of applications management processes and methodologies Expert knowledge of system management and process methodologies and practices Strong understanding with practical application of WAN/LAN and internet connectivity and concepts. Driving Career Growth, Benefit Excellence: The KLD Advantage At KLD we invest in employees and their families by placing their wellbeing first. We offer competitive total compensation that includes base pay, bonus potential, inclusive benefits, wellness programs, and perks. We use market and industry data to inform pay decisions while considering geography and labor markets, individual experience, and business needs. Individual compensation will vary, although a reasonable estimate of the current annualized base pay range for this position is $200,000 to $250,000. We offer a high-performance laptop computer, options for wireless headset or external speaker, up to two 24” 2K monitors, and a mobile phone for business use. Generous paid time off, offering various time off options to help employees maintain a work-life balance, such as vacation, paid sick leave, parental leave, paid jury leave, and more! Comprehensive health, dental, vision and supplemental benefits packages that include life insurance, short- and long-term disability, to promote the health of our employees. Remote-friendly, flexible working culture, where you can apply to work from several global locations. A focus on continuous professional development through various training and education reimbursement programs. A diverse and inclusive workplace where we all learn, grow, and achieve the greatest heights…together. A surrounding team of mission-driven individuals who genuinely love what they do. Equity incentives and company bonus programs; that way, we all share in the success of KLDiscovery. Free, fun, interactive and incentivized global wellness program that promotes the wellbeing of our employees plus offers a wide range of perks and discounts! Free Employee Assistance Program (EAP) because we all could use a little help and support every now and then. 401(k) with employer match, to help our employees achieve financial success. KLD supports the communities where our employees live and offers a paid community service day for employees to volunteer with what resonates with them. To keep our furry, 4-legged family members healthy, KLD employees can opt for Pet Insurance. Who We Are KLDiscovery provides technology-enabled services and software to help law firms, corporations, and government agencies solve complex data challenges. With offices in 26 locations across 17 countries, KLDiscovery is a global leader in delivering best-in-class data management, information governance, and eDiscovery solutions to support the litigation, regulatory compliance, and internal investigation needs of clients. Our Nebula Ecosystem provides powerful end-to-end eDiscovery and enterprise-grade information governance. Through its global Ontrack data recovery business, KLDiscovery delivers world-class data recovery, disaster recovery, email extraction and restoration, data destruction, and tape management. We Provide Equal Employment Opportunity At KLDiscovery we believe that inclusion and diversity make us stronger. We are committed to fostering an inclusive environment for all employees that enhances wellbeing and belonging. We welcome and celebrate individuals of all backgrounds, experiences, and perspectives. We do not discriminate on the basis of race, color, religion, gender, pregnancy, gender identity, sexual orientation, national origin, age, disability, genetic information, veteran status, or any other protected status. We are happy to support you with any accommodation request at any stage in our hiring process. Texas PI# A04094801 #LI-TF1 #LI-Remote

About Skylight Skylight is a digital consultancy using design and technology to help government agencies deliver better public services. We're at the forefront of a civic movement to reinvent how all levels of government serve families, patients, and many others in today's digital world. If you want to play a part in driving this critical movement forward, we'd love for you to join our growing team of public interest technologists. The work we do matters. About the job As Skylight's Chief Information Security Officer (CISO), you'll lead Skylight's security, compliance, and policy efforts, ensuring they align with Skylight's business, technical, and regulatory requirements. As a trusted advisor and partner across the organization, you'll balance deep technical understanding with clear communication and strong relationship-building skills. Because Skylight supports multiple federal clients, our work must comply with CMMC Level 2, NIST 800-171, and, potentially, HIPAA. You'll play a pivotal role in maintaining compliance with these regulations by developing organizational readiness, guiding engineering teams, and ensuring secure, compliant operations across all systems. In this role, you'll report directly to the Chief Information Officer (CIO). This is a hands-on, collaborative leadership role where you'll partner closely with the CIO on priorities, decisions, and direction. You'll also collaborate with the CIO on key aspects of Skylight's IT infrastructure, including onboarding/offboarding, account management, and role-based access controls. While you don't need to be an expert administrator for every tool we use, your partnership in this area is essential to maintaining both operational integrity and regulatory compliance. What you'll do Lead the design, implementation, and day-to-day operation of Skylight's information security and compliance efforts Maintain and continuously improve compliance with Skylight's regulatory requirements, including NIST 800-171, CMMC Level 2, and HIPAA Represent Skylight externally for security audits, risk assessments, and communication with external assessors Collaborate with the Chief Operating Officer (COO) and CIO to achieve and maintain Skylight's facility security clearance (FCL) Administer and enforce identity and access management across Skylight's IT infrastructure, including AWS, Azure, Google Cloud Platform (GCP), Google Workspace, and Slack Partner with project and delivery teams to integrate security and compliance into project planning, delivery, and client communications Lead periodic risk assessments and report findings to the CIO and leadership team to inform decision-making Develop and maintain internal security and IT policies, ensuring they're accessible, practical, and actionable Deliver annual security awareness training across the organization Collaborate with the CIO to align security priorities with company strategy and