Information Systems Security Officer jobs at Oasis Systems - 136 jobs

Government IT Division REMOTE MKS2 Technologies, LLC, an award-winning high growth small business, creates innovative and customer‑centric technology solutions in the areas of Cyber Security, Instructional Design and Training, Software Engineering and IT Support Services to improve the security and well‑being of our clients. Our commitment to excellence and our “Mission First” orientation has resulted in steady growth and an expanding client base across government agencies. We have employees nationwide and for the past three consecutive years were named one of the fastest growing Veteran‑owned companies in the nation. Please take a moment to browse through our website and learn more about what it means to serve with MKS2. Senior Information System Security Engineer / Solutions Architect Location: Remote - must be within US and able to obtain Public Trust Clearance - US Citizen Pay: $100,000 - $120,000 annually (based on qualifications). Full Government benefits (W‑2) Job type: Contract We are seeking a hands‑on Senior Information System Security Engineer / Solutions Architect who will also serve as the Information System Security Engineer (ISSE) for key cybersecurity systems supporting the Department of Veterans Affairs (VA). This role is ideal for someone with deep technical engineering skills, cloud and DevSecOps experience. This individual will also lead teams to develop and implement technical solutions to remediate vulnerabilities and other complex cybersecurity challenges. Candidates will have a solutions‑oriented mindset to help the VA problem‑solve complex cybersecurity and IT challenges. The candidates should also be well‑versed with facilitating working sessions and have the ability to distill complex concepts into non‑technical/common language. The role will focus on analyzing and recommending system security architectures, vulnerability mitigation, policy‑driven compliance implementation, and full‑lifecycle support for the Department of Veteran's Affairs systems. Key Responsibilities Cybersecurity Engineering & Architecture (Primary) Analyze complex technical findings and determine necessary resources needed to solve problem‑sets across multiple cybersecurity and technical domains Partner with technical teams to develop and implement technical solutions Design, build, and deploy secure cloud‑native architectures and infrastructure components for VA information systems Develop and maintain CI/CD pipelines with integrated security scanning, policy enforcement, and remediation tools Implement secure infrastructure as code/policy as code using tools such as Terraform/CloudFormation, including writing and implementing PaC scripts Align security architectures with Federal Zero Trust strategy, VA directives, and OMB policies Enable automation of system telemetry and analytics pipelines for cyber situational awareness ISSEResponsibilities Provide engineering and technical analysis on behalf of Agency Authorizing Officials (AOs) for System Security Plans (SSPs), Risk Assessments, Security Controls Traceability Matrices (SCTMs), and POA&Ms Support system authorization and compliance activities including continuous monitoring and system audits Conduct regular and ad‑hoc analysis of security control findings and develop and implement remediation strategies Minimum Qualifications Bachelor's degree in computer science, engineering, or technical equivalent with 10 years of technical experience or a total of 18 years in lieu of education 8+ years of security engineering, DevSecOps, or cloud architecture experience Expertise in securing platforms hosted in AWS GovCloud and Azure Government Strong experience with NIST RMF, FISMA, FedRAMP, and Zero Trust architecture implementation Hands‑on skills in IaC tools like Terraform and CI/CD tools such as GitLab/Jenkins, with ability to adopt new technologies if procured by the agency Experience with network isolation tools such as Palo Alto Next Generation Firewalls (NGFW) and Juniper Mist Network Access Control (NAC) solutions or comparable Demonstrated experience securing modern applications, APIs, and automated infrastructure Excellent written and oral communication skills; ability to explain complex, technical information in easily understood terms; ability to brief Senior VA leadership regularly U.S. Citizenship and ability to obtain Public Trust clearance Preferred Qualifications Prior VA experience supporting VA OIS or major cybersecurity initiatives Experience authoring and maintaining ATO documentation in VA or HHS environments Experience with IoT/IoMT security solutions is a plus Knowledge of federal cybersecurity standards Equal Employment Opportunity Diversity creates a healthier atmosphere: MKS2 Technologies is proud to be an Equal Employment Opportunity / Affinitive Action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law. As set forth in MKS2 Technologies's Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law. Voluntary Self‑Identification For government reporting purposes, we ask candidates to respond to the below self‑identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file. #J-18808-Ljbffr

