Security Engineer jobs at RELX

Our client seeks a motivated Senior Network Security Architect with a focus on Google Cloud Platform (GCP) to join their engineering team. If you excel in dynamic environments and are committed to skill enhancement, this role offers an exciting opportunity. Job Type: Contract (12 months with possibility for extension) Location: Hybrid in the following locations - Phoenix, AZ; Palo Alto, CA; Salt Lake City, UT; Sunrise, FL; New York, NY This position is not eligible for visa sponsorship. Responsibilities Contribute to the design, build, and maintenance of modern on-prem cloud platforms. Review existing tools, applications, and processes to strengthen current capabilities and identify areas for improvement. Assist in providing technical recommendations, documentation, and reporting to support leadership, business, and technology teams. Ensure reliable and predictable deployment and maintenance of distributed systems adhering to security best practices. Responsible for the stability and performance of critical business services. Operate efficiently within a highly skilled and agile engineering team. Participate in production support and on-call rotations. Skills and Experience Minimum of 5 years of experience designing and implementing cloud-based enterprise architecture. Proficiency working with cloud providers including GCP, AWS, Azure, OCI, Alibaba, Digital Ocean, Vultr, Linode. Proven ability to create highly professional, accurate, and comprehensive solutions documentation representing solution architecture, design, implementation planning or other solution lifecycle events. Experience in the design and maintenance of modern on-prem cloud platforms. Knowledge of reliable and predictable deployment and maintenance of distributed systems following security best practices. Demonstrable understanding of technology standards and standards organizations and their relationship to enterprise information security postures. Experience implementing, configuring, and managing Physical/Virtual Firewalls, IDS/IPS, IAM, DDoS mitigation, and NIST standards. Experience with automation tools such as Terraform, Ansible, Puppet, GIT, Jenkins, and Bash scripting. Familiarity with Agile / Sprint based lifecycle and related ceremonies. Preferred: Proficiency in Global Data Centers, Corporate office, Public/Private Cloud, and Hybrid Multi-Cloud/On-Prem architectures. Proficiency in Internet, VPN, LAN, WAN, SD-WAN, MPLS, Firewalls, Load Balancers, Routing, Switching, Wireless, VoIP, CDN, OTT, IPSec. Familiarity with Cisco, Arista, Juniper, Brocade, Palo Alto, F5, A10, Silver Peak vendors. Understanding of Well Architected Framework principles, Commercial regions, GovCloud, and Multi-Cloud Interconnectivity. Experience with cloud services such as VPC, EC2, ELB, VGW, Direct Connect, Direct Connect Gateway, Transit Gateway, Peering, SiteLink, MegaPort, Marketplace solutions, Compute (Linux/Windows), Virtualization, and Containerization. CISSP, CISA, CISM, or other related certification.

About the Role We are seeking a highly strategic and business-minded Business Information Security Officer (BISO) to serve as the primary liaison between our enterprise security organization and key business units. As a Fortune 100 company operating at global scale, we manage complex distribution and supply chain environments that require world-class security, risk governance, and operational excellence. The BISO will help shape and execute a unified security strategy that aligns with business objectives, ensures regulatory compliance, and strengthens our cyber resilience across a diverse technology and operational footprint. Key Responsibilities Strategic Security Leadership Act as the trusted security advisor to senior business leadership, translating technical risks into clear business impacts. Drive alignment between corporate security strategy and business-unit initiatives, ensuring security enables-not hinders-innovation and growth. Represent business needs within enterprise cybersecurity governance forums. Risk Management & Compliance Identify, assess, and prioritize cybersecurity risks across business units, including emerging threats to distribution operations, supply chain systems, and large-scale logistics platforms. Ensure compliance with internal policies, industry standards, and regulatory frameworks (e.g., NIST CSF, ISO 27001, SOX, PCI, data privacy regulations). Oversee remediation plans and ensure timely closure of audit and assessment findings. Program & Policy Execution Support implementation of enterprise-wide security programs (IAM, data protection, vulnerability management, cloud security, OT/ICS security, incident response). Champion best practices for secure architecture, application development, and third-party vendor management. Coordinate with IT, OT, and business operations teams to drive adoption of security controls across complex distributed environments. Incident Response & Business Continuity Liaise between business leadership and Cyber Incident Response teams during major incidents or disruptions. Ensure business units are prepared with effective response plans, communication protocols, and recovery strategies. Stakeholder Engagement & Education Build strong partnerships with executives, technology leaders, and operational teams. Deliver targeted security awareness and training for business units. Communicate risk posture and security metrics to leadership through dashboards, reports, and briefings. Qualifications Required 8+ years of experience in cybersecurity, risk management, or information security leadership roles. Proven experience supporting large-scale, distributed enterprise environments (preferably in supply chain, logistics, distribution, or retail). Strong understanding of cybersecurity frameworks, governance, and risk methodologies. Ability to interact with C-suite executives, translate complex technical issues into business language, and influence decision-making. Experience coordinating cross-functional initiatives in complex, highly regulated organizations. Preferred Experience within a Fortune 100 or Fortune 500 corporate environment. Background working with OT/ICS, distribution center technologies, or supply-chain automation systems. Relevant certifications: CISSP, CISM, CRISC, CISA, CGEIT, or similar. Bachelor's degree in Cybersecurity, Information Systems, Business, or related field; Master's degree a plus. Competencies Executive communication and presentation skills Strategic thinking with strong business acumen Ability to drive change across matrixed organizations Strong analytical, risk evaluation, and problem-solving capabilities Collaborative leadership with a focus on partnership and enablement Why Join Us? Influence security strategy at a world-class, Fortune 100 distribution leader High-visibility role with direct impact on enterprise risk posture Opportunity to shape security across cutting-edge logistics, cloud, data, and automation platforms Competitive compensation, comprehensive benefits, and career growth at a global scale

The Company Privately held company headquartered Northern Massachusetts (Rt 495) the company operates an integrated light manufacturing and distribution center, with two third-party overflow warehouses in the U.S. With approximately $150 million in annual revenue, over 450 employees. The Position The company is seeking a Director of Information Technology & Security to be responsible for leading the company's technology foundation across IT operations, infrastructure, cybersecurity, and software engineering. This senior leader will oversee the day-to-day performance, reliability, security, and efficiency of all IT systems and services, while ensuring the successful delivery of custom software solutions that support manufacturing and broader business operations. Reporting to the Chief Technology Officer, this role will also serve as a member of company's Senior Leadership Team. The Director will partner closely with the Director of Digital Transformation and the Director of the Project Management Office (PMO) to drive innovation and digital transformation initiatives, ensuring that technical execution aligns with business goals. As a senior technology leader, this individual will provide leadership continuity and support executive decision-making when needed, helping to keep operations and strategic initiatives on track. The Director of Information Technology & Security will provide strategic and operational leadership across IT infrastructure, cybersecurity, and software engineering to ensure reliable, secure, and high-performing technology services. This individual will guide the evolution of Company's technology environment, strengthen system reliability and security, and enable scalable digital capabilities that support the needs of a growing manufacturing organization. The Director will also provide strategic guidance to the CTO on operational and technical matters, contributing to long-term IT strategy, technology roadmaps, and budget planning, while championing continuous improvement through analysis of incident trends and service performance. Through cross-functional collaboration and forward-looking leadership, the Director will help ensure Company's technology ecosystem remains robust, efficient, and positioned for long-term success. Principal Responsibilities & Duties: Lead IT operations, including infrastructure, networking, system administration, and the Help Desk, ensuring high availability, performance, security, and timely issue resolution while managing IT assets across their lifecycle. Expand and mature IT service management (ITSM) processes and enforce SLAs/OLAs, driving accountability, continuous improvement, capacity planning, availability management, and disaster recovery aligned with business continuity goals. Serve as the senior cybersecurity leader, overseeing policies, controls, incident response, and compliance to protect company systems and data. Provide strategic direction and leadership for software engineering, managing development projects, automation, systems integration, and the Software Development Manager while fostering a high-performance, collaborative culture. Partner with the Directors of Digital Transformation and PMO to align IT operations and development with innovation priorities, including AI adoption, factory floor automation, advanced analytics, process optimization, and timely project delivery The Candidate The company is seeking an experienced and strategic Director of Information Technology & Security to lead and evolve their technology foundation in support of our growing manufacturing organization. The ideal candidate will be an experienced and strategic technology leader with a strong background in IT operations, cybersecurity, infrastructure management, and software engineering. The company seeks a collaborative, proactive, and adaptable leader who can drive operational excellence while fostering innovation and cross-functional alignment. This individual will have a proven track record of leading high-performing IT teams, navigating both operational and project-based work, and influencing stakeholders across departments to deliver measurable results. This role requires a hands-on, customer-focused, and risk-conscious leader with excellent communication and collaboration skills. A successful candidate will bring strong problem-solving abilities, curiosity, accountability, and a stakeholder-centric mindset, while integrating IT operations with digital transformation initiatives, manufacturing systems, and ERP platforms. This is a flexible hybrid role, with an expectation of at least three days per week in office. During the initial six months, on-site presence will be required four to five days per week to support onboarding and integration. Summary of Requirements: Bachelor's degree in Information Technology, Computer Science, or a related field; advanced or security-related certifications (CISSP, CISM, CSSM, CompTIA Security+, ITIL Foundation or higher) a plus. 15+ years of progressive IT operations leadership experience, including infrastructure, cybersecurity, and software engineering. Proven ability to expand and optimize ITIL-based processes and leverage ITSM platforms to drive process maturity and operational excellence. Strong understanding of manufacturing systems, ERP platforms, and IT/OT integration. Hands-on experience leading software engineering teams, managing development projects, automation, and systems integration initiatives. Skilled in capacity planning, disaster recovery, and business continuity aligned with organizational growth. Experience managing IT assets, Help Desk operations, and SLAs/OLAs to ensure high availability, performance, and service reliability. Hybrid role but must be in office at HQ three days per week and four-to-five during first six months of employment.