resource planning Stay current on evolving security practices, technologies, and emerging threats What we're looking for Minimum qualifications An active security clearance or the eligibility to obtain one Hands-on experience with identity and access management (IAM), role-based access control (RBAC), and related concepts in AWS, Azure, and GCP Demonstrated success leading security audits or compliance assessments Excellent communication and documentation skills, with the ability to explain technical and regulatory concepts in plain language Experience enumerating and mitigating organizational vulnerabilities Experience mitigating security risks in the software development life cycle at the organizational level Ability to interpret and translate non-technical material, such as regulations, into business and technical requirements Deep understanding of and achieving compliance with NIST 800-171 Proven ability to foster trust and collaboration across technical and non-technical teams Ability to work successfully within a professional services environment (e.g., can communicate effectively with clients) A passion for creating better public outcomes through great government services A mindset and work approach that aligns with our core values Ability to travel for work from time to time Nice-to-have qualifications Expertise in other relevant regulatory frameworks like CMMC, HIPAA, or FISMA Hands-on experience administering Google Workspace Professional development experience in at least one programming language Professional experience working with infrastructure-as-code Prior experience working in the civic tech space Experience working in a remote-team environment Don't meet 100% of the criteria but think you can do the job? We'd love to chat anyway! We're on a mission to build diverse teams, and studies have shown that women and marginalized folks are less likely to apply to jobs if they don't check every box. Other requirements All work must be conducted within the U.S., excluding U.S. territories. Some federal contracts require U.S. citizenship to be eligible for employment. You must be legally authorized to work in the U.S. now and in the future without sponsorship. As a government contractor, you may be required to obtain a public trust or security clearance. You will be required to complete a company background check successfully. Position type This is a full-time, exempt position. Location This is a fully remote position. Care package Salary The salary range for this position is between $170,000 and $240,000. Benefits Your well-being is important to us, so we focus on supporting you in a variety of ways: Medical insurance, dental insurance, vision insurance Short-term and long-term disability insurance Life and AD&D insurance Dependent care FSA, healthcare FSA, health savings account Dollar-for-dollar 401(k) match up to 10% of your salary with no vesting period Flexible paid-time-off policy (generally around 25 days per year), plus 11 paid federal holidays Up to 12 weeks paid-time-off for all eligible new birth, adoption, or foster parents Performance rewards, including annual salary increase, annual performance bonus, spot bonuses, and stock options Business development / sales bonuses Referral bonuses Annual $2,000 allowance for professional development Annual $750 allowance for tech-related purchases Annual swag budget of $100 to display your Skylight pride with some merchandise (hoodies, hats, and more) Dollar-for-dollar charity donation matching, up to $500 per year Flexible, remote-friendly work environment An environment that empowers you to unleash your superpowers for public good Interview tips Visit our join page to learn more about how our interview process works. Check out our Career Pathways framework to learn more about the different roles within Skylight and the skills needed to do them. If you'd like to request reasonable accommodations during the application or interviewing process, please contact our recruiting team at recruiting@skylight.digital. We participate in E-Verify and upon hire, will provide the federal government with your Form I-9 information to confirm that you're authorized to work in the U.S. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, sex, religion, age, disability, veteran status, or any other category protected by applicable law.

At Colibri, culture is a critical part of our collective success, and we live our values everyday: Love, Joy,Boldness, Teamwork and Curiosity. These values guide our interactions with each other, our customers,and the community as a whole. We have a rich and storied history. Colibri is one of the pioneers of online professional education,introducing some of the first web-based professional education courses in 2001. Today, the company'sfamily of brands are the leading online professional education platforms in their respective end-markets.We proudly serve >1 million customers annually and employ more than 1,500 mission-alignedprofessionals. To learn more, please visit: ******************** Position Overview:The Chief Academic Officer (CAO) is the senior academic leader at Moreland University, responsible for ensuring academic excellence, institutional credibility, and strategic program growth for Moreland University and its wholly owned subsidiary. The CAO integrates academic leadership with commercial acumen, driving mission-aligned curriculum development, faculty leadership, and accreditation readiness while fostering a candidate-centric experience. This role bridges internal academic operations with external engagement, contributing to institutional reputation, strategic partnerships, and high-quality educator preparation programs.What You'll Do Ensure rigorous, accessible, and mission-aligned curriculum across certification, degrees, and professional development offerings. Lead a metrics-based curriculum review cycle for continuous improvement in outcomes, satisfaction, and retention aligned with accreditation standards and state requirements. Oversee curriculum development and instructional design for distance education using research-based principles, accreditation standards, and a candidate mindset. Collaborate with Product & Development teams to enhance the candidate experience through platform innovation. Maintain awareness of competitor offerings and market trends to inform program development. Lead academic components of DEAC and CAEP accreditation, including documentation, reporting, and audit readiness. Collaborate with Regulatory to ensure timely submissions and compliance tracking. Maintain transparent outcome reporting and proactively address policy changes. Ensure educator preparation standards are met across all academic