Security Architect Jobs in Abington, PA

in ONSITE in Pennsylvania. There is no relocation for the role. Our client is looking for a Chief Information Security Officer (CISO) to lead and elevate their cybersecurity program. This is a high-impact role for a seasoned leader who can balance strategic vision with hands-on execution. What You'll Do: Create and Lead enterprise-wide information security strategy, policies, and governance. Manage cybersecurity risk across infrastructure, cloud, applications, and third-party vendors. Partner with IT, legal, compliance, and executive leadership to align security with business goals. Ensure compliance with regulatory requirements and industry standards. Develop and lead incident response plans, threat assessments, and recovery efforts. What You Bring: 10+ years of progressive experience in cybersecurity, including 5+ years in a senior leadership role. Proven success in a retail or consumer goods environment Deep understanding of cloud security, threat intelligence, and regulatory frameworks (e.g., PCI-DSS, NIST, ISO). Ability to lead teams, influence across the organization, and communicate risk to non-technical stakeholders. Relevant certifications such as CISSP, CISM, or CISA strongly preferred.

*Flexible Work Arrangement: Hybrid* Cyber threats change at a rapid pace, and cybersecurity approaches must transform to provide effective protection and enable business innovation. As part of the Security Engineering and Architecture department, the Sr. Security Architect I (II) plays a key role in development of the security strategy, defining roadmaps for achieving security objectives, architect secure solutions in partnership with enterprise architecture and application architecture, and build security into systems by collaborating with development teams and other internal technology groups. This individual will solve security challenges with implementing and integrating cloud-based services into PJM's business processes, implementing zero trust architecture principals, managing and controlling big data, and leveraging machine learning processes to solve complex business problems. Essential Functions: Researches and supports development and advancement of a comprehensive security strategy and strategic roadmap. Develops and maintains high quality documentation for cyber security policies, architectures, and standards. Works across the organization to communicate security approaches and that internal and external stakeholders support the changes. Supports cross-functional programs that advance security, such as zero-trust architecture, cloud security, data and analytics, machine learning, and security automation. Monitors technical advancements and makes recommendations to improve network, system and application security architectures. Supports enterprise architecture and application architecture initiatives and creates corresponding security design patterns. Consults with project teams to design secure architecture for new projects in alignment with agreed upon security design patterns. Supports application security assessments by developing improved tools and approaches for assessing security. Defines data security policies and processes to protect corporate data. Develops security solutions based on NIST Cybersecurity Framework (CSF) guidelines. Supports architectural guidance team to evaluate project proposals for architectural fit. Assists in prioritizing security efforts to balance security risks with operational and business risks. Assists team and department management in developing work plans, including scope, milestones, schedule, releases, resources and deliverables. Builds strong relationships with stakeholders by providing superior customer support as demonstrated by clearly owning, resolving and communicating issues and problems, and being responsive to needs, requirements, and deadlines. Supports the Cyber Security Incident Response Team (CSIRT) process by participating in various responder roles. Characteristics & Qualifications: Required: Bachelor's Degree in Computer Engineering, Computer Science, Information Technology or equivalent work experience At least 5 years of experience overall IT/IS experience At least 2 years of experience with security engineering/architecture Two or more of the following: applications (on-prem or cloud-based), networks, operating systems, or DevOps. Cloud security experience such as implementing landing zone, encryption, identity and access management, security monitoring, infrastructure as code (IaC), cloud workload protection platform (CWPP), control plane configuration and cloud security posture management (CSPM) solutions. Ability to produce high-quality work products with attention to detail Ability to visualize and solve complex problems Experience with NERC Critical Infrastructure Protection (CIP) Standards Ability to collaborate, influence, and partner with business units Experience using Microsoft Project Experience with Operating Systems, networks, storage technologies, software development, databases, and security concepts Experience using effective verbal and written communications skills Preferred: Experience with PJM operations, markets, and planning functions Experience implementing zero trust architecture, data and analytics, machine learning, and security automation. Experience with defining data security policies and processes to protect corporate data as part of Data Security Governance. Experience working in a regulated industry (especially NERC CIP). Experience with NIST CSF. Experience working with varying levels of classified data. Knowledge and experience of importance of diversity and inclusion at workplace and its effective use to improve PJM's business functions as it relates to assigned responsibilities. Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM)