Ready to play a key role in building the future of living? Join Samara in tackling California's housing shortage and enabling people to attain sustainable housing without compromising design or quality. Our flagship product, Backyard, is a fully turnkey, premium accessory dwelling unit (ADU) designed for homeowners and real estate developers. As we expand our offerings and scale our in-house development initiatives, we're at a pivotal moment, redefining homeownership through high-quality, attainable infill housing. Backed by top-tier investors, including Airbnb, Thrive Capital, and 8VC, Samara is positioned for significant growth and market impact. To support our next phase of growth, we're hiring product-focused engineers to advance and scale the technical foundation of our modular system. These roles go beyond traditional design work-they refine system standards, improve factory repeatability, and ensure our units are code-compliant, manufacturable, and built to the highest standards of quality and performance. The MEP Systems Engineer will be responsible for the detailed design and implementation of mechanical, electrical, plumbing, and PV systems tailored for modular construction building systems. This role requires a deep understanding of MEP systems combined with practical experience in modular construction. You will collaborate closely with leadership, crossfunctional design and engineering teams to integrate all technical and user experience requirements into our designs to ensure optimal functionality, sustainability, and compliance with all regulations. What You'll Do Design and develop integrated MEP systems for our new and existing designs including solar energy systems, including PV and ESS, optimized for prefabricated modular construction Ensure that solar and energy storage designs align with overall MEP system functionality and building energy requirements Lead the creation of comprehensive design documents, schematics, component material selections and system layouts, preferably using CAD and BIM software Provide technical leadership during the installation and commissioning phases to ensure systems meet design specifications and performance standards Conduct system testing and validation to ensure functionality, efficiency, and safety of both MEP and PV installations Collaborate closely with installation teams to facilitate seamless and efficient factory and onsite implementation of design Engage in research and application of the latest technologies and practices in renewable energy and modular construction Work with program managers and other engineering disciplines to ensure holistic integration of all systems within Samara modular units What We're Looking For Modular construction experience in factory builds, multi-mod, stackable and/or other hands on related experience. Licensed Electrician or Mechanical Contractor -and/or- Bachelor's degree in Mechanical, Electrical, or Energy Systems Engineering, or a related field Professional Engineering (PE) license preferred Minimum of 7 years of experience in one of the following: Mechanical, Electrical, Solar and/or Plumbing System design Comprehensive knowledge of building codes, safety regulations, and sustainability practices relevant to MEP and renewable energy systems Proficiency in design software such as Onshape, Revit, and/or other BIM methodologies preferred Excellent problem-solving skills and the ability to adapt designs to changing technological and regulatory landscapes Strong communication and leadership skills, capable of driving project decisions and managing complex stakeholder relationships Ability to travel to our factory in Mexico up to 25-40%. What We Offer Salary range of $120-160K and performance-based bonuses. Hybrid work schedule with 3 days each week in our Redwood City office. Snacks and Lunch on in-office days Early stage employee equity. Exceptional health, dental, and vision insurance. 401k eligibility after 6 months. Flexible PTO policy. How to Apply If you're excited to support Samara's mission and have the skills to match, we'd love to hear from you. Please submit your resume and a brief letter of introduction to our team. Let's build something extraordinary-together.

About the Company Gemini is a global crypto and Web3 platform founded by Cameron and Tyler Winklevoss in 2014, offering a wide range of simple, reliable, and secure crypto products and services to individuals and institutions in over 70 countries. Our mission is to unlock the next era of financial, creative, and personal freedom by providing trusted access to the decentralized future. We envision a world where crypto reshapes the global financial system, internet, and money to create greater choice, independence, and opportunity for all - bridging traditional finance with the emerging cryptoeconomy in a way that is more open, fair, and secure. As a publicly traded company, Gemini is poised to accelerate this vision with greater scale, reach, and impact. The Department: Platform Security The Platform Security team secures Gemini's infrastructure through service hardening and by developing and supporting a suite of foundational tools. We provide secure-by-default infrastructure, consumable security services, and expert consultation to engineering teams for secure cloud and non-cloud infrastructure. The Role: Principal Platform Security Engineer (IAM) The Platform Security team builds zero-trust identity and access management foundations so every Gemini team can authenticate and authorize securely. As a Principal IAM Security Engineer, you will architect enterprise identity platforms that define how Gemini manages authentication and authorization across all systems. You will set technical standards for IAM, design foundational identity services used organization-wide, and lead strategic initiatives that transform our security posture. This is a hands-on technical leadership role where you'll write production code daily while driving multi-quarter identity initiatives. You'll own the technical vision for identity architecture, influence authentication practices across the organization, and build platforms that make zero-trust access patterns the default. This role requires exceptional software development skills, mastery of authentication protocols and applied cryptography, and proven ability to build IAM platforms that scale across hundreds of services and thousands of users. This role is required to be in person twice a week at either our San Francisco, CA or New York City, NY office. Responsibilities: Build enterprise IAM platforms that scale across the organization Set technical standards for authentication, authorization, and identity management Design foundational PKI infrastructure and secrets management platforms Lead strategic initiatives spanning workforce identity, workload authentication, and zero-trust access Drive adoption of modern authentication patterns and deprecation of legacy methods Mentor engineers across teams on identity architecture and cryptographic best practices Participate in on-call rotation for platform security incidents Minimum Qualifications: Exceptional software development skills in Python or Go with proven track record of building IAM platforms Mastery of identity protocols including OAuth2, SAML, OpenID Connect, WebAuthn, and emerging standards Deep expertise in PKI architecture, certificate lifecycle management, and applied cryptography Extensive experience with enterprise IdP platforms and multi-IdP federation architectures Strong experience with HashiCorp Vault or similar enterprise secrets management platforms Proven expertise with AWS IAM at scale, including cross-account architectures and permission boundaries Track record of leading identity transformation initiatives in complex environments Preferred Qualifications: Experience building identity platforms serving 500+ engineers or 100+ services Contributions to identity standards or major open source IAM projects Experience with SPIFFE/SPIRE and cloud-native workload identity Published research, conference talks, or thought leadership in identity and access management Experience with hardware security modules and key management systems Background in zero-trust architecture implementation at enterprise scale It Pays to Work Here The compensation & benefits package for this role includes: Competitive starting salary A discretionary annual bonus Long-term incentive in the form of a new hire equity grant Comprehensive health plans 401K with company matching Paid Parental Leave Flexible time off Salary Range: The base salary range for this role is between $192,500 - $275,000 in the State of New York, the State of California and the State of Washington. This range is not inclusive of our discretionary bonus or equity package. When determining a candidate's compensation, we consider a number of factors including skillset, experience, job scope, and current market data. In the United States, we offer a hybrid work approach at our hub offices, balancing the benefits of in-person collaboration with the flexibility of remote work. Expectations may vary by location and role, so candidates are encouraged to connect with their recruiter to learn more about the specific policy for the role. Employees who do not live near one of our hubs are part of our remote workforce. At Gemini, we strive to build diverse teams that reflect the people we want to empower through our products, and we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. Equal Opportunity is the Law, and Gemini is proud to be an equal opportunity workplace. If you have a specific need that requires accommodation, please let a member of the People Team know. #LI-ES1