offerings and aligned correctly to each state. Own and execute on state EPP approvals and licensure renewals in collaboration with Regulatory, Product, and the Operations Teams. Hire, develop, and retain qualified faculty and academic staff. Promote faculty engagement in thought leadership activities (e.g. publications, conferences) in alignment with DEAC and CAEP expectations. Guide faculty professional development, coaching, and performance evaluation. Ensure teaching quality and candidate learning outcomes through weekly metrics and observation cycles. Oversee implementation and analysis of strategic and institutional effectiveness plans to drive candidate success. Use direct and indirect evaluation measures to inform academic planning and improve achievement. Own the institutional strategic and effectiveness plans and contribute to the annual operating plan. Govern the academic product roadmap (certification, micro-credentials, degrees). Align academic priorities with fiscal responsibility and resource allocation Own and manage educator preparation provider (EPP) status in priority states. Collaborate with Regulatory and other leaders on state approval submissions and renewals. Implement program modifications to ensure alignment with educator preparation provider requirements in each state. Represent Moreland in academic and professional forums, conferences, and advisory boards. Build executive-level relationships with state education agencies, school districts, and higher education institutions. Advocate for faculty participation in thought leadership and external engagement. Serve as institutional liaison to Moreland's Advisory Board and Advisory Council. What You'll Need to Succeed Led academic and/or product teams in terms of program and curriculum growth as well as faculty development and oversight Experience in a for-profit academic and/or ed tech environment with the mindset of understanding how the program/product offerings accelerate market and enrollment growth Deep knowledge of the K-12 industry and higher education Knowledge and experience with the key role that academics and program knowledge have concerning regulatory and accreditation bodies such as DEAC, CAEP, and state departments of education relevant to licensure and program approvals Experience working with program offerings for both a B2C and a B2B delivery model Business and educational experience that demonstrates an understanding that Moreland is growth-focused to solve for the teacher shortage and attrition challenges Doctoral degree required Colibri Group welcomes applicants from all backgrounds and experiences, and we understand that not every candidate will meet every requirement listed in the job description. Research has shown that women and people of color may be less likely to apply to jobs unless they feel they meet every qualification, and we want to actively combat this bias in our hiring process. If you're excited about the role and believe you have the skills and experience to contribute to our team, we encourage you to apply, even if your background doesn't align perfectly with every qualification listed. We are committed to building a diverse and inclusive workplace, and we believe that diversity of perspectives and experiences is essential to our success. You may be just the right candidate for this role or another position within our organization. Don't hesitate to take the leap and apply today!

Job Description We're looking for an experienced and strategic Chief People Officer to guide our people strategy and elevate our organizational culture. In this role, you will shape talent development, drive leadership excellence, and build scalable people operations that support our rapid growth. You will partner closely with executive leadership to ensure our workforce, processes, and culture align with our mission and long-term goals. Responsibilities Define and execute a holistic people strategy across talent acquisition, development, engagement, and retention. Build scalable HR systems, policies, and programs that support a high-performance culture Partner with executives and managers to anticipate organizational needs and drive workforce planning. Lead initiatives in leadership development, performance management, and organizational design. Foster a diverse, inclusive, and values-driven workplace. Oversee compensation, benefits, and compliance. Develop, mentor, and lead the People/HR team. Requirements Proven executive-level leadership in People/HR roles in fast-growing organizations. Strong expertise across HR disciplines (talent, culture, performance, organizational development). Experience scaling people operations and implementing company-wide programs. Demonstrated ability to navigate complex organizational challenges with sound judgment. Excellent communication, coaching, and stakeholder-management skills. Fluency in English; additional European languages are a plus. Benefits Perks Learning Friday. If our team members know more, so do we. That's why we give everyone a training budget that they can spend on books, online courses or other training materials. Smart Working. Trains can be a drag, you can save some commuting time by working from home. Salary is based on experience, and may include bonuses or other components About Domyn Domyn is a company specializing in the research and development of Responsible AI for regulated industries, including financial services, government, and heavy industry. It supports enterprises with proprietary, fully governable solutions based on a composable AI architecture - including LLMs, AI agents, and one of the world's largest supercomputers. At the core of Domyn's product offer is a chip-to-frontend architecture that allows organizations to control the entire AI stack - from hardware to application - ensuring isolation, security, and governance throughout the AI lifecycle. Its foundational LLMs, Domyn Large and Domyn Small, are designed for advanced reasoning and optimized to understand each business's specific language, logic, and context. Provided under an open-enterprise license, these models can be fully transferred and owned by clients. Once deployed, they enable customizable agents that operate on proprietary data to solve complex, domain-specific problems. All solutions are managed via a unified platform with native tools for access management, traceability, and security. Powering it all, Colosseum - a supercomputer in development using NVIDIA Grace Blackwell Superchips - will train next-gen models exceeding 1T parameters. Domyn partners with Microsoft, NVIDIA, and G42. Clients include Allianz, Intesa Sanpaolo, and Fincantieri. Please review our Privacy Policy here.