Senior Security Engineer (Must have 3-5 years exp, Google SecOps & Security Command Center Enterprise) About Ladder We saw a problem within the life insurance industry: getting covered took too long, involved too much paperwork, and required too many in-person meetings with sales agents. Having lost his father at a young age, our CEO, Jamie, was determined to make it easier for people to get the coverage they needed to provide for their families. So, we got to work. We developed a method of real-time underwriting leveraging AI and, in doing so, reduced the months-long process of applying for life insurance to minutes. Our digital experience is quick (instant decisions!), loved by users (check out our Trustpilot or Google reviews) and prolific ($74 billion+ in coverage provided). About the role We're looking for a Senior Security Engineer to help us build out our monitoring and detection capabilities. Please note, this can be a hybrid role based in our Palo Alto headquarters or a remote role based role in one of the 23 States Ladder is currently hiring in - AZ, CA, CO, CT, FL, GA, IA, KS, MA, MD, MN, NC, NH, NJ, NV, NY, OH, OR, PA, TX, VA, WA, WI. Please note, Ladder is not currently sponsoring or transferring OPT or H1-B visa's. What You'll Do Improve ongoing monitoring and detection capabilities by adding data sources, creating detections, and building workflows in Google SecOps and Security Command Center Enterprise Ensure we are protected against the latest threat by staying current on emerging security threats and actively monitoring various threat intelligence sources for latest trends, campaigns, and adversary TTPs Collaborate with our Engineering and Product teams via threat modeling and design reviews Help secure our Googlebased corporate and production environments Assist IT in manage our SaaS applications and make sure people have access to what they should and not more Iterate on cloud, network, application, personnel, and device security Assess and secure internal and external applications, APIs, and CI/CD processes Assist with SOC2 and compliance program control implementation Triage alerts and respond to security incidents Collaborate with peers and stakeholders across the company to ensure our customers are protected as best as possible at all times Who You Are 3-5 years of experience in information security, with a strong focus on application security and/or detection engineering 1-2 years of experience in information technology Working knowledge of secure coding practices, application security frameworks, and common vulnerabilities OSCP, HTB-CPTS, PNPT, eCPPTv2, or equivalent training/certs Apple workstation security experience Familiarity with Google Cloud Platform, Datadog, Google SecOps (Chronicle), JAMF Protect, etc Passion for building security tooling to enhance and automate security processes Contributions to open-source projects or communities Experience in securing AI/ML models and pipelines What We Offer Whether you work in our beautiful office in Palo Alto or remotely, Ladder is highly collaborative and fun. To support you in your role, we offer fantastic perks and benefits that reflect our mission of care and support, including: Excellent medical, dental, and vision coverage | We offer competitive healthcare and dental plans for you and your family. Flexible paid time off | Take the time that you need to rest and recharge, including our week-long winter holiday closure. Stock options | We offer competitive stock option packages to participate in the success of building Ladder. A rewarding 401k match program | We'll match up to 4% of your contributions as you save for your retirement goals. Commuter benefits | When you work from the office, you will receive pre-tax benefits for your commute and free parking. A stocked, beautiful new office | Located in downtown Palo Alto, our office was specifically designed to accommodate all working styles. We've invested in technology to support our hybrid team, plus we provide office snacks and catered lunches so that team members can work well and have fun together. Paid parental leave | We think it's crucial that new parents have time to adjust to their new lives without worrying about work, so we provide all parents inclusive of birthing, adoption, or fostering ten weeks of paid baby bonding. Work-from-home flexibility and support | We recognize that everyone's homelife is different and support remote and hybrid work. Upon joining, we provide a one‑time $500 remote office stipend for all team members and then a monthly $150 stipend to cover WFH costs such as the internet. Fun company-wide events | Whether we work locally or remotely, we genuinely enjoy spending time together. That's why we plan fun virtual and in‑person events to let loose and laugh. The base pay range targeted for this position is $140,000.00 - $184,000.00 per year. Base pay is determined by market location and may vary depending on job‑related knowledge, skills, and experience. This role is eligible for equity and benefits as shared above. Voluntary Self-Identification For government reporting purposes, we ask candidates to respond to the below self‑identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file. Voluntary Self-Identification of Disability Form CC-305 Page 1 of 1 OMB Control Number 1250-0005 Expires 04/30/2026 Why are you being asked to complete this form? We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years. Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at ****************** How do you know if you have a disability? A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to: Alcohol or other substance use disorder (not currently using drugs illegally) Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS Blind or low vision Cancer (past or present) Cardiovascular or heart disease Celiac disease Cerebral palsy Deaf or serious difficulty hearing Diabetes Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders Epilepsy or other seizure disorder Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome Intellectual or developmental disability Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD Missing limbs or partially missing limbs Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports Nervous system condition, for example, migraine headaches, Parkinson's disease, multiple sclerosis (MS) Neurodivergence, for example, attention‑deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities Partial or complete paralysis (any cause) Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema Short stature (dwarfism) Traumatic brain injury Public burden statement: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete. EEO Statement Ladder is building a diverse team of talented and enthusiastic people. We are an equal opportunity workplace. At Ladder, differences are celebrated and supported to benefit our people, products, and community. Let us know why you're interested in this position and what unique contributions you can make to the Ladder team. We look forward to hearing from you. Interested in building your career at Ladder? Get future opportunities sent straight to your email. #J-18808-Ljbffr

A leading cybersecurity company is seeking a Senior Product Manager in Foster City to bridge the gap between the Threat Research Unit and customers. In this role, you will use data analytics to prioritize the product roadmap while collaborating with Engineering and Marketing. The ideal candidate has over 5 years of product management experience in cybersecurity, exceptional communication skills, and a bachelor's degree in a related field. The salary range is $145,000 - $175,000 per year, and a competitive benefits package is offered. #J-18808-Ljbffr