About the Company Gemini is a global crypto and Web3 platform founded by Cameron and Tyler Winklevoss in 2014, offering a wide range of simple, reliable, and secure crypto products and services to individuals and institutions in over 70 countries. Our mission is to unlock the next era of financial, creative, and personal freedom by providing trusted access to the decentralized future. We envision a world where crypto reshapes the global financial system, internet, and money to create greater choice, independence, and opportunity for all - bridging traditional finance with the emerging cryptoeconomy in a way that is more open, fair, and secure. As a publicly traded company, Gemini is poised to accelerate this vision with greater scale, reach, and impact. The Department: Platform Security The Platform Security team secures Gemini's infrastructure through service hardening and by developing and supporting a suite of foundational tools. We provide secure-by-default infrastructure, consumable security services, and expert consultation to engineering teams for secure cloud and non-cloud infrastructure. The Role: Principal Platform Security Engineer (Cloud/K8S) The Platform Security team builds and delivers zero-trust foundations and paved paths so every Gemini team can ship safely on supported cloud platforms. As a Principal Cloud and Kubernetes Security Engineer, you will architect and build security platforms that define how Gemini operates in the cloud. You will set technical direction for cloud security, design foundational services used across the organization, and establish engineering standards for secure infrastructure. This is a hands-on technical leadership role where you'll write production code daily while driving strategic initiatives. You will own the technical vision for cloud security architecture, mentor engineers across teams, and influence how the entire organization builds and deploys infrastructure. This role requires exceptional technical expertise in cloud security, mastery of Terraform and infrastructure-as-code, and proven ability to build production services that scale. You will shape security culture by creating platforms that make secure patterns the default choice for engineering teams. This role is required to be in person twice a week at either our San Francisco, CA or New York City, NY office. Responsibilities: Architect and build security platforms, frameworks, and services that scale across the organization Set technical standards and best practices for cloud security and infrastructure-as-code Design and implement foundational security services used by multiple engineering teams Drive adoption of new technologies and security patterns across the organization Lead technical decisions for multi-quarter initiatives spanning cloud, container, and infrastructure security Mentor engineers across teams on secure architecture and engineering practices Participate in on-call rotation for critical security incidents and infrastructure issues Minimum Qualifications: Exceptional software development skills in Python or Go with proven track record of building production platforms Deep expertise securing AWS environments at scale, including advanced IAM, network architecture, and security services Mastery of Terraform including provider development, complex module design, and enterprise-scale implementations Extensive experience with Kubernetes security, including building operators, admission controllers, and platform extensions Proven ability to architect distributed systems and cloud-native platforms Track record of leading technical initiatives that transformed organizational capabilities Preferred Qualifications: Experience building security platforms adopted by 100+ engineers Contributions to open source security tools or infrastructure projects Experience with GCP security services and multi-cloud architectures including Azure Expertise in policy-as-code frameworks and compliance automation Published research, conference talks, or thought leadership in cloud security Experience building developer platforms and improving engineering velocity It Pays to Work Here The compensation & benefits package for this role includes: Competitive starting salary A discretionary annual bonus Long-term incentive in the form of a new hire equity grant Comprehensive health plans 401K with company matching Paid Parental Leave Flexible time off Salary Range: The base salary range for this role is between $192,500 - $275,000 in the State of New York, the State of California and the State of Washington. This range is not inclusive of our discretionary bonus or equity package. When determining a candidate's compensation, we consider a number of factors including skillset, experience, job scope, and current market data. In the United States, we offer a hybrid work approach at our hub offices, balancing the benefits of in-person collaboration with the flexibility of remote work. Expectations may vary by location and role, so candidates are encouraged to connect with their recruiter to learn more about the specific policy for the role. Employees who do not live near one of our hubs are part of our remote workforce. At Gemini, we strive to build diverse teams that reflect the people we want to empower through our products, and we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. Equal Opportunity is the Law, and Gemini is proud to be an equal opportunity workplace. If you have a specific need that requires accommodation, please let a member of the People Team know. #LI-ES1

About the Company Gemini is a global crypto and Web3 platform founded by Cameron and Tyler Winklevoss in 2014, offering a wide range of simple, reliable, and secure crypto products and services to individuals and institutions in over 70 countries. Our mission is to unlock the next era of financial, creative, and personal freedom by providing trusted access to the decentralized future. We envision a world where crypto reshapes the global financial system, internet, and money to create greater choice, independence, and opportunity for all - bridging traditional finance with the emerging cryptoeconomy in a way that is more open, fair, and secure. As a publicly traded company, Gemini is poised to accelerate this vision with greater scale, reach, and impact. The Department: Platform Security The Role: Staff Enterprise Security Engineer The Staff Enterprise Security Engineer leads initiatives to secure Gemini's corporate infrastructure and employee endpoints. This role oversees and delivers security projects spanning multiple corporate IT and engineering teams. This role is required to be in person twice a week at either our San Francisco, CA or New York City, NY office. Responsibilities: Drive security initiatives such as endpoint hardening, corporate access controls, and authentication systems Provide security expertise and guidance for corporate infrastructure projects Perform security design reviews and risk assessments for new services and integrations Respond to security incidents and events impacting corporate systems Partner closely with IT and other internal teams to balance business needs with appropriate security Evangelize and implement security best practices through education, automation, and tooling Minimum Qualifications: Significant experience in an infrastructure or enterprise security engineering role Experience with mac OS, Windows, Linux, iOS, and Android endpoint security controls and tooling Knowledge of authentication systems and protocols like SAML, OAuth, RADIUS, etc. Proficiency with scripting/coding to build security tooling and automation Knowledge of networking concepts like VPNs, VLANs, firewalls, proxies, etc. Ability to interpret and apply security standards, compliance regulations, and best practices Preferred Qualifications: Experience with Okta, Duo, Ping, or other IAM/IDP/MFA platforms and integrations Familiarity with with AWS, GCP, or other cloud environments and their security best practices Experience with Santa or similar binary authorization systems Deep expertise in mac OS system internals and hardening Participation in a software development lifecycle from design through deployment Strong communication skills to socialize security guidance across functional teams It Pays to Work Here The compensation & benefits package for this role includes: Competitive starting salary A discretionary annual bonus Long-term incentive in the form of a new hire equity grant Comprehensive health plans 401K with company matching Paid Parental Leave Flexible time off Salary Range: The base salary range for this role is between $168,000 - $240,000 in the State of New York, the State of California and the State of Washington. This range is not inclusive of our discretionary bonus or equity package. When determining a candidate's compensation, we consider a number of factors including skillset, experience, job scope, and current market data. In the United States, we offer a hybrid work approach at our hub offices, balancing the benefits of in-person collaboration with the flexibility of remote work. Expectations may vary by location and role, so candidates are encouraged to connect with their recruiter to learn more about the specific policy for the role. Employees who do not live near one of our hubs are part of our remote workforce. At Gemini, we strive to build diverse teams that reflect the people we want to empower through our products, and we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. Equal Opportunity is the Law, and Gemini is proud to be an equal opportunity workplace. If you have a specific need that requires accommodation, please let a member of the People Team know. #LI-ES1