About the Role iCapital is looking to hire a Vice President Information Security Governance Specialist. This individual will be a key person in iCapital's second line of defense team. The ideal candidate will support the organization's security governance program by ensuring compliance with regulatory requirements, security frameworks, and contractual obligations. This role involves reviewing the information security program against industry standards, assessing security clauses in client and vendor contracts, designing and maintaining security controls, and responding to regulatory audits. Responsibilities Assist in authoring, maintaining, and updating security governance policies and standards to align with industry frameworks and management direction. Evaluate the organization's information security program against common frameworks (e.g., ISO 27001, CIS, NIST 800-53, SOC 2) and applicable regulations (e.g., NYDFS, DORA, FFIEC, GDPR). Identify gaps and recommend control enhancements to align with compliance requirements. Review and negotiate information security sections of client and vendor contracts in partnership with the Legal team. Ensure contractual obligations meet internal security standards, regulatory expectations, and reasonability. Collaborate with Technology, Information Security, and Risk teams to design, document, and enhance security controls for infrastructure, applications, and data. Coordinate responses for internal and regulatory audits for information security team. Qualifications 7-10 years of experience in information security governance, compliance, or risk management in a financial service, fintech, or technology-driven environment Bachelor's degree in information security, risk management, or a related field Strong written and verbal communication skills Excellent analytical and problem-solving skills Able to manage multiple priorities and deadlines in a fast-paced environment Comfortable engaging with senior leaders Knowledge of cybersecurity frameworks (ISO, CIS, NIST, SOC 2) and audit processes CISM, CRISC, or CISSP certifications are preferred Benefits The base salary range for this role is $150,000 to $180,000. iCapital offers a compensation package which includes salary, equity for all full-time employees, and an annual performance bonus. Employees also receive a comprehensive benefits package that includes an employer matched retirement plan, generously subsidized healthcare with 100% employer paid dental, vision, telemedicine, and virtual mental health counseling, parental leave, and unlimited paid time off (PTO). We believe the best ideas and innovation happen when we are together. Employees in this role will work in the office Monday-Thursday, with the flexibility to work remotely on Friday. For additional information on iCapital, please visit **************************************** Twitter: @icapitalnetwork | LinkedIn: ***************************************************** | Awards Disclaimer: ****************************************/recognition/ iCapital is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, gender identity, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU. If you'd like to build the world's best AI cloud, join us. *Note: This position requires presence in our San Francisco or San Jose office location 4 days per week; Lambda's designated work from home day is currently Tuesday. What You'll Do Validate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives Manage IT Risk Register including risk identification, tracking, and prioritization. Assist with and drive remediation of control deficiencies and gaps Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.) Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting Assist with the Customer Trust program which may include managing customer assessments, and security questionnaires Assist control owners with root cause analysis and track risk management action plan progress. Create risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings Assist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements You Have a minimum of 8 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements Have experience managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks Have experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations Possess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives Nice to Have Experience in the machine learning or computer hardware industry Experience with Security by Design and/or Privacy by Design principles Experience with standard cyber controls frameworks, including CIS Top18, NIST Cyber Security Framework (CSF), NIST 800.53, NIST 800.171, CMMC, Cybersecurity Maturity Model Certification (CMMC), ISO 27001 and 27701, and SOX ITGC control frameworks. Broad knowledge of IT infrastructure and architecture of computer systems as well as exposure to a variety of platforms such as operating systems, networks, databases, and ERP systems Familiarity with using third-party tools such as Audit Board, Whistic, RSA Archer, ServiceNow for third-party risk management Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Experience in the AI infrastructure, machine learning and/or computer hardware industry Salary Range Information The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description. About Lambda Founded in 2012, with 500+ employees, and growing fast Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG Our values are publicly available: ************************* We offer generous cash & equity compensation Health, dental, and vision coverage for you and your dependents Wellness and commuter stipends for select roles 401k Plan with 2% company match (USA employees) Flexible paid time off plan that we all actually use A Final Note: You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills. Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.