The National Energy Research Scientific Computing Center (NERSC) at Lawrence Berkeley National Laboratory (LBNL) is inviting applications for the position of Cyber Security Engineer. NERSC's mission is to accelerate scientific discovery through high performance computing and data analysis for the DOE Office of Science programs. NERSC provides critical HPC and data systems and support for NERSC's 10,000 users researching alternative energy sources, climate science, energy efficiency, environmental science and other DOE mission areas. In this exciting role, you will be involved in all aspects of cyber security at NERSC, working both independently and collaboratively with the rest of the security team to monitor for malicious and unauthorized activity, perform vulnerability scanning and application security testing, participate or lead responses to security incidents, work with other NERSC staff and end-users to provide security guidance, perform security assessments and reviews, assist in the remediation or mitigation of cyber security issues, and contribute to the NERSC strategy as we move to exascale and beyond. At NERSC, you will work in a collaborative, interdisciplinary environment with opportunities to explore emerging technologies, become involved in cross-team projects, and attend NERSC seminars on a wide range of scientific and technical subjects. You will: Perform security duties including monitoring for potential threats, proactively examining network traffic and log data, investigating anomalous activity, forensic analysis, and resolution of security incidents. Support and/or lead cyber incident response activities, participating in the full incident response lifecycle, from initial detection through resolution and post-incident documentation. Maintain up-to-date awareness of cybersecurity threats and trends by monitoring a variety of information sources. Assess emerging security issues to determine risk and impact to the center, advise on appropriate response strategies, and coordinate mitigation efforts across teams. Assist with vulnerability assessment activities,including configuration of scanning tools, assessment of vulnerabilities reported from a variety of sources, prioritization and triage of discovered vulnerabilities, and working closely with NERSC staff and end users to guide remediation efforts. Participate in 24/7 on-call rotation, occasionally working outside of scheduled hours as needed. Contribute to the design and development of NERSC's security architecture, identify and address operational gaps in monitoring and detection capabilities, and help evaluate and develop new cyber security tools and technologies. Participate or lead efforts to upgrade existing systems to meet evolving needs, including the specification, purchase, installation, configuration, and deployment of new hardware and security services. Perform system administration tasks, troubleshooting, and hardware maintenance and support as needed. Help maintain and manage existing cybersecurity systems using automation tools. Develop comprehensive documentation of the team's technical systems, processes, and procedures. Develop and add new signatures to IDS and monitoring infrastructure based on emerging threats and data from past incidents, ensuring detection capabilities align with the latest attack vectors and vulnerabilities. Regularly review and refine existing rules and signatures to enhance accuracy, reducing false positives and negatives. Lead or support the design and implementation of security initiatives, including a Zero Trust strategy, that reduce and mitigate risk while continuing to enable NERSC's open science mission. Promote a strong security culture through outreach, technical consulting, and security awareness activities. Provide guidance on security best practices, assist with the implementation of security controls, and effectively communicate security policies and requirements to NERSC staff and users. Collaborate closely with NERSC system engineers and software developers to integrate cyber security tools and processes throughout the center. Conduct in-depth security reviews and risk assessments, analyzing both technical and non-technical factors to identify weaknesses in existing and proposed deployments. Document review findings in detailed reports, providing actionable recommendations for addressing identified security issues and mitigating risk. Serve as a security subject matter expert on cross-functional projects and initiatives, offering guidance based on security best practices, identifying and communicating security issues, and collaborating with others to ensure security is a key consideration across all phases of the project. Contribute to the development of cybersecurity requirements, translating high-level policy into actionable security controls and guidelines. Assist with maintaining and updating documentation in a central repository. Create technical guides, best practices, and other resources to assist NERSC staff and users in understanding. May lead technical initiatives or projects focused on advancing security in areas such as containerized environments, secure software practices, Zero Trust Architecture, and secure data movement in HPC and scientific workflows. We are looking for: Typically requires a minimum of 8 years of related experience with a Bachelor's degree; or 6 years and a Master's degree; or equivalent experience. Experience administering Linux/Unix systems or configuring network security devices. Experience using cybersecurity tools and technologies, such as intrusion detection/prevention systems, firewalls, SIEM platforms, or vulnerability scanners, with demonstrated proficiency in at least one. Experience designing, implementing, and maintaining network traffic capture and monitoring solutions for complex, high-speed network environments. Experience performing or supporting incident response activities, including investigation, analysis, containment, and resolution of incidents. Experience collecting, parsing, and analyzing log and telemetry data from a variety of systems (e.g., servers, network devices, user sessions) to detect and respond to incidents. Experience leading the implementation or administration of IT infrastructure, leading projects or teams, or providing technical direction for operations or security initiatives. Experience developing scripts or programs in Python, Shell, C, C++, or similar languages. Knowledge of common security vulnerabilities and mitigations, attacker TTPs and associated detection methods, and an understanding of core cybersecurity principles. Demonstrated ability to work in a Linux or UNIX environment, primarily at a Command Line Interface (CLI). Ability to troubleshoot and resolve complex issues where analysis of situations or data requires an in-depth evaluation of variable factors. In-depth knowledge of network security and upper-layer protocols. Ability to network and collaborate with key contacts beyond one's area of expertise, and to work effectively both independently and within interdisciplinary teams. Ability to manage multiple tasks and respond to rapidly changing priorities. Excellent oral and written communication skills. Desired skills/knowledge: Experience working in High Performance Computing, higher education, or research environments. Experience implementing Zero Trust architectures, securing container platforms and workloads, or integrating security into development and deployment processes. Experience conducting policy compliance activities, such as auditing against cybersecurity frameworks (e.g., NIST, ISO 27001, CIS Controls), and performing vulnerability or risk assessments. Experience securing large-scale computing or open network environments with broadly accessible infrastructure. Familiarity with configuration automation tools such as puppet or ansible. Knowledge of dual-stack (IPv4/IPv6) and IPv6-only network environments, including common security challenges and strategies. Knowledge of API security, including secure API design principles and familiarity with OAuth 2.0, JWT, and API key management. Understanding of secure coding practices, with the ability to review source code for vulnerabilities and collaborate with development teams on secure solutions. Knowledge of data analytics, machine learning, or statistical models and their application to security analysis. We're here for the same mission, to bring science solutions to the world. Join our team and YOU will play a supporting role in our goal to address global challenges! Have a high level of impact and work for an organization associated with 17 Nobel Prizes! Why join Berkeley Lab? We invest in our employees by offering a total rewards package you can count on: Exceptional health and retirement benefits, including pension or 401K-style plans Opportunities to grow in your career - check out our Tuition Assistance Program A culture where you'll belong - we are invested in our teams! In addition to accruing vacation and sick time, we also have a Winter Holiday Shutdown every year. Parental bonding leave (for both mothers and fathers) Pet insurance Additional information: Appointment type: This is a full-time, career appointment, exempt (monthly paid) from overtime pay. Salary range: The expected salary for this position is $156,864 - $191,724, which fits into the full salary of $139,440 - $235,308 depending upon the candidate's skills, knowledge, and abilities. This includes education, certifications, and years of experience. Background check: This position is subject to a background check. Any convictions will be evaluated to determine if they directly relate to the responsibilities and requirements of the position. Having a conviction history will not automatically disqualify an applicant from being considered for employment. Work modality: This position requires substantial on-site presence, but is eligible for a flexible work mode, and hybrid schedules may be considered. Hybrid work is a combination of performing work on-site at Lawrence Berkeley National Lab, 1 Cyclotron Road, Berkeley, CA and some telework. Individuals working a hybrid schedule must reside within 150 miles of Berkeley Lab. Work schedules are dependent on business needs. Want to learn more about working at Berkeley Lab? Please visit: careers.lbl.gov Equal Employment Opportunity Employer: The foundation of Berkeley Lab is our Stewardship Values: Team Science, Service, Trust, Innovation, and Respect; and we strive to build community with these shared values and commitments. Berkeley Lab is an Equal Opportunity Employer. We heartily welcome applications from all who could contribute to the Lab's mission of leading scientific discovery, excellence, and professionalism. In support of our rich global community, all qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, protected veteran status, or other protected categories under State and Federal law. Berkeley Lab is a University of California employer. It is the policy of the University of California to undertake affirmative action and anti-discrimination efforts, consistent with its obligations as a Federal and State contractor. Misconduct Disclosure Requirement: As a condition of employment, the finalist will be required to disclose if they are subject to any final administrative or judicial decisions within the last seven years determining that they committed any misconduct, are currently being investigated for misconduct, left a position during an investigation for alleged misconduct, or have filed an appeal with a previous employer. #J-18808-Ljbffr