About the Company Gemini is a global crypto and Web3 platform founded by Cameron and Tyler Winklevoss in 2014, offering a wide range of simple, reliable, and secure crypto products and services to individuals and institutions in over 70 countries. Our mission is to unlock the next era of financial, creative, and personal freedom by providing trusted access to the decentralized future. We envision a world where crypto reshapes the global financial system, internet, and money to create greater choice, independence, and opportunity for all - bridging traditional finance with the emerging cryptoeconomy in a way that is more open, fair, and secure. As a publicly traded company, Gemini is poised to accelerate this vision with greater scale, reach, and impact. The Department: Platform Security The Platform Security team secures Gemini's infrastructure through service hardening and by developing and supporting a suite of foundational tools. We provide secure-by-default infrastructure, consumable security services, and expert consultation to engineering teams for secure cloud and non-cloud infrastructure. The Role: Staff Platform Security Engineer (IAM) The Platform Security team builds zero-trust identity and access management foundations so every Gemini team can authenticate and authorize securely. As a Staff IAM Security Engineer, you will build IAM services, authentication systems, and identity infrastructure that protect both our workforce and workloads. This is a hands-on engineering role where you'll write production code daily, not just configuration. You'll own the full lifecycle of IAM solutions from design through production operations. This role requires strong software development skills, deep understanding of authentication protocols, and practical experience with PKI and secrets management. You'll partner with engineering teams to enable secure access patterns while maintaining usability. This role is required to be in person twice a week at either our San Francisco, CA or New York City, NY office. Responsibilities: Build and maintain IAM services and authentication systems using Python or Go Design and implement workforce identity solutions with Okta and multi-IdP architectures Develop PKI infrastructure and certificate lifecycle management for service authentication Create secrets management platforms with automated rotation and zero-knowledge patterns Build authorization services, access control systems, and policy engines Partner with engineering teams on identity architecture and secure authentication patterns Participate in on-call rotation for platform security incidents Minimum Qualifications: Strong software development skills in Python or Go with experience building production services Deep knowledge of identity protocols and standards including OAuth2, SAML, OpenID Connect, and WebAuthn Experience with PKI systems, certificate management, and applied cryptography Experience with HashiCorp Vault or similar secrets management platforms Proven expertise with AWS IAM, STS, and cloud identity services Proficiency in Terraform for infrastructure-as-code Experience building and operating high-availability authentication services Preferred Qualifications: Experience with Okta, Auth0, or similar enterprise IdP platforms Knowledge of SPIFFE/SPIRE and workload identity systems Background in zero-trust architecture and BeyondCorp principles Experience with hardware security modules (HSM) and key management systems Contributions to identity or cryptography open source projects It Pays to Work Here The compensation & benefits package for this role includes: Competitive starting salary A discretionary annual bonus Long-term incentive in the form of a new hire equity grant Comprehensive health plans 401K with company matching Paid Parental Leave Flexible time off Salary Range: The base salary range for this role is between $168,000 - $240,000 in the State of New York, the State of California and the State of Washington. This range is not inclusive of our discretionary bonus or equity package. When determining a candidate's compensation, we consider a number of factors including skillset, experience, job scope, and current market data. In the United States, we offer a hybrid work approach at our hub offices, balancing the benefits of in-person collaboration with the flexibility of remote work. Expectations may vary by location and role, so candidates are encouraged to connect with their recruiter to learn more about the specific policy for the role. Employees who do not live near one of our hubs are part of our remote workforce. At Gemini, we strive to build diverse teams that reflect the people we want to empower through our products, and we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. Equal Opportunity is the Law, and Gemini is proud to be an equal opportunity workplace. If you have a specific need that requires accommodation, please let a member of the People Team know. #LI-ES1

About the Company Gemini is a global crypto and Web3 platform founded by Cameron and Tyler Winklevoss in 2014, offering a wide range of simple, reliable, and secure crypto products and services to individuals and institutions in over 70 countries. Our mission is to unlock the next era of financial, creative, and personal freedom by providing trusted access to the decentralized future. We envision a world where crypto reshapes the global financial system, internet, and money to create greater choice, independence, and opportunity for all - bridging traditional finance with the emerging cryptoeconomy in a way that is more open, fair, and secure. As a publicly traded company, Gemini is poised to accelerate this vision with greater scale, reach, and impact. The Department: Platform Security The Platform Security team secures Gemini's infrastructure through service hardening and by developing and supporting a suite of foundational tools. We provide secure-by-default infrastructure, consumable security services, and expert consultation to engineering teams for secure cloud and non-cloud infrastructure. The Role: Staff Platform Security Engineer (Cloud/K8S) The Platform Security team builds and delivers zero-trust foundations and paved paths so every Gemini team can ship safely on supported cloud platforms. As a Staff Cloud and Kubernetes Security Engineer, you will build security services, tools, and automation while hardening our cloud environments (primarily AWS), securing container orchestration platforms, and implementing infrastructure-as-code security guardrails. This is a hands-on engineering role where you'll write production code daily, not just infrastructure-as-code. You'll design and build security platforms that scale across our engineering organization. This role requires deep technical expertise in cloud security, strong Terraform proficiency, and strong software development skills to build production services. You will partner closely with engineering teams to enable rapid, secure delivery while maintaining zero standing privilege and least-privilege access models. This role is required to be in person twice a week at either our San Francisco, CA or New York City, NY office. Responsibilities: Build and maintain security services, tools, and automation using Python or Go Design and implement security controls for AWS and Kubernetes environments using infrastructure-as-code Create reusable libraries, frameworks, and platforms that enable secure-by-default patterns Develop automated security monitoring, scanning, and remediation services Build CI/CD security gates and policy-as-code validation tools Partner with engineering teams on architecture decisions and provide security consultation Participate in on-call rotation for critical security incidents and infrastructure issues Minimum Qualifications: Strong software development skills in Python or Go with experience building production services Strong experience securing AWS environments including IAM, VPC, KMS, and native security services Deep Terraform expertise including module development, CI/CD gates, policy testing, remote state management, and zero-downtime deployments Proven expertise with Kubernetes security including admission controls, RBAC, network policies, and runtime protection Experience with distributed systems, cloud-native architectures, and SRE principles Demonstrated ability to build, deploy, and maintain security tools and services in production Preferred Qualifications: Experience with GCP security services and multi-cloud environments including Azure Knowledge of policy-as-code tools such as Open Policy Agent, Sentinel, or similar Experience with container security scanning, image signing, and supply chain security Background in incident response for cloud and container environments Experience with service mesh technologies and zero-trust networking Contributions to open source security tools or cloud security communities It Pays to Work Here The compensation & benefits package for this role includes: Competitive starting salary A discretionary annual bonus Long-term incentive in the form of a new hire equity grant Comprehensive health plans 401K with company matching Paid Parental Leave Flexible time off Salary Range: The base salary range for this role is between $168,000 - $240,000 in the State of New York, the State of California and the State of Washington. This range is not inclusive of our discretionary bonus or equity package. When determining a candidate's compensation, we consider a number of factors including skillset, experience, job scope, and current market data. In the United States, we offer a hybrid work approach at our hub offices, balancing the benefits of in-person collaboration with the flexibility of remote work. Expectations may vary by location and role, so candidates are encouraged to connect with their recruiter to learn more about the specific policy for the role. Employees who do not live near one of our hubs are part of our remote workforce. At Gemini, we strive to build diverse teams that reflect the people we want to empower through our products, and we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. Equal Opportunity is the Law, and Gemini is proud to be an equal opportunity workplace. If you have a specific need that requires accommodation, please let a member of the People Team know. #LI-ES1

Dragonfli Group is a cybersecurity and IT consulting firm providing services to federal agencies and Fortune 100 enterprises. Headquartered in Washington, DC, Dragonfli supports clients in securing mission-critical systems across on-site, hybrid, and fully remote environments. Dragonfli Group seeks a PAM Engineer with 5+ years of IT security experience to implement cybersecurity strategies protecting digital identities within a large federal agency's IT environment. This role supports the agency's cybersecurity initiatives by protecting digital identities, network assets, and hosted applications in a large-scale IT environment. The engineer will design and implement Privileged Access Management (PAM) solutions leveraging tools such as BeyondTrust, Okta, Splunk, and Active Directory, while applying automation with Python. The position requires seasoned IT security expertise, hands-on technical skills, and strong communication and planning abilities. It's a high-impact opportunity to shape identity and access security within a major federal agency. This is a multi-year contract position involving a large US federal agency. Candidates with previous federal contracting experience are preferred. U.S. Citizenship or Permanent Residency required. If hired, all work related to this role must be performed within the continental U.S. Responsibilities: • Implement cybersecurity strategies for digital identity protection. • Manage identity and access management efforts using PAM solutions. • Integrate and manage Beyond Trust and Okta tools. • Develop knowledge objects in Splunk. • Administer Windows and Linux systems. • Automate processes using Python scripting. • Manage directory services including Active Directory. • Prepare and interpret technical flowcharts. • Build and maintain schedules and action plans. • Influence peer organizations and key stakeholders positively. #LI-Remote • 5+ years of IT security experience. • Accredited college degree in computer science, information systems, or equivalent experience. • Experience in large enterprise IT environments. • Technical knowledge of Beyond Trust, Okta, SCIM integration, and Splunk. • Experience with Windows and Linux system administration. • Proficiency in Python scripting and automation. • U.S. Citizenship or Permanent Residency. BeyondTrust Okta Splunk Active Directory (AD) LDAP Windows Server Administration Linux Administration Python Scripting PowerShell Bash Identity and Access Management (IAM) Privileged Access Management (PAM) Directory Services Technical Flowcharting Network Security Security Automation • Insurance - health, dental, and vision • Paid Time Off (PTO) and 11 Federal Holidays • 401(k) employer match