As a UW employee, you have a unique opportunity to change lives on our campuses, in our state and around the world. UW employees offer their boundless energy, creative problem-solving skills, and dedication to build stronger minds and a healthier world. UW faculty and staff also enjoy outstanding benefits, professional growth opportunities and unique resources in an environment noted for diversity, intellectual excitement, artistic pursuits, and natural beauty. The Senior IT Auditor plans and performs independent, risk based audit, assurance and consulting activities related to IT internal processes, controls, risk management and governance activities within the University of Washington, while adding value and improving IT operations. Senior IT Auditor is expected to have internal IT audit experience and to demonstrate proficiency in applying independent judgement in performing internal audit work which conforms to professional standards. In addition, the Senior IT Auditor performs computer forensics, data analytics, and provides IT support for Internal Audit, including maintaining our servers, installing software upgrades, performing test of backup/recovery, and updating of security plans and department policies and procedures. This position will primarily support the completion of IT audits in the healthcare space. Internal Audit is a primary tool of the Board of Regents to ensure financial, operational and compliance integrity. Other auditors examine specific functions, activities, or areas of risk, but the scope of Internal Audit encompasses all of these areas. Current levels of frequent, significant and costly compliance issues in healthcare, higher education, and IT emphasize the importance of the internal audit function. The success and reputation of Internal Audit rest with the work performed by the Principal, Senior and Staff Auditors. **Duties & Responsibilities** **Audit Examinations** - Independently performs information security and IT operations audits and/or advisory services across a broad range of systems and technologies including but not limited to: information security, vulnerability management, application controls, network infrastructure, databases, operating systems, IT general controls, pre and post system implementation, development operations, cloud software and platforms, disaster recovery, and incident response. - Prepare IT audit plan for each audit assignment that ensures effective audit coverage based on an assessment of potential risks and exposures. - Design detailed audit work programs (in many cases customized for the environment), conduct interviews, document and analyze processes/compliance with applicable federal/state laws and University policies, and apply critical thinking to evalute risks and controls and asses the results of audit testing. - Consistently document relevant facts and information to support the work performed and conclusions drawn so other reviewers can follow the auditor's logic and methodology. - Develop audit findings, determine root causes, and develop relevant and achievable recommendations based on leading practice, the risk profile of the client and the UW. - Effectively communicate audit results, both verbally and in writing, so they are persuasive, placed in the appropriate context, and understood by the recipient. Prepare professional audit reports summarizing findings, recommendations, and management responses. - Perform follow-up reviews to ensure that recommendations are implemented to appropriately address risks identified. - Conduct audits in accordance with professional and departmental standards. Complete work on time and within budget with limited instructions, yet know when to seek guidance from supervising manager when circumstances warrant. May work on audits independently as part of a team project. - Partner with other auditors to provide guidance and assistance in using computerized audit techniques to extract and analyze data from complex computer systems or in performing evaluations of IT controls. - Utilize appropriate tools to conduct computer forensics in support of audits or investigations. **Guidance and Consultation** - Consult with University departments on new system development processes to ensure that appropriate controls are included in the design of planned applications and systems. - Critically apply insights and knowledge of IT and information security to enable clients to solve complex institutional problems while effectively managing risks. - Serve on University committees as requested. - Keep current on technical IT, security, accounting, auditing and government pronouncements. - Participate in University wide risk assessments and Internal Audits quality and process improvement program as requested. **IT Support for Internal Audit** - Coordinate maintenance of server utilized by Internal Audit, including applying appropriate patches. - Review, recommend, and install software upgrades related to electronic work paper software utilized by Internal Audit. - Perform periodic tests of backup/recovery. - Review and periodically update security plan and department IT policies and procedures. **Required Qualifications** + Bachelor's degree + Minimum of five years of audit experience, to include at least three years of IT audit experience or technical equivalent experience. + Professional certification such as CISA, CISSP, or CISM. Equivalent education/experience will substitute for all minimum qualifications except when there are legal requirements, such as a license/certification/registration. **Additional Qualifications** + Ability to independently design and perform IT audits and new systems implementation reviews of information systems in a multi-platform computing environment. + Strong understanding of IT internal controls. + Outstanding analytical, interpersonal and written communication skills. + Ability to communicate effectively with individuals at all organizational levels. **Desired Qualifications** + Master's Degree in IT, security, auditing, accounting or related discipline. + Familiarity with NIST Cybersecurity framework, CIS18, and PCI standards. + Experience using computerized audit techniques to extract and analyze data from complex computer systems or in performing evaluations of IT controls such as SQL, Tableau, ACL. + Experience using IT forensics tools. + Higher Education and/or healthcare audit experience. **Working Environment** Flexible and partially remote work schedule available. **Compensation, Benefits and Position Details** **Pay Range Minimum:** $96,000.00 annual **Pay Range Maximum:** $120,000.00 annual **Other Compensation:** - **Benefits:** For information about benefits for this position, visit ****************************************************** **Shift:** First Shift (United States of America) **Temporary or Regular?** This is a regular position **FTE (Full-Time Equivalent):** 100.00% **Union/Bargaining Unit:** Not Applicable **About the UW** Working at the University of Washington provides a unique opportunity to change lives - on our campuses, in our state and around the world. UW employees bring their boundless energy, creative problem-solving skills and dedication to building stronger minds and a healthier world. In return, they enjoy outstanding benefits, opportunities for professional growth and the chance to work in an environment known for its diversity, intellectual excitement, artistic pursuits and natural beauty. **Our Commitment** The University of Washington is committed to fostering an inclusive, respectful and welcoming community for all. As an equal opportunity employer, the University considers applicants for employment without regard to race, color, creed, religion, national origin, citizenship, sex, pregnancy, age, marital status, sexual orientation, gender identity or expression, genetic information, disability, or veteran status consistent with UW Executive Order No. 81 (*********************************************************************************************************************** . To request disability accommodation in the application process, contact the Disability Services Office at ************ or ********** . Applicants considered for this position will be required to disclose if they are the subject of any substantiated findings or current investigations related to sexual misconduct at their current employment and past employment. Disclosure is required under Washington state law (********************************************************* . University of Washington is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to, among other things, race, religion, color, national origin, sexual orientation, gender identity, sex, age, protected veteran or disabled status, or genetic information.