Company DescriptionJobs for Humanity is partnering with Capital One to build an inclusive and just employment ecosystem. Therefore, we prioritize individuals coming from the following communities: Refugee, Neurodivergent, Single Parent, Blind or Low Vision, Deaf or Hard of Hearing, Black, Hispanic, Asian, Military Veterans, the Elderly, the LGBTQ, and Justice Impacted individuals. This position is open to candidates who reside in and have the legal right to work in the country where the job is located. Company Name: Capital One Job Description201 Third Street (61049), United States of America, San Francisco, CaliforniaSenior Manager, Information Security Office Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. What You'll Do: Act as a central Information Security point of contact for the Enterprise Platform team Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business Product security consulting in Authentication/Access Management /Identity application and experienced in Authentication and industry-standard protocol for authorization/authorization Basic Qualifications: High School Diploma, GED or equivalent certification At least 8 years of experience working in cybersecurity or information technology At least 7 years of experience providing guidance and oversight of Security concepts At least 7 years of experience performing security risk assessments and security architecture reviews At least 7 years of experience with architecture, software design, networking, and cloud infrastructure At least 5 years of experience with cloud security engineering Preferred Qualifications: Bachelor's Degree 3+ years of experience in securing a public cloud environment (e.g. AWS, GCP, Azure) 4+ years of experience in IAM or related areas Experience building software utilizing public cloud (e.g. AWS, GCP, Azure) Familiarity with Cloud patch management practices such as system rehydration and image management Experience utilizing Agile methodologies Experience with Software Security Architecture Experience with Application Security Experience with Threat Modeling Experience with Penetration Testing or Vulnerability Management Experience with integrating SaaS products into an Enterprise Environment Experience with securing Container services Splunk-Fu / Enterprise Monitoring experience Financial services industry experience Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) Experience in Offensive and Defensive Security techniques Experience in a regulated environment Strong conceptual thinking, influence and communication skills At this time, Capital One will not sponsor a new applicant for employment authorization for this position. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. New York City (Hybrid On-Site): $230,100 - $262,700 for Sr Manager, Cyber TechnicalSan Francisco, California (Hybrid On-Site): $243,800 - $278,200 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at [email protected]. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to [email protected] Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Sonsoft , Inc. is a USA based corporation duly organized under the laws of the Commonwealth of Georgia. Sonsoft Inc. is growing at a steady pace specializing in the fields of Software Development, Software Consultancy and Information Technology Enabled Services. Job Description At least 1 year of experience in software development life cycle. At least 1 year of experience in creating customized and complex reports using Crystal and Business Objects. At least 1 year of experience in writing Nested and Complex queries. At least 1 year of experience in creating reports using drill down, prompts and variables. At least 1year of experience 0n Query Tuning mechanisms. Good understanding of Data Warehouse concepts. Must be able to provide Solutions or Enhancements to fix the data issues quickly when reported by the clients or users. Flexibility to Self-learn and understand the system, further assist with query tuning and application performance Good Analytical Skills High impact communication Ability to ramp up in new technologies Ability to work in team environment with diverse/multiple stakeholders. Experience and desire to work in a Global delivery environment. Qualifications Bachelor's degree or foreign equivalent required from an accredited institution. Will also consider three years of progressive experience in the specialty in lieu of every year of education. At least 1 year experience with SAP BO Administration Additional Information ** U.S. citizens and those authorized to work in the U.S. are encouraged to apply . We are unable to sponsor at this time. Note:- This is a Full-Time Permanent job opportunity for you. Only US Citizen, Green Card Holder, TN Visa, GC-EAD, H4-EAD & L2-EAD can apply. No OPT-EAD & H1B Consultants please. Please mention your Visa Status in your email or resume.