Supports solution design, implementation, configuration, security infrastructure, and application components. Focuses on core security technologies to ensure they are in compliance with security industry commonly accepted practices, internal policies, and standards. Collaborates with technology operations teams, including business groups, to ensure the technologies deployed are maintained in a secure manner. LOCATION Remote - US FUNCTIONS OF THE JOB Essential Functions: which may be representative but not all inclusive of those commonly associated with this position. Responds to information and cyber security incidents by analyzing logs, threat intel, and other sources of information. Functions as a liaison between the Technical Security team and business units to track and monitor incident response and provide status updates as needed. Analyzes alerts generated by various security tools to reduce false positives and increase alert effectiveness. Reviews audit trails for unauthorized access attempts or other information security violations. Conducts root cause analysis to identify gaps and recommendations to eliminate risks. Supports the management and tuning of security tools. Assists in identifying gaps in the current state of security operations and recommending ways to improve its effectiveness. Determines ways to automate the incident response process and implement improvements, with security engineering assistance. Resolves security tickets not related to incident response. Documents and tracks security incidents and breaches using the corporate risk tracking platform. Develops dashboards and metrics to monitor current state of the security operations process and technology. Assists with security engineering work in other security domains, vulnerability management, penetration testing, digital certificate management, and privileged access. Creates scanning jobs and/or assessment tasks within a variety of security tools. Oversees the end-to-end vulnerability life cycle from discovery to closure. Reviews the list of vulnerabilities and work with the application and operations teams to remediate the findings. Researches and provides guidance for addressing vulnerabilities, which could include system patching, deployment of specialized controls, standards, or infrastructure changes, and/or changes in development processes. Identifies and resolves any false positive findings in assessment results. Maintains knowledge of the threat landscape and intelligence feeds to identify and triage new threats and vulnerabilities targeting BMI. Serves as a point of contact on issues, dependencies, and risks related to vulnerability scanning. Supports compliance and risk management activities, recommends security controls, corrective and preventative actions to mitigate vulnerability risks. Assists with the development of dashboards and data visualizations for executive management, operations teams, and other stakeholders. Develops, documents and reports business-level metrics for vulnerabilities and remediation progress. Functions as the process manager for the vulnerability management program with the ability to identify and improve efficiency in operations. Manages tracking and remediation of vulnerabilities and timelines with responsible technology developers and support teams. POSITION QUALIFICATION REQUIREMENTS Education: Bachelor's degree in Computer Science, Information Security, or a related field. Experience: Minimum of 2 years of experience in a security analyst role or similar position. SKILLS AND ABILITIES Which may be representative but not all inclusive of those commonly associated with this position. Strong working knowledge of IT risks, cyber security, and computer operating software. Proficiency in security tools and technologies, including firewalls, IDS/IPS, SIEM, and endpoint protection solutions. Strong analytical and problem-solving skills with the ability to analyze complex security issues. Knowledge of scripting languages (e.g., Python, PowerShell) for automation of security tasks. High level of attention to detail and accuracy in work. Excellent verbal and written communication skills. Ability to explain technical concepts to non-technical stakeholders. Highest level of confidentiality. SALARY RANGE The specific base salary offered to a successful applicant will be based on individual qualifications, skills, experience, and education. The pay range is subject to change at any time based on various internal and external factors. The position may also be eligible for one or more performance-based bonuses. In addition to cash compensation, BMI offers a competitive portfolio of benefits to its employees, as described below. What We Give to You: Health, dental, and vision insurance 401K with employer match Flexible spending accounts Paid vacation and paid sick/personal time 12 paid calendar holidays Paid volunteer time off Summer hours that offer more time for fun in the sun Company paid life insurance Up to 12 weeks paid parental leave Tuition assistance for qualified team members Commuter benefits (New York) Amazing and engaging culture Employee Resource Groups BROADCAST MUSIC, INC. IS AN EQUAL OPPORTUNITY EMPLOYER: All applicants will receive equal opportunity for employment without regard of race, color, sex, religion, nationality, age, sexual orientation, gender identity and/or expression, veteran's or marital status, disability, or any other cultural factor. #LI-Hybrid

Prelude Security is building the category leader in Runtime Memory Protection - an endpoint product that detects and blocks in-memory execution, memory zero-day exploitation, and ransomware execution entirely from user mode. We are a small team of security researchers and software developers working to reinvent the way we protect endpoints in a world where threats are complex, emergent, and accelerating. Backed by Sequoia Capital, Insight Partners, and other leading investors, we are building an advanced security solution to detect in-memory attacks on endpoints, which is written in Rust and runs exclusively in user mode. It leverages advances in modern edge computing architecture, hardware-level telemetry, and a graph-based understanding of the Windows operating system to catch adversaries the moment that they compromise an endpoint. Rather than endlessly attempting to predict what an adversary might do, trapping adversaries at this universal and unavoidable chokepoint that lies at the center of their operations allows us to focus all of our efforts on what they must do, regardless of their sophistication or how much creativity (or AI) they apply to their tactics. Our goal is simple: to detect out-of-context execution in a way that remains entirely outside the adversary's control. Out-of-context execution occurs when an attacker coerces an application to run code paths that were not intended by the original application. This includes in-memory execution techniques such as local and remote injection, exploitation that results in the execution of dynamic code, and fileless malware Role Prelude is seeking a Principal Security Researcher to conduct in-depth technical analysis of modern and adaptive adversary tactics, Windows internals, and operating system telemetry sources, enabling the development of relevant tests and effective detections within Prelude's endpoint protection platform. As a subject matter expert, you will specialize in one or more areas crucial to Prelude's research, such as operating system internals, reverse engineering, malware development, offensive security, program analysis, performance profiling or detection engineering. Success in this role hinges on delivering high-quality research, driving innovation, adapting swiftly, and fostering collaboration across teams and business units. Given the confidential nature of our work, we require an NDA to be signed after an introductory call if there is mutual interest in moving forward. Responsibilities Conduct in-depth research on operating system internals to pinpoint sources of defensive telemetry crucial for detecting adversary tactics, specifically targeting code execution Analyze modern adversary tradecraft, deciphering technique relevance, inner workings, and detectability Translate and implement research findings into actionable improvements for Prelude's endpoint protection platform Produce high-quality, public-facing security research content, including blog posts and conference talks Stay abreast of cutting-edge offensive and defensive security techniques through continuous self-study and research Serve as the subject matter expert in adversary tradecraft and security operations, supporting other business units on their projects as needed Support other Researchers on the team with their research and actively engage in team-driven initiatives Skills and Experience Deep knowledge of Windows operating system internals and static/dynamic reverse engineering Our most commonly used tools: IDA Pro, Binary Ninja, Ghidra, and WinDbg 5+ years of experience in one or more of the following areas: Offensive security, specifically red team operations or purple teaming Detection engineering, specifically, writing robust, production-scale queries in any major EDR Systems programming, ideally using Rust or C/C++ Program analysis and performance profiling Strong understanding of how modern EDRs/XDRs work internally Ability to explain complex technical concepts and research outputs to both executive-level and highly technical consumers Aptitude for working in a fast-paced, adaptive startup environment Nice to Haves Prior experience in enterprise software development using Rust Prior vulnerability research and exploit development experience Working at Prelude Prelude is a fully remote team across the US & Canada, built on trust, autonomy, and excellence. We empower our team to take ownership, move with purpose, and continuously improve. Our culture values top performers who align with our mission and embrace high standards. We offer generous healthcare, flexible PTO, and home-office support, ensuring our team has the freedom and resources to thrive. While we move fast, we prioritize quality, collaboration, and remain committed to building impactful security solutions with precision.