A prominent scientific computing center is looking for a Cyber Security Engineer to enhance their security measures. In this role, you will monitor for security threats and manage incidents while working collaboratively in a team. This position requires extensive experience in cybersecurity, especially in Linux/Unix environments, and offers opportunities to engage with emerging technologies within the field of high-performance computing. Join a team dedicated to scientific discovery and innovation in a high-impact role. #J-18808-Ljbffr

A rapidly growing compliance technology firm in San Francisco seeks a Security Engineer to establish internal security controls and manage penetration testing. Ideal candidates possess 3-5 years of security engineering experience, familiarity with Cloud security, and a strong problem-solving mindset. The role offers a competitive salary of $125,000 - $300,000 plus benefits, and the opportunity to be part of a dynamic team focused on eliminating compliance busywork. #J-18808-Ljbffr

About Us Delve is building an AI-native platform that transforms compliance from tedious, manual work into effortless, automated workflows. We're the fastest growing compliance company on the market. Delve helps 100s of companies save 100s of hours (e.g. Lovable, 11x, WisprFlow) by eliminating compliance busywork and helping them focus on what matters - securely supporting their customers. Our team is a tight‑knit group of builders-former founders, operators, and engineers-obsessed with solving real problems for real customers. We come from Stanford, MIT, Berkeley, OpenAI, and international olympiads. Backed by Insight Partners, General Catalyst, Y Combinator, and top‑tier investors, we just raised our 32M Series A and are scaling quickly! One step at a time, we're on a mission to eliminate busywork for humanity. The Role As our first Security Engineer, you'll wear multiple hats in this high‑impact position. You'll be responsible for establishing and managing our internal security controls, infrastructure, and processes while leading our penetration testing efforts and occasionally participating in customer conversations to provide technical expertise. This is a unique opportunity to build security foundations from the ground up at a company that deeply understands the security landscape. Key Responsibilities Design, implement, and maintain comprehensive security controls across our infrastructure and operations Set up and manage essential IT security tools including endpoint protection, SIEM, identity management, and monitoring systems Conduct security assessments, vulnerability management, and incident response Ensure compliance with relevant frameworks (SOC 2, ISO 27001, etc.) to support customer trust and sales efforts Manage access controls, privileged accounts, and security awareness training programs Plan, execute, and document internal penetration tests across applications, infrastructure, and networks Manage and coordinate a small team of internal and external penetration testing contractors Develop internal penetration testing capabilities and methodologies Participate in customer security discussions and technical deep‑dives during sales processes Support customer onboarding by addressing security questions and requirements Provide technical expertise during customer calls when security architecture questions arise What We're Looking For Required Qualifications 3-5 years of hands‑on security engineering or IT security experience Proven penetration testing experience with ability to perform manual testing across web applications, networks, and cloud environments Experience managing security contractors or external testing teams Extremely comfortable using AI tools for productivity and security tasks, including AI‑powered red team tools and security testing platforms Strong background in cloud security (AWS, Azure, or GCP) and infrastructure security Experience with identity and access management, network security, and endpoint protection Demonstrated ability to work independently and drive initiatives in fast‑paced startup environments Excellent communication skills with ability to explain technical concepts to both technical and non‑technical audiences Self‑starter mentality with strong problem‑solving abilities and attention to detail Preferred Qualifications Experience at early‑stage startups or high‑growth technology companies Background in AI/ML security considerations and challenges Relevant security certifications (OSCP, CISSP, CISM, Security+, CEH, etc.) Experience with compliance frameworks and audit processes Previous customer‑facing experience in technical roles Familiarity with DevSecOps practices and security automation tools Understanding of B2B SaaS security requirements and customer expectations Experience with automated penetration testing tools and frameworks Background in managing vendor relationships and security service providers Why In‑Person SF Matters You'll work shoulder‑to‑shoulder with an exceptional team: Ex‑Stanford, MIT, and Berkeley engineers with dozens of papers International Olympiad winners and medalists Ex‑OpenAI engineers with 10+ years of domain expertise for mentorship Ex‑Google DeepMind engineers Former founders who've closed $500k in revenue at 19 and hired 40+ people Decisions happen live, not in backlogged async threads A players work with A players. There's a buzzing energy in the office. Hit the whiteboard with anyone here and you'll understand why. Benefits Compensation: $125,000 - $300,000 annually, plus equity, comprehensive benefits, and professional development budget. 100% medical, dental & vision coverage (for you; partial for dependents) 401k with employer match Unlimited PTO + federal holidays GrubHub stipend + all meals covered in‑office Gym membership covered Frequent team dinners, events, and off‑sites The opportunity to eliminate busywork for humanity #J-18808-Ljbffr