The Director - Information Security is a "CISO" type role. This is the role of a strategic leader responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. This role will report directly to the CIO and will be responsible for directing staff in identifying, developing, implementing, and maintaining processes across the organization to reduce information and information technology (IT) risks, respond to incidents, establish appropriate standards and controls, manage security technologies, and direct the establishment and implementation of policies and procedures. Leads company's IT technological strategies in support of the company's mission and core objectives, providing leadership, vision, and management of IT Teams. Ensures the effective operation of all IT systems and functions. Accountable for the management, mentoring, and career development of the IT staff members. PRIMARY RESPONSIBILITIES Strategic Planning and Financial Oversight Develops and maintains a culture of security that emphasizes the enterprise-wide responsibility for ALL COMPANY employees. Develops and maintains a comprehensive cloud security strategy aligned with the organization's overall security objectives and the larger organizational cloud strategy. Assures the alignment of IT and business strategy with particular focus on thought leadership and innovation. Must be able to design and execute multi-year road maps in order to transform COMPANY environment and collaborate with COMPANY, SBR and copany entities for technological efficiencies. Develops strategic annual and long-term business plans and operational budgets for responsible IT areas. Tracks implementations to ensure financial and service targets are met according to timelines. Leadership and Operations Management Creates a security strategy and roadmap to drive the organization towards a more secure future. Directs and manages IT Department activities and operations. Leads multiple teams of various levels of employees and consultants through the prioritization and implementation of project-related activities. Provides motivational career development and assessment of team members. Fosters and encourages a diverse, inclusive team. Service Delivery and Stakeholder Management Drives the incident response plan for the organization enrolling leadership to follow a well-rehearsed plan when a cyber event occurs. Oversees and negotiates service level agreements with internal and external stakeholders. Tracks service delivery to ensure agreed targets and standards are met. Directs relationships with vendors and ensures that vendors meet COMPANY business objectives/objectives, SLAs, and deliverables in a timely manner and within budget guidelines. Interacts with major suppliers, overseeing RFPs, bids, contracts, and service agreements. Project Planning and Resource Allocation Directs the design and implementation of security solutions that are secure, scalable, reliable, and cost-effective. Determines the value and ROI of every IT-related project. Prioritizes the scheduling and implementation of major IT projects to ensure the efficient utilization of resources. Identifies IT resources required to meet defined business objectives. Develops and defends opportunities for continuous creative improvement of processes and systems. Acts as a change agent for new technologies and processes in the COMPANY environment. Oversees the creation and maintenance of policies and procedures that protect the organization's computing infrastructure and data. Policy Development and Implementation Collaborates with Legal and Government Relations/Compliance teams to ensure compliance with relevant laws, regulations, and policies. Advocates for changes in other departments' practices to ensure compliance with security policies. Directs the planning, production, and implementation of information and for COMPANY technology-related systems policies, procedures, and regulations. QUALIFICATIONS Demonstrated senior-level IT management experience, adept at shaping and executing complex IT strategies. Executive presence in gaining consensus across all parties. Proven track record managing budgets ranging from $4 million to $10 million, showcasing financial acumen in IT operations. Proficiency in articulating intricate technical concepts to non-technical stakeholders in a clear concise manner. Proficient in leading multiple IT disciplines, including software development, technical support, and systems architecture, showcasing adept project management skills. In-depth understanding of computer systems, applications, operating systems, and robust knowledge of data security protocols. Ability to ensure all systems are secured at all times. Strong negotiation skills and a collaborative approach in dealings with third-party IT business partners. Critical Thinking and Decision-Making (proficiency: High): Advanced decision-making and problem-solving skills, essential for navigating complex IT landscapes and quickly addressing challenges.

* Flexible Work Arrangement: Hybrid* Cyber threats change at a rapid pace, and cybersecurity