RAPP Chicago is looking for a Security Engineer to join our award-winning Technology team. WHO WE ARE: We are RAPP - world leaders in activating growth with precision and empathy at scale. As a global, next-generation precision marketing agency we leverage data, creativity, technology, and empathy to foster client growth. We champion individuality in the marketing solutions we create, and in our workplace. We fight for solutions that adapt to the individual's needs, beliefs, behaviors, and aspirations. We foster an inclusive workplace that emphasizes personal well-being. HOW WE DO IT: At RAPP, our fearless superconnectors help to create value from personal brand experiences by focusing on three key areas: connected data, connected content and connected decisioning. Our data analysts identify who that person is, our strategists understand what they want, and our award-winning technologists and creatives know how to deliver it - ensuring we're able to activate authentic customer connections for our clients. Part of Omnicom's Precision Marketing Group, RAPP is comprised of 2,000+ creatives, technologists, strategists, and data and marketing scientists across 15+ global markets YOUR ROLE: We are seeking a Security Engineer to support enterprise-wide security and compliance initiatives within a highly secure government cloud environment. This role ensures ongoing compliance and security through continuous monitoring and evaluation activities, vulnerability management activities, and by supporting secure development and change management processes. This role will support a government cloud-based system operating at Impact Level 4/5 (IL4)/(IL5) in AWS GovCloud operating within the Risk Management Framework (RMF). This role works closely with a Security Architect and technical and program management leaders to ensure the security posture of the system throughout its lifecycle. The ideal candidate will have strong attention to detail, a passion for information security, and the ability to work collaboratively within a highly cross functional team environment. YOUR RESPONSIBILITIES: * Conduct and analyze vulnerability assessments using automated tools (e.g. Evaluate-STIG), interpret scan results, and coordinate remediation. * Update RMF required documentation (SSP, SAR, POA&Ms), ensuring it accurately reflects current system status, vulnerabilities, and remediation actions to support ATO renewals and audits. * Participate in technical change management and secure development processes, reviewing new features for security compliance. * Support threat modeling activities for system changes, documenting risks and mitigation approaches working with the Security Architect. * Use compliance/risk management tools (e.g. eMass) to maintain security and risk assessment evidence, track findings, and support remediation activities. * Collaborate with and support the Security Architect, technical owners, ISSOs, engineers, and program management stakeholders to gather evidence, resolve findings, and verify secure implementation of security related changes. * Prepare and deliver clear, concise security reports and briefings to security and technical stakeholders * Remain current on evolving DoD cybersecurity requirements, NIST guidance, AWS GovCloud security practices, and emerging threats. REQUIRED SKILLS: * Experience supporting RMF processes and maintaining compliance documentation (NIST 800-53, ATO lifecycle). * Hands-on experience with vulnerability assessment tools (e.g. Evaluate-STIG), and AWS services. * Strong analytical, problem-solving, organizational, and technical writing skills. * Familiarity with vulnerability management, continuous monitoring, and secure change management in cloud environments. * Demonstrated ability to communicate and collaborate effectively with both technical and program management teams. * Experience working in or with consulting organizations and/or public sector clients is highly valued. * One of the following certifications is required to qualify for this role, in accordance with DoD 8140/8570 requirements for cybersecurity positions (IAT Level II/III, IAM Level I/II, or CSSP Analyst/Auditor, as appropriate to assignment): * CompTIA Security+ * CompTIA Cybersecurity Analyst (CySA+) * CAP (Certified Authorization Professional) * CISA (Certified Information Systems Auditor) * GSLC (GIAC Security Leadership Certification) * CISSP (Associate or full, preferred for some assignments) * Other DoD 8140/8570-approved certifications appropriate to the position and level * Candidates must maintain active certification status throughout employment. Additional or higher-level certifications may be required for advancement or based on project needs but are not necessary to apply for this role. Preferred Qualifications * Certified Cloud Security Professional (CCSP) and/or Cloud AWS/Azure/GCP certifications * Experience in highly regulated industries (government, defense, healthcare, finance) * Experience with eMASS (DoD) / RMF tools and DISA STIGs, ACAS, Nessus compliance tools Engagement Type * Full-time position or consulting engagement. * May require U.S. citizenship and ability to obtain/hold a security clearance (depending on project needs). Soft Skills * Exceptional attention to detail and organizational skills. * Strong written and verbal communication skills, with the ability to explain complex metadata systems to non-technical users. * Ability to work collaboratively and cross-functionally with creative, marketing, and IT teams. * Proactive problem-solver who can identify issues and suggest improvements. * Time management skills with the ability to prioritize and manage multiple tasks in a fast-paced environment. Our hybrid work model: RAPP's current hybrid model is designed to enable in-person connections and collaboration that is core to our culture, while also supporting flexibility for all employees. As such, we have the option to work from home two days per week, if we'd like. RAPP provides a competitive salary and comprehensive benefits plan. Benefits for this role include health/vision/dental insurance, 401(k), stock options, Healthcare & Dependent Flexible Spending Accounts, vacation, sick, and personal days and positive activism days, paid parental leave and disability benefits. For more information regarding Omnicom benefits, please visit ************************ A reasonable estimate of the salary for this role, at the time of posting, is $81,000 - $98,000. This range is specific to Chicago and multiple factors are considered in making compensation decisions including, but not limited to: skill set, experience and training, certifications; etc. This is an exempt position. If your requirements fall outside of this range, you are still welcome to apply. "As an EEO/Affirmative Action Employer all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status." NOTE: This job description is not intended to be all-inclusive. Employee may perform other related duties as negotiated to meet the ongoing needs of the organization.

We are in the business of creativity... making some of the most beloved film and television of all time for every platform in the world. As the most creative and proudly independent studio, our future is boundless. Sony Pictures Entertainment (SPE) is a division of Sony Corporation, a creative entertainment company built on a foundation of technology. Along with our sister companies, we make movies, television, music and games that engage billions of people, connecting creators and audiences around the globe. We are looking for innovators to join us as we forge the future of entertainment! Role Summary: The Manager, Security Engineer Training & Behavior plays a key role in building the foundation for Sony Pictures Entertainment's security culture by designing and deploying systems that embed secure behaviors directly into employee workflows. This hands-on role focuses on creating automation, nudging, and workflow mechanisms that make secure actions seamless, intuitive, and habit-forming. Over time, these foundations will enable gamification, microlearning, and emerging technologies to reinforce secure decisions in real time. Success requires a strong mix of technical skill, behavioral insight, and systems thinking to deliver scalable, user-centered solutions that drive measurable change. Collaboration, clarity, and an ability to translate complex security concepts into accessible content are essential. Key Responsibilities: Working closely with the Director of Information Security Awareness & Training, this role drives the technical execution of initiatives that embed secure behaviors into employee workflows through automation, gamification, and smart system design, reducing friction across IT and security tools and making secure choices the intuitive default. + System Design & Hands-On Implementation + Design and implement automations, integrations, and systems that embed secure behaviors into workflows + Use scripting and APIs to deliver adaptive security nudges and alerts + Create nudging infrastructure using low/no-code tools + Develop in-product guidance (extensions, add-ins, notifications) for real-time reinforcement + Identify and fix usability gaps in security controls to reduce friction across platforms (SharePoint, Outlook, Teams, LMS) + Scenario-Based Learning & Behavior Experimentation + Design experiential simulations across data protection, access control, social engineering, and collaboration + Move beyond static phishing tests toward adaptive, trust-building learning experiences + Conduct tabletop exercises and integrate insights into culture and behavior initiatives + Gamification & Microlearning Deployment + Apply gamification elements (challenges, leaderboards, streaks) + Help design role-based and microlearning moments integrated into our environments + Emerging Technology Implementation + Prototypes AI-based guidance tools (e.g., in-chat assistants, smart FAQs, real-time explainers) + Explores immersive learning pilots (e.g., interactive branching video, VR/AR prototypes) using available tec + Helps lead MVP testing of new technologies that could reduce friction and increase security enablement + Behavioral Data Architecture & Analytics + Support development of LRS/xAPI pipelines to capture behavioral data across systems + Shape dashboards and analytics models in Power BI, Tableau, etc. + Use telemetry to inform nudges and optimize campaigns over time Key Requirements: + Education + Bachelor's degree in Information Security, Behavioral Science, Computer Science, Human-Computer Interaction, Data Analytics, or a related field + Equivalent experience or relevant certifications (e.g., Power Automate, xAPI/LRS, Microsoft Graph, low-code platforms, cybersecurity fundamentals) may be considered in lieu of a formal degree + Experience + 5+ years of experience, particularly in areas such as cybersecurity, IT automation, behavioral engineering, or enterprise systems integration + Proven ability to build and implement behavior-change mechanisms, develop user-centric technical solutions as well as automation, nudging, and real-time learning interventions. + Experience with gamification, low-code tools, and collaboration with cross-functional teams is necessary + Skills & Certifications (Preferred) + Cybersecurity: Certified Information Systems Security Professional (CISSP), CompTIA Security+, or equivalent cybersecurity certifications + Automation & Workflow: Certificates in systems automation, workflow orchestration, or enterprise app development + Behavioral Design: Microsoft Power Platform certifications (e.g., Power Automate, Power Apps), and/or certifications in behavior design, UX design, or gamification strategy Key Emerging Trends Addressed in the Role + AI-generated phishing and deepfake detection + Context-aware, real-time nudging + Security UX; frictionless security enablement + Human risk scoring and behavioral segmentation + Adaptive, role-specific and data-informed microlearning experience + Zero-trust behavioral support and habit reinforcement + AI-supported engagement and automation Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. To request an accommodation for purposes of participating in the hiring process, you may contact us at SPE_Accommodation_Assistance@spe.sony.com.