About Us At SentinelOne, we're redefining cybersecurity by pushing the limits of what's possible-leveraging AI-powered, data-driven innovation to stay ahead of tomorrow's threats. From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We're looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you're excited about solving complex challenges in bold, innovative ways, we'd love to connect with you. What are we looking for? We are looking for a highly motivated, collaborative and experienced Senior InfoSec Risk Specialist with a security-focused mindset who can balance risk, business drivers and timelines. This position will be responsible for understanding and supporting the design of SentinelOne's organizational, procedural and technological security controls within the context of the security frameworks applicable to SentinelOne. In addition, you will be responsible for identifying and testing appropriate controls to ensure they are designed, implemented, and operating effectively to mitigate risk. The selected employee will help implement, automate, document and maintain controls while supporting and responding to inquiries from internal and external stakeholders. This individual must be self-directed and be able to work independently and collaboratively. What will you do? Support the planning and performance of IT risk-based security audits and projects, risk assessments, execution of fieldwork and communication to stakeholders. Help in evaluating relevant global standards, compliance frameworks and regulations to analyze existing controls; identify areas for improvement; and design control growth. Collaborate with process and control owners through the audit lifecycle for process documentation updates, testing coordination, remediation of identified deficiencies and advising on internal control enhancements or process changes, as appropriate. Proactively manage audit findings, tracking and documentation of status updates obtained via action owners, and timely execution of remediation activities. Participate in internal security and compliance programs and track recurring controls, such as SSAE 18 SOC 2, ISO 27001/27002. Provide control consultative support to the business to assist in redesign efforts to improve the control environment and identify opportunities for control improvements with the objective of mitigating risk and improving compliance and operational performance. Help support internal/external audits and evidence collection via a GRC tool. Document new and update existing policies, procedures, standards and resources Participate in Security awareness program, train personnel on data security and privacy-related processes and responsibilities. Help support customer security reviews, RFPs and external security and privacy inquiries. Participate in defining, collecting and tracking various Security Metrics. What skills and experience should you bring? 5+ years of experience working in information security, risk or compliance. Experience working with Security Controls across at least some of the following domains: Access Management, Encryption, Risk Management, Network Security, Configuration Management, Patch Management, Change Management, Awareness and Training, BC/DRP, etc. Ability to perform internal audits with minimal direct supervision, exhibit professional audit judgment and have experience in a broad range of audit projects such as SSAE 16/18 SOC 2, ISO 27001/2, NIST. Strong risk management experience, performing assessments and audits, designing controls, managing enterprise control frameworks, and prioritizing risk. Strong project management skills and ability to manage a variety of projects simultaneously to completion within the agreed timelines. Excellent collaboration and interpersonal skills. Must be able to communicate with all levels in the organization. Ability to communicate effectively, in writing and verbally, to target audiences, including customers, partners, auditors, executive management, vendors, and peers. Experience working with both technical and non-technical teams. Ability and desire to understand the intent of requirements and provide effective recommendations. Ability to prioritize in a highly dynamic work environment. Our Preferred Qualifications: Advanced degree in computer science, Information Technology, Information Security or related field. Experience with, and strong understanding of common Security Compliance frameworks, controls, and best practices such as COSO, SOC 2, SOX ITGC, ISO 27001/27002, GDPR, PCI, NIST and other applicable regulatory compliance frameworks. Relevant certifications (ISO 27001 LA/LI, CISA, CISM, CISSP, CRISC, etc.) Ability to assess and pragmatically define scope and relevant controls. Strong desire to learn and continuously develop and deepen technical skills. Why us? You will be joining a cutting-edge company where you will tackle extraordinary challenges and work with the very best in the industry. Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA Unlimited PTO Industry-leading gender-neutral parental leave Paid Company Holidays Paid Sick Time Employee stock purchase program Disability and life insurance Employee assistance program Gym membership reimbursement Cell phone reimbursement Numerous company-sponsored events, including regular happy hours and team-building events This U.S. role has a base pay range that will vary based on the location of the candidate. For some locations, a different pay range may apply. If so, this range will be provided to you during the recruiting process. You can also reach out to the recruiter with any questions. Base Salary Range$104,000-$138,000 USD SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. SentinelOne participates in the E-Verify Program for all U.S. based roles.