A technology company is seeking a Senior Security Engineer to enhance its security monitoring and detection processes. This role requires 3-5 years of experience in information security, focusing on application security and detection engineering. Candidates will work collaboratively, ensuring the protection of corporate environments. The position offers flexibility to work from the office in Palo Alto or remotely across multiple states. Excellent benefits include competitive healthcare, stock options, and a supportive work environment. #J-18808-Ljbffr

* Collaborates closely with Engineering leaders, Architecture, Security, and external partners* Minimum 15+ years of software engineering experience* Minimum 10+ years of leading efforts or processes in a Technology organization, with deep experience architecting or scaling payment systems, digital asse* Demonstrated experience with payment networks, FX, liquidity, and reconciliation systems* Experience with smart contract design, auditing, threat models, and security best practices**CURRENT EMPLOYEES: Apply for open positions via Job Hub in your Workday Account.** for an assistance request.E-Verify***.***## Privacy Notice***Effective:** May 2, 2025*This privacy notice is intended to inform California residents of the personal information we collect, how it's used and disclosed, and the rights you have in regard to such information.Click below for the full privacy notice #J-18808-Ljbffr

About Radiant Security We're a SF Bay Area Cyber AI startup. Our vision is simple: enable all security teams to perform security operations with the efficiency and effectiveness needed to prevent breaches . We're a small team of researchers and engineers with a deep focus in cyber and AI. Our product automates the triage for any security alert leveraging deep research, big data and dozens of AI Agents. Join us and boost your career with hands‑on AI experience. The Role As an AI Security Context Engineer, you'll sit at the intersection of cybersecurity expertise and applied AI. Your mission is to translate deep security understanding into actionable context that teaches Radiant's AI agents how to think, reason, and triage real‑world security investigations. You'll partner closely with our AI research, engineering, and product teams to define how modern attacks should be interpreted, how alerts should be enriched, and how investigations should unfold across dozens of agentic steps. The work you do directly shapes the quality and accuracy of Radiant's autonomous investigations - this is one of the most critical roles in the company and central to our core value proposition. This is a rare opportunity to bring your SOC and detection experience into an AI‑forward environment, contribute to the next evolution of security automation, and build systems used by teams around the world. What problems will you be working on? Turning complex security signals (SIEM, EDR, IPS, cloud security logs, etc.) into high‑quality AI reasoning that powers fully automated investigations Translating attacker behaviors and TTPs into teachable patterns for AI agents to detect, correlate, and triage threats Defining the logic behind multi‑step agentic investigation workflows - which signals the AI should examine/compare, why, and how it should decide next steps Closing context gaps that break investigations, improving outcomes by shaping the “security intuition” of the model Stress‑testing AI reasoning end‑to‑end to ensure it mirrors how top SOC analysts think when handling real incidents What you'll do Shape how Radiant's AI agents think: translating real SOC workflows, attacker behaviors, and detection patterns into the reasoning that drives automated investigations Design and refine multi‑step investigation logic, curating which signals matter, how alerts should be enriched, and how AI agents decide next steps Evaluate and improve AI decision‑making and stress‑testing agentic workflows to ensure they replicate how top analysts actually investigate potential incidents Work with a modern, cloud‑native AI stack and have direct impact on one of the most critical components of Radiant's platform Develop a stronger understanding of agentic AI and how it is leveraged for detection and analysis Things we're looking for An undergraduate degree in computer science Experience as a security analyst in an operational capacity Having previously worked for security product companies (startups are a plus) A working knowledge of adversarial TTPs, malware infrastructure, and the malware economy Have previously worked hands‑on with a variety of security detection technologies that are part of a robust security program (SEIM, IPS, WAF, EDR) Past, relevant experience with cloud security technologies A track record of providing security subject matter expertise and guidance to people who are not security experts Benefits Generous equity package Unlimited PTO (take time when you need it) Top‑of‑market salary Great healthcare The process We're a startup and we're making decision quickly. Our process is designed to give you the best glimpse of our team and allow us to evaluate your technical and culture fit. Step 1: Executive interview + Technical interview Step 2: Virtual On Site: Technical and Leadership interviews #J-18808-Ljbffr