We are in the business of creativity… making some of the most beloved film and television of all time for every platform in the world. As the most creative and proudly independent studio, our future is boundless. Sony Pictures Entertainment (SPE) is a division of Sony Corporation, a creative entertainment company built on a foundation of technology. Along with our sister companies, we make movies, television, music and games that engage billions of people, connecting creators and audiences around the globe. We are looking for innovators to join us as we forge the future of entertainment! Role Summary: The Manager, Security Engineer Training & Behavior plays a key role in building the foundation for Sony Pictures Entertainment's security culture by designing and deploying systems that embed secure behaviors directly into employee workflows. This hands-on role focuses on creating automation, nudging, and workflow mechanisms that make secure actions seamless, intuitive, and habit-forming. Over time, these foundations will enable gamification, microlearning, and emerging technologies to reinforce secure decisions in real time. Success requires a strong mix of technical skill, behavioral insight, and systems thinking to deliver scalable, user-centered solutions that drive measurable change. Collaboration, clarity, and an ability to translate complex security concepts into accessible content are essential. Key Responsibilities: Working closely with the Director of Information Security Awareness & Training, this role drives the technical execution of initiatives that embed secure behaviors into employee workflows through automation, gamification, and smart system design, reducing friction across IT and security tools and making secure choices the intuitive default. System Design & Hands-On Implementation Design and implement automations, integrations, and systems that embed secure behaviors into workflows Use scripting and APIs to deliver adaptive security nudges and alerts Create nudging infrastructure using low/no-code tools Develop in-product guidance (extensions, add-ins, notifications) for real-time reinforcement Identify and fix usability gaps in security controls to reduce friction across platforms (SharePoint, Outlook, Teams, LMS) Scenario-Based Learning & Behavior Experimentation Design experiential simulations across data protection, access control, social engineering, and collaboration Move beyond static phishing tests toward adaptive, trust-building learning experiences Conduct tabletop exercises and integrate insights into culture and behavior initiatives Gamification & Microlearning Deployment Apply gamification elements (challenges, leaderboards, streaks) Help design role-based and microlearning moments integrated into our environments Emerging Technology Implementation Prototypes AI-based guidance tools (e.g., in-chat assistants, smart FAQs, real-time explainers) Explores immersive learning pilots (e.g., interactive branching video, VR/AR prototypes) using available tec Helps lead MVP testing of new technologies that could reduce friction and increase security enablement Behavioral Data Architecture & Analytics Support development of LRS/xAPI pipelines to capture behavioral data across systems Shape dashboards and analytics models in Power BI, Tableau, etc. Use telemetry to inform nudges and optimize campaigns over time Key Requirements: Education Bachelor's degree in Information Security, Behavioral Science, Computer Science, Human-Computer Interaction, Data Analytics, or a related field Equivalent experience or relevant certifications (e.g., Power Automate, xAPI/LRS, Microsoft Graph, low-code platforms, cybersecurity fundamentals) may be considered in lieu of a formal degree Experience 5+ years of experience, particularly in areas such as cybersecurity, IT automation, behavioral engineering, or enterprise systems integration Proven ability to build and implement behavior-change mechanisms, develop user-centric technical solutions as well as automation, nudging, and real-time learning interventions. Experience with gamification, low-code tools, and collaboration with cross-functional teams is necessary Skills & Certifications (Preferred) Cybersecurity: Certified Information Systems Security Professional (CISSP), CompTIA Security+, or equivalent cybersecurity certifications Automation & Workflow: Certificates in systems automation, workflow orchestration, or enterprise app development Behavioral Design: Microsoft Power Platform certifications (e.g., Power Automate, Power Apps), and/or certifications in behavior design, UX design, or gamification strategy Key Emerging Trends Addressed in the Role AI-generated phishing and deepfake detection Context-aware, real-time nudging Security UX; frictionless security enablement Human risk scoring and behavioral segmentation Adaptive, role-specific and data-informed microlearning experience Zero-trust behavioral support and habit reinforcement AI-supported engagement and automation The anticipated base salary for this position is $115,000-$150,000. This role may also qualify for annual incentive and/or comprehensive benefits. The actual base salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location of the position. Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. SPE will consider qualified applicants with arrest or conviction records in accordance with applicable law. To request an accommodation for purposes of participating in the hiring process, you may contact us at SPE_Accommodation_Assistance@spe.sony.com.

General information Name Security Engineer Ref # 1927 City N/A State Nevada Country United States Work Hours Mon-Fri 8:00am-5:00pm Function Information Technology Description & Requirements Job Description The primary focus of the Security Engineer is protecting the company's information security interests, leveraging advanced security tools and applications. As part of the Cybersecurity engineering team, this role will work closely with technology functions to improve improvement and support initiatives to promote information security within the organization. * This is a REMOTE position with occasional travel as needed - Must reside in the U.S. (NO EXCEPTIONS) Responsibilities * Implementing, managing, monitoring, and upgrading security measures for the protection of the organization's data, systems, and networks. * Troubleshooting Security and network related problems. * Responding to all system and/or network security issues. * Ensuring the organization's data and infrastructure are protected by enabling the appropriate security controls. * Testing and identifying network and/or system security vulnerabilities. * Manage and optimize Rapid7 Insight IDR or other SEIM for incident response, including configuration of data sources, log parsing, and integration to ensure accurate detection and streamlined investigations. * Evaluating the organization's security requirements and establishing best practices and standards accordingly. * Respond to security incidents, performing thorough investigations and remediation actions. * Utilize Microsoft Defender for Cloud to manage security posture and protect workloads across cloud and hybrid environments. * Daily administrative tasks, reporting, and communication with the relevant stakeholders in the organization. * Deploy, configure, and maintain CyberArk solutions, including the Enterprise Password Vault (EPV), Privileged Session Manager (PSM), and Central Policy Manager (CPM). * Implement privileged account security and enforce least privilege access controls across the enterprise. * Monitor, audit, and report on privileged access to ensure compliance with security policies. Required Qualifications * Bachelor's degree or other relevant experience in information technology or a related IT course. * At least 4-6 years of experience in Security Engineering, including establishing and monitoring information security controls. * Hands-on experience with the following security tools and technologies: o Rapid7 MDR/IDR o In-depth knowledge of the Microsoft security ecosystem, including Azure, Entra ID, Microsoft Sentinel, and Microsoft Defender XDR. o Direct experience implementing and managing data governance and protection policies using Microsoft Purview. o Proficiency with scripting languages like PowerShell for automation o CyberArk Privileged Access Management (PAM) o Strong understanding of cybersecurity principles, frameworks (e.g., NIST, ISO 27001), and best practices. * Excellent verbal and written communication skills, with the ability to coordinate effectively with global teams. * Strong administrative capabilities in task development, time management, and resource allocation to meet target deadlines. * Demonstrated troubleshooting, follow-through, and critical-thinking skills. * High level of risk intelligence and security awareness. * Relevant vendor and/or vendor neutral certification(s) such as Microsoft Security Operations Analyst (SC-200), Microsoft Cybersecurity Architect (SC-100), CyberArk Trustee / CyberArk Defender / CyberArk Sentry / CyberArk Guardian, Zscaler Digital Transformation Administrator (ZDTA) / ISC2 SSCP. CC Compensation & Benefits BradyPLUS offers competitive compensation and a comprehensive benefits package to support the health and well-being of our associates and their families. Benefit offerings include medical, dental, vision, life and disability insurance, flexible spending accounts, Employee Assistance Programs (EAP), 401(k) Retirement and more.. About BradyPLUS: BradyPLUS is a leading national distributor of solutions for JanSan, Foodservice and Industrial Packaging. We deliver the right SUPPLIES + SUPPORT to ensure businesses are more successful every day. We offer premium brands, expert advice, and exceptional customer experiences. Our 6,000 associates across 180+ locations have a passion for delivering innovative solutions for the business challenges of today and tomorrow. Together, we serve thousands of customers nationwide in end markets including education, government, healthcare, hospitality, restaurants, building services, food packaging & processing, and grocery. We strive to be the best employer we can. We value people, we embrace change and we reach higher. Join us and see what the BUZZ is about! To learn more visit us at ****************** BradyPLUS is an Equal Opportunity Employer. This means that all qualified applicants will receive consideration for employment without regard to race, marital status or civil union status, sex, age, color, religion, national origin, veteran status, mental or physical disability, sexual orientation, gender identity and/or any other characteristic protected by law. We also provide reasonable accommodations to applicants and employees with disabilities. *