Primary Responsibilities: Execute and support the Risk Management Framework (RMF) lifecycle including system categorization, control selection, implementation, assessment, and authorization. Develop, maintain, and validate System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, Contingency Plans (CPs), and related compliance documentation. Conduct and lead vulnerability assessments, leveraging tools such as Nessus, ACAS, and Fortify to identify and prioritize remediation efforts. Perform continuous monitoring of security controls and produce metrics, dashboards, and evidence in support of ATO renewals and sustainment. Analyze and respond to security incidents, working with SOC personnel and SIEM tools to evaluate logs, investigate events, and contain potential threats. Conduct internal audits and risk assessments to validate the effectiveness of implemented controls and identify compliance gaps. Provide security guidance to engineering and development teams, ensuring adherence to cybersecurity standards in a DevSecOps environment. Stay informed of evolving threats, vulnerabilities, and regulatory changes to proactively enhance security postures. Coordinate with Security Control Assessors (SCAs), ISSOs, system owners, and federal stakeholders on audit readiness and policy compliance. Draft and enforce cybersecurity policies, SOPs, and standards that support mission-critical systems across hybrid environments. All other duties as assigned by management. Qualifications Bachelor's or Associate's degree in Computer Science, Math, Information Technology, Engineering, or related field. Five (5) years of directly relevant experience may substitute for two (2) years of formal education. Minimum of five (5) years of experience in experience with vulnerability scanning tools and security assessment methodologies. Minimum of five (5) years of experience with network security, firewall management, intrusion detection/prevention systems (IDS/IPS). Minimum of (5) years of experience with Security Information and Event Management (SIEM). Minimum of five (5) years of experience in the risk management framework. Basic knowledge of the following: Active Directory, UNIX, RHEL, Windows, Relational Databases. Previous support of federal government enterprise systems or DHS/DOD programs is strongly preferred. Must have an active DoD Secret Clearance.

Overview of 66degrees 66degrees is a leading consulting and professional services company specializing in developing AI-focused, data-led solutions leveraging the latest advancements in cloud technology. With our unmatched engineering capabilities and vast industry experience, we help the world's leading brands transform their business challenges into opportunities and shape the future of work. At 66degrees, we believe in embracing the challenge and winning together. These values not only guide us in achieving our goals as a company but also for our people. We are dedicated to creating a significant impact for our employees by fostering a culture that sparks innovation and supports professional and personal growth along the way. Overview of Role A client of 66degrees' is seeking a junior contractor to engage on a 8+-month remote contract with the potential to extend/convert into a permanent role with the client. Interested candidates should have the following required skills and the ability to work independently as well as within a team environment. The Information Security Support Contractor will function as a member of the Security Support team and help support day-to-day operations. This role will focus on frontline duties and interact with technical and business units. This role requires strong teamwork and initiative, along with the ability to build and maintain relationships across technical and business units. Excellent communication skills are essential. Responsibilities Provide level 1 support for incident and request tickets escalated from other technical teams. Contribute to protecting the integrity and confidentiality of client data and infrastructure while enabling business functionality in all systems and environments by learning to support applicable security solutions. Learn about the security tools and solutions implemented within the organization. Assist in improving processes, identify efficiencies, and recommend solution enhancements to improve service-level delivery. Support the client Information Security Governance & Compliance team as needed during risk assessments, internal and external Information Security Audits, and Vendor reviews. Assist in supporting the Identity Access Management team. Gather and report on key organizational information security metrics. Qualifications 1-3 years of experience as an Information Security Analyst or experience in an IT support capacity. Required experience working with: Active Directory/Azure File Share Permissions Email security understanding Mimecast or a similar solution Keeper - Nice to have zScaler - Nice to have Strong communication, good customer service experience and flexibility with change are all required. Eagerness to work in a collaborative environment. 66degrees is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to actual or perceived race, color, religion, sex, gender, gender identity, national origin, age, weight, height, marital status, sexual orientation, veteran status, disability status or other legally protected class.