A cutting-edge cybersecurity startup in San Francisco is seeking an AI Security Context Engineer to shape how AI agents think and drive automated investigations. This role bridges cybersecurity expertise with AI application, translating complex security signals into actionable context for effective investigations. Ideal candidates should possess security analyst experience, a computer science degree, and familiarity with security detection technologies. Competitive salary and generous benefits, including equity and unlimited PTO, are provided. #J-18808-Ljbffr

A global consulting firm is seeking a Senior Consultant in Offensive Security to enhance client security through proactive threat assessments and vulnerability management. The successful candidate will manage penetration testing, lead response efforts, and collaborate with teams to streamline security initiatives. A minimum of 5 years of relevant experience and proficiency in scripting languages are required. This role offers competitive compensation and a supportive, inclusive environment in which to thrive. #J-18808-Ljbffr

A global consulting firm is seeking a Senior Consultant in Offensive Security to lead penetration testing and security assessments. In this role, you will manage testing projects, develop strategies to mitigate vulnerabilities, and collaborate with cybersecurity teams to enhance client safety. Candidates should have a Bachelor's degree, at least 5 years of relevant experience, and proficiency in scripting languages. The role offers a competitive salary and comprehensive benefits in a flexible work environment. #J-18808-Ljbffr

AArete is one-of-a-kind when it comes to consulting firm culture. We're a global, innovative management and technology consulting firm, with offices in the U.S., India, and the U.K. Our name comes from the Greek word for excellence: "Arete." And excellence is exactly what we strive for. Our success starts with enriching and empowering our people. From robust career development planning to competitive life and wellness benefits, AArete's "Culture of Care" takes a holistic approach to the employee experience. AAretians (our team members) are leaders at every level. You are encouraged to unlock your full potential by directly contributing to our mission and prioritizing space for personal development and fulfillment. The Role AArete is looking for an Information Security Engineer. You are highly technical with an entrepreneurial spirit and commitment to excellence. You thrive in a team environment and have the ability to flip tasks and priorities midstream because you love an exciting challenge. The bar is set high at AArete. There is a lot to do around here, and you love getting the job done right. At AArete, we are dedicated to delivering the best experience to our clients every day. We are fresh, passionate, full of energy, and love what we do-providing non-labor cost reduction solutions and impressing our clients with impeccable service. Work You'll Do Manage and optimize security technologies, including endpoint protection tools, email security tools, vulnerability scanners, and Siems Provide support, administration, and maintenance necessary to ensure effective and efficient information technology system performance and security Identify, analyze, and mitigate threats to internal information technology systems or networks Maintain baseline system security according to organizational policies Manage accounts, network rights, and access to systems and equipment Design access control lists to ensure compatibility with organizational standards, business rules, and needs Provide ongoing optimization and problem-solving Analyze data sources to provide actionable recommendations Assess the validity of source data and subsequent findings Present technical information to technical and non-technical audiences Present data in creative formats Provide actionable recommendations to stakeholders based on data analysis and findings Oversee installation, implementation, configuration, and support of system components Answer requests for information Conduct in-depth research and analysis Provide input and assist in the development of plans and guidance Maintain infrastructure within a cloud environment Other duties as assigned Requirements 2+ years of experience working in an information security role Experience with tools such as Sentinel One, Microsoft Defender, Mimecast, Rapid7 IDR, AWS Native Security Services, Microsoft Purview, Microsoft Intune, vRx (Vicarius) or similar Direct client interaction, including possible travel to client location Applicants must be based in Chicago, IL, and flexible to work from our Chicago office as needed Must be legally authorized to work in the United States without the need for employer sponsorship Preferred Requirements Technology-focused degree Professional certifications such as GSEC, SSCP, Security+, SC-200, SC-400 or others Compensation & Benefits Flexible PTO, monthly half-day refuels, volunteer time off, 10 paid holidays Own Your Day flexible work policy Competitive majority employer-paid benefits: Medical, Dental, Vision, 401K Match Generous paid parental leave options Employer paid Life Insurance, STD, LTD Charitable contribution matching program New client commission opportunities and referral bonus program Bike share discount program The estimated base salary range for this position is $72,000 - $92,000. In addition to this base salary, individuals may be eligible for an annual discretionary bonus. This range is a part of a competitive, total compensation package together with our majority employer-paid benefits and incentive pay for eligible roles. Please note that this range is a guideline and individual total compensation may vary due to numerous factors including but not limited to experience level, certifications, and other relevant business considerations. AArete will accept applications until the position is filled. The job posting will be removed once the role is no longer available. We put humans at the center of our work We're a global management and technology consulting firm specializing in strategic profitability improvement, digital transformation, and strategy & change for clients. Our cross-industry solutions are powered by a digital-first mindset, market intelligence, and data-driven approach to deliver purposeful change, actionable insights, and guaranteed results. But what sets us apart is our people. We are guided by our deeply embedded guiding principles: Excellence, Passion, Loyalty to Clients, Stewardship, Family, Community, Sustainability, and Inclusion. And we've been recognized as a top firm to work for by companies like Forbes, Top Workplaces Chicago Tribune, and Consulting Magazine. We've earned a Great Place to Work Certification and been named a World's Best Management Consulting Firm by Forbes, Vault's Top 50 Firms to Work For, Crain's Chicago Business Fast 50, Inc 5000's Fastest Growing Firms, and Consulting Magazine's Fastest Growing Firms. Learn more about our award-winning culture We are an Equal Employment Opportunity Employer All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. #LI-DNI

Your Role This role supports Stellarus within the Ascendiun Family of Companies. The Risk Management & Controls Assurance team delivers actionable insights by quantifying IT and business risk to increase resilience while driving a security culture. We are seeking an Information Security Risk & Governance Specialist who will report to the Senior Manager. The successful candidate will be a seasoned and strategic professional who will lead the development, implementation, and oversight of our Third-Party Risk Management (TPRM) program. This senior-level individual contributor will be responsible for identifying, assessing, and mitigating risks associated with third-party relationships across the enterprise, ensuring compliance with regulatory requirements and alignment with organizational risk tolerance. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow - personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning. Your Knowledge and Experience Requires a bachelor's degree or equivalent experience Requires at least 10 years of prior relevant experience Experience in portfolio management, preferably within an Agile or SAFe environment, JIRA experience a plus Experience partnering with all levels of management required Driven, energetic, team player with superior oral and written communication skills Strong analytical, organizational, and project management skills. Requires deep understanding of IT control frameworks; Artificial Intelligence experience is a plus Desire one or more of the following: CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional) Your Work In this role, you will: Program Leadership & Governance Design and implement a robust Third-Party Risk Management (TPRM) Program using tailored to healthcare regulatory and health technology requirements. Develop and maintain policies, procedures, and standards for third-party risk oversight. Establish governance structures and reporting mechanisms to ensure transparency and accountability. Risk Assessment & Due Diligence Implement and conduct comprehensive risk assessments for new and existing third-party vendors, focusing on cybersecurity, data privacy, financial stability, and operational resilience. Collaborate with procurement, legal, compliance, and business units to ensure thorough due diligence and contract risk mitigation. Define and maintain risk tiers and criticality ratings for vendors. Develop and support contract reviews for security exhibits. Implement and lead process for responding to IT and security questionnaires (sales, etc.) Ongoing Monitoring & Issue Management Implement continuous monitoring processes for high-risk and critical vendors. Track and manage remediation activities for identified risks and control gaps. Maintain a centralized inventory and reporting of third-party relationships and associated risk profiles. Conduct third-party outreaches for incidents Regulatory Compliance & Audit Support Prepare documentation and evidence for internal audits, regulatory exams, and board-level reporting. Monitor changes in regulatory requirements and adjust program components accordingly. Stakeholder Engagement & Training Serve as a subject matter expert and advisor to internal teams on third-party risk topics. Develop and deliver training programs to increase awareness and accountability across the organization. Facilitate cross-functional collaboration to enhance risk visibility and response. Technology & Automation Evaluate and implement third-party risk management platforms and tools. Drive automation and process improvements to enhance program efficiency and scalability.

Your Role This role supports Stellarus within the Ascendiun Family of Companies. The Risk Management & Controls Assurance team delivers actional insights by quantifying IT and business risk to increase resilience while driving a security culture. We are seeking an Information Security Risk & Governance Specialist who will report to the Senior Manager. The successful candidate will be a highly experienced and proactive professional to lead regulatory compliance initiatives across the organization, with a focus on healthcare and technology-related standards. This senior individual contributor will be responsible for overseeing assessments and audits related to HIPAA, PCI-DSS, SOC 2, and other applicable frameworks, ensuring the organization maintains a strong security posture and meets all regulatory obligations. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow - personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning. Your Knowledge and Experience Requires a bachelor's degree or equivalent experience Requires at least 10 years of prior relevant experience Experience in portfolio management, preferably within an Agile or SAFe environment, JIRA experience a plus Experience partnering with all levels of management required Driven, energetic, team player with superior oral and written communication skills Strong analytical, organizational, and project management skills. Requires deep understanding of IT control frameworks; Artificial Intelligence Risk Management Framework is strongly preferred Desire one or more of the following: CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional) Your Work In this role, you will: Regulatory Program Leadership Serve as the primary point of contact for external audits, assessments, and regulatory inquiries. Develop and maintain compliance documentation, including policies, procedures, control matrices, and evidence repositories. Build plan and lead required assessments to comply with mandates and certifications (HIPAA, PCI DSS, SOC II, Type 2, etc.). Assessment & Audit Management Conduct internal gap analyses and risk assessments to identify areas of non-compliance or control weaknesses. Track and report on audit findings, remediation efforts, and compliance status to senior leadership. Cross-Functional Collaboration Partner with teams across the enterprise to ensure alignment with regulatory requirements and enterprise risk objectives. Provide subject matter expertise during product development, vendor onboarding, and system implementations to ensure compliance is embedded in processes. Policy & Control Frameworks Partner to maintain and enhance internal control frameworks aligned with regulatory standards and industry best practices (e.g., NIST, HITRUST, ISO 27001). Partner to ensure policies and procedures are up-to-date and reflect current regulatory expectations and organizational practices. Monitoring & Reporting Implement continuous monitoring processes for key compliance controls, findings and mitigation plans. Prepare and present compliance metrics, dashboards, and executive summaries to leadership and governance committees.

Your Role This role supports Stellarus within the Ascendiun Family of Companies. The Risk Management & Controls Assurance team delivers actionable insights by quantifying IT and business risk to increase resilience while driving a security culture. Reporting to the Senior Manager, in this role, we are seeking a highly experienced and strategic individual contributor to lead the development, implementation, and governance of our enterprise-wide Business Continuity and Disaster Recovery (BC/DR) program. This role will be responsible for ensuring organizational resilience through effective planning, risk assessment, and coordination across business units and technology teams. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow - personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning. Your Knowledge and Experience Requires a bachelor's degree or equivalent experience Requires at least 10 years of prior relevant experience Experience in portfolio management, preferably within an Agile or SAFe environment, JIRA experience is a plus Experience partnering with all levels of management required Driven, energetic, team player with superior oral and written communication skills Proven track record of leading enterprise BC/DR programs in complex environments Requires deep understanding of BC/DR frameworks, methodologies, and technologies. Strong analytical, organizational, and project management skills. Ability to work independently and influence cross-functional teams. Desire one or more of the following: CBCP (Certified Business Continuity Planning Professional)- highly desired, CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional) Your Work In this role, you will: Program Development & Governance Design and implement a comprehensive Business Continuity (BC)/Disaster Recovery (DR) framework aligned with industry standards (e.g., ISO 22301, NIST SP 800-34), including an incident command center. Establish governance structures, policies, and procedures to support BC/DR initiatives. Develop and maintain BC/DR program documentation, including charters, plans, and metrics Establish and implement critical technology to support management of plans and alerts for enterprise Risk Assessment & Impact Analysis Conduct Business Impact Analyses (BIAs) and risk assessments to identify critical business functions and dependencies. Collaborate with stakeholders to define Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs). Plan Development & Maintenance Lead the creation and maintenance of Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) across departments. Ensure plans are updated regularly to reflect changes in business operations, technology, and risk landscape across departments. Develop and implement an incident command center, includes but not limited to, defining playbooks, critical roles and responsibilities, plan and roadmap. Testing & Exercises Design and execute BC/DR testing strategies, including tabletop exercises, failover tests, and full-scale simulations. Analyze test results and drive continuous improvement initiatives. Identify and assign high risk findings to be addressed by owners Audit & Compliance Ensure compliance with regulatory requirements, association mandates, and internal audit standards. Prepare and present reports to senior leadership and auditors. Vendor & Third-Party Coordination Assess and coordinate with third-party BC/DR capabilities and ensure alignment with organizational standards.

Job Description Information Security Specialist III Position Type: Full-time Salary Range: $145,000 - $170,000 requires active security clearance Years of Experience: 10+ years experience Roles and Responsibilities: This role is a senior cybersecurity professional responsible for ensuring the secure design, implementation, testing, and operation of advanced airborne communication systems used in military and defense applications. This role combines expertise in both tactical data links and comprehensive information security, typically within the DoD Risk Management Framework (RMF). Requirements Minimum ten (10) years' of demonstrated technical experience in Cybersecurity, Engineering, Test & Evaluation, of Assessment & Authorization (A&A) within the last fifteen (15) years including: Assist or develop system security policy and ensure compliance with change management and configuration control processes. Plan and coordinate IT security program and policies supporting command leadership mission and goals. All phases of Information Assurance (IA) evaluations involving Communications Security (COMSEC) and Cryptologic Material Systems (CMS) for ATDL systems and training for COMSEC ATDL military systems, including: Secure data unit design, integration, and test Modernized cryptographic policy administration and implementation Cryptographic keying materials and keys Security Verification Testing Platform Cybersecurity and TEMPEST testing Desired Skills/Qualifications: Ten (10) years of demonstrated technical experience to include: Management and issuance of keymat to operational, test, and allied communities; acting as the alternate Advanced Tactical Data Links Keymat Controlling Authority (CONAUTH). U.S. Naval Fleet technical data calls, working groups, and action items related to initial implementation of ATDL cryptographic components. Benefits Paid Vacation, Sick Time and Holidays Medical, Dental, Life and Disability Insurance 401K with Employer Contribution Matching Service Disabled Veteran Owned Business Equal Opportunity Employer ISO 9001:2015 Certified Company ***************

Information Security Specialist III Position Type: Full-time Salary Range: $145,000 - $170,000 requires active security clearance Years of Experience: 10+ years experience Roles and Responsibilities: This role is a senior cybersecurity professional responsible for ensuring the secure design, implementation, testing, and operation of advanced airborne communication systems used in military and defense applications. This role combines expertise in both tactical data links and comprehensive information security, typically within the DoD Risk Management Framework (RMF). Requirements Minimum ten (10) years' of demonstrated technical experience in Cybersecurity, Engineering, Test & Evaluation, of Assessment & Authorization (A&A) within the last fifteen (15) years including: Assist or develop system security policy and ensure compliance with change management and configuration control processes. Plan and coordinate IT security program and policies supporting command leadership mission and goals. All phases of Information Assurance (IA) evaluations involving Communications Security (COMSEC) and Cryptologic Material Systems (CMS) for ATDL systems and training for COMSEC ATDL military systems, including: Secure data unit design, integration, and test Modernized cryptographic policy administration and implementation Cryptographic keying materials and keys Security Verification Testing Platform Cybersecurity and TEMPEST testing Desired Skills/Qualifications: Ten (10) years of demonstrated technical experience to include: Management and issuance of keymat to operational, test, and allied communities; acting as the alternate Advanced Tactical Data Links Keymat Controlling Authority (CONAUTH). U.S. Naval Fleet technical data calls, working groups, and action items related to initial implementation of ATDL cryptographic components. Benefits Paid Vacation, Sick Time and Holidays Medical, Dental, Life and Disability Insurance 401K with Employer Contribution Matching Service Disabled Veteran Owned Business Equal Opportunity Employer ISO 9001:2015 Certified Company ***************