Systems Security Engineer Dahlgren, VA Active Secret Clearance @Orchard is supporting a growing Federal contract with proven capabilities in cybersecurity. We are seeking a skilled Systems Security Engineer to be proposed for a new project supporting the Navy. This role will be based out of Dahlgren, VA and will be responsible for supporting the creation of hybrid software, web, and hardware products from initial specifications to final roll-out and maintenance, including sophisticated systems that run on the web. If awarded, this could be a fantastic opportunity to grow your career with a company that has built strong relationships within Defense and Intelligence. If selected, you will be asked to sign a letter of intent to join the team upon program award. As the Systems Security Engineer you will: Supporting A&A Cybersecurity policy and control evaluations. Preparing supporting RMF activities or current Government-approved processes for packages and artifacts. Obtaining approvals to operate. Implementation of security postures. Providing SME support in Information Assurance and Cybersecurity Life-Cycle management, coordination, and implementation as required by the applicable Authorizing Official. Provide RMF A&A ISSE support for all ashore and afloat packages. Responsible to integrate various network operating systems, application programs, and hardware devices. Manage development cycle associated with producing resilient software, hardware, and web application, including specification, design, coding, testing, and maintenance. Perform classified and unclassified tasks and actions to support A&A activities, A&A package reviews, scanning, reporting and remediation, and overall system security; consult with relevant A&A Validation teams in normal course of activities. Assist in development and execution of A&A plans for complex networks and IT systems; may include providing ISSO, Information Systems Security Engineer, and DIO support, and A&A analysis supporting documentation and artifacts in support of A&A, and compliant system administration across variety of environments supporting department offices, conference facilities, and land-based tactical equipment suites and laboratories. Provide IT Project and System Administrative support for accreditation including full authority to operate, interim authority to operate, authority to connect, Interim authority to test, Local authority to proceed and other required authorizations to support normal operations, special user events and requirements, and test events. Implement and maintain system security requirements, including STIGs, anti-virus software installations and updates, ESS installation and monitoring, responding to Cyber Directives, and other direction to ensure IT and Information Assurance controls are maintained. Perform and review vulnerability scans on all ISs using latest approved vulnerability scanning tools and signatures and ensure results properly mitigated, reviewed, documented, and reported. Support, test, monitor, and report any changes in ISs that may affect security posture and/or performance of IS. Monitor all system and audit logs and report potential security issues to ISSM; assist ISSM, Cybersecurity Branch Head, DIO, incident handling team, and law enforcement personnel in any investigations involving suspected security violations. Maintain accurate and up-to-date information in all required A&A applications. Provide subject matter expertise to perform cybersecurity operations for Corporate Operations IT and Technical Department IT. Collaborate with Government and other Contractor personnel to coordinate test and operation activities for Department IT. Develop, collect, maintain and submit A&A artifacts. Provide support for installing, managing, and troubleshooting any issues with vulnerability scanning software; perform scans on monthly and ad hoc basis for all Department IT and generate/consolidate scanning reports in centralized location; provide vulnerability scanning support for IT; responsible for opening trouble tickets with respective scanning software support for scanning and IA support. Responsible for creation, development, support, and lifecycle sustainment of all RMF A&A processes, including, but not limited to: Supporting A&A Cybersecurity policy and control evaluations. Preparing supporting RMF activities or current Government-approved processes for packages and artifacts. Obtaining approvals to operate. Implementation of security postures. Qualifications: Four (4) years professional experience IT security with DoD or Navy. Experience with vulnerability analysis, risk analysis, scanning for viruses and other detrimental software. Qualified experience in accreditation of systems and audits. Designated as IAT II level with T3. Bachelor's Degree in Engineering discipline desired but not required. Professional experience in systems engineering a plus.

At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Today's world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity As the Red Team Coordinator EY, you will orchestrate red team activities against the EY environment to identify security gaps and create a hardened security posture. You will operate autonomously to collaborate with top-tier IT and security teams to mitigate potential threats, ensuring our operations remain resilient against the ever-evolving cyber threat landscape. This position is within Cyber Attack Surface Management, where we lead the charge in protecting EY, influencing a culture of security excellence, and shaping the future of global cybersecurity. Your key responsibilities The Red Team Coordinator at EY will be entrusted with the critical responsibility of devising and executing a robust Red Team strategy to safeguard the firm's extensive digital infrastructure. Primary duties will include the meticulous identification and evaluation of potential security gaps and working with third party providers to devise and execute a comprehensive simulated attack to test incident response and security controls. Managing relationships and meticulous attention to details in incident response will be critical to success in overseeing the exercises. In close collaboration with IT and security teams, the Lead will oversee the prompt and effective resolution of security weaknesses. Moreover, the Coordinator will be a key communicator, engaging with stakeholders throughout the organization to promote a culture of heightened security awareness and proactive risk management. In addition to managing the Red Team capability, the Coordinator will provide leadership and guidance to a Tabletop Exercise Analyst responsible for designing and executing tabletop exercises for EY's internal Cyber & Investigative Services function. Skills and attributes for success Strong analytical and problem-solving skills Excellent communication and interpersonal abilities Leadership and team collaboration experience Adaptability to diverse cultural environments Technical proficiency in cybersecurity tools Strategic thinking and planning capabilities Proactive risk management mindset Experience in incident response coordination To qualify for the role you must have 10+ years of Information Security experience with a focus on offensive security and/or threat intelligence Minimum 3 years of Red Team experience Experience managing and/or executing exercises and simulations An expert ability to assess an organization's strengths and weaknesses, and building remediation plans Demonstrated experience documenting and communicating the risk of security gaps An expert understanding of threat modelling and risk assessment An in-depth understanding of security control functionality in the context of threats An interest and aptitude for engaging stakeholders and developing a functional network of subject matter experts Proficiency developing non-traditional solutions to complex challenges Ideally, you'll also have Functional understanding of the TIBER Framework Experience engaging regulators Incident Response experience Time spent working with a globally dispersed team in a large enterprise What we look for We are looking for an experienced Red Team operator that can develop the Red Team program into a mature function capable of protecting a firm as diverse as EY. This proven leader will improve the organization's ability to reduce the attack surface while enabling the business. The ideal candidate will seek to improve others while continuously learning and identifying ways to strengthen the organization. What we offer you The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary ranges. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more. We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $152,700 to $294,000. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $183,300 to $334,100. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at **************************.

Join American Structurepoint and become part of a team that goes the extra mile for our clients and communities. We live by our values - respect, staff development, results and family. Our team is encouraged to explore new ideas and turn our clients' dreams into reality. With exceptional benefits, training, and mentorship, we pave the way for a rewarding career. Ready for more than just a job? Explore opportunities with us and help improve the quality of life in the communities we serve. Group: Information Technology Position: IT Security Analyst Location: Indianapolis, IN Are you passionate about cybersecurity and ready to protect the digital backbone of an innovative engineering firm? We're looking for a skilled IT Security Analyst to join our team and help secure mission-critical systems, proprietary data, and infrastructure. Join a team where your cybersecurity expertise directly supports groundbreaking engineering projects. Apply now or message us to learn more! Responsibilities • Monitor and analyze network traffic for threats and vulnerabilities • Conduct regular security assessments and penetration testing • Work collaboratively with Infrastructure team to learn and review firewalls, antivirus, and intrusion detection/prevention systems - Maintain Secure by Design Approach • Investigate and respond to security incidents • Continually develop (update) and implement cybersecurity policies and procedures • Collaborate with engineering and IT teams to secure sensitive project data • Stay ahead of emerging threats and technologies • Be passionate about: o Learning new technologies o Working collaboratively in a team atmosphere Qualifications Must-Haves: • Bachelor's degree in Computer Science, Cybersecurity, or related field • 3+ years of experience in IT security roles • Strong knowledge of network protocols, firewalls, and endpoint protection • Experience with SIEM tools - Understand and develop queries and expressions • Basic Understanding of NIST, SOC2, CMMC or similar frameworks • Excellent communication and problem-solving skills • Excellent written and documentation skills Nice-to-Haves: • Certifications: CISSP, CISM, CEH, or Security+ • Experience with cloud security (AWS, Azure) • Scripting knowledge (Python, PowerShell) • Exposure to engineering software platforms (AutoCAD, SolidWorks) • Familiarity with Zero Trust architecture