Amalgamated Bank seeks a dedicated Chief Information Security Officer to be responsible for designing and implementing the Bank's Information Security program while protecting the business from cyber security threats. This is a hybrid role reporting to our NYC headquarters. By joining our team, you'll be joining a Bank that believes that maintaining a diverse and inclusive workplace where everyone feels valued and respected is essential for us to grow as a company. We are dedicated to building a more equitable world in our everyday practices by embracing the values of our employees and customers. Essential Job Functions: Develop and maintain an Enterprise Information Security Program Design a critical response process for Cyber Security incidents Identify, report and control Cyber Security incidents Manage and train Information Security staff and develop and deliver Information Security training to the Bank's employees Continuously monitor threats to the Bank's operating environment Approve and administer identity access policies Maintain a current understanding of the IT and Cyber Security threat landscape for the industry Ensure Bank compliance with relevant Information Security laws and applicable regulations Lead, and assess the results of periodic security tests, including internal and external penetration testing and phishing Schedule table-top exercises for Crisis Team and senior management and report findings to management, including implementation of recommendations Review and approve Information Security policies, procedures and controls Ensure that they are kept current and are communicated to staff/consultants Ensure staff/vendor compliance with the Bank's security policies and procedures Manage a team of employees, contractors and vendors involved in Information Security Brief the Executive Team on status and risks, overall strategy and necessary budget Communicate best practices and risks to the Bank Perform a risk assessment of the Bank's vulnerabilities in the Cybersecurity landscape and develop the Bank's risk appetite for Information Security Develop Key Risk Indicators (KRIs) and dashboard metrics reporting to both the Management Team and the Board of Directors Establish strong working relationships with the Heads of IT and business lines Develop and present quarterly reports to the Board of Directors. Knowledge, Skills and Experience Requirements: Master's degree or equivalent experience Minimum of ten (10) years of experience, at least five (5) years focused on managing information security in a complex, matrixed environment Extensive experience in regulated industries, especially financial services; banking experience is preferred Proven ability to create and maintain enterprise-level information security programs Motivated individual with strong analytical, problem solving and root cause analysis skills Ability to work on multiple, time-critical projects simultaneously Knowledge of Data Privacy Laws Working knowledge of information security engineering concepts and principles Familiarity with DFS 500 and similar regulations Experience working with external regulators, including NY DFS and FDIC Excellent verbal and written communications, including presentation of complex data in easily, understood ways Ability to confidently interact at multiple levels in the organization and lead cross-departmental team projects Experience presenting to senior levels, including Board of Directors CISSP, CISA or CISM designations preferred Our job titles may span more than one career level. The starting base salary for this role is between $240,000.00 - $260,000.00. The actual base pay is dependent upon many factors, such as: training, transferrable skills, work experience, business needs and market demands. The base pay range is subject to change and may be modified in the future. Amalgamated Bank is an Equal Opportunity and Affirmative Action Employer, Minorities / Females / Individuals with Disability / Veterans. AmeriCorps, Peace Corps and other national service alumni are encouraged to apply. View our Pay Transparency Statement. Submission of a resume or any information regarding your qualifications does not constitute a promise or offer of employment. At Amalgamated Bank, we consider an applicant to be someone who has interviewed at least once, in person, with the hiring manager. Amalgamated Bank does not sponsor applicants for work visas. Hybrid Work Model Effective February 18, 2025, employees in office-based positions will be working a Hybrid work schedule consisting of three days or more, on-site per week, Monday - Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence. This Hybrid work model does not apply to, and daily in-person attendance is required for, the contact center, branch service roles, and general services where the work to be performed is located at a Company site; positions covered by a collective-bargaining agreement (unless the agreement provides for hybrid work); or any other position for which the Company has determined the job requirements cannot be reasonably met working remotely. Please note, this Hybrid work model guidance does not apply to roles that have been designated as “remote”. Search Firm Representatives- Please Read Carefully Amalgamated Bank does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for the position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

About the Role: United Community is seeking an experienced Information Security Controls Analyst to serve as a subject matter expert in evaluating and strengthening our cybersecurity and technology controls. This role plays a critical part in assessing risk exposure, recommending control improvements, and ensuring alignment with regulatory standards and business risk tolerance. You'll collaborate with enterprise risk, compliance, and legal teams to provide visibility into our risk posture and drive meaningful change across the organization. What You'll Do: Review and document the adequacy of security and technology controls across business and IT environments. Evaluate control posture through interviews, documentation reviews, and workflow analysis. Recommend and support implementation of risk reduction strategies via policies, procedures, and technical controls. Partner with risk management and security leadership to align controls with organizational risk tolerance. Identify control strengths and weaknesses related to privacy, security, resiliency, and compliance. Document and advocate for control improvements that balance risk with operational efficiency. Support control development across testing, QA, and production environments. Present control effectiveness reports to senior risk leadership. Stay current on regulatory requirements, internal policies, and industry best practices. Participate in required compliance training and support internal/external audit activities. What We're Looking For: • Experience: 3+ years in cybersecurity or IT practitioner roles. 2+ years in IT risk or controls analysis. Practical experience with risk management and IT control frameworks. • Education: Bachelor's degree preferred in Information Assurance, Computer Science, Engineering, or a related technical field. • Required Skills: Strong understanding of risk frameworks (CRI, COSO, RMF, COBIT, NIST). Familiarity with regulatory standards (PCI, FFIEC, SOX, HIPAA, GDPR, CCPA, GLBA). Experience with CIS CSC, ISO 2700, or NIST CSF. Excellent written and verbal communication across all organizational levels. Strong organizational skills and ability to meet SLAs. Sound judgment and decision-making in complex scenarios. High integrity, trustworthiness, and adaptability. • Preferred Skills: Certifications such as CISSP, CISA, CRISC, or CISM. Technical experience with enterprise networks, applications, and directory services. Familiarity with enterprise GRC platforms. Travel: Up to 5% travel required. Supervisory Responsibility: This position does not have direct supervisory responsibilities. Conditions of Employment: Must be able to pass a criminal background & credit check This is a full-time, non-remote position FLSA Status: Non-Exempt We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state, or local protected class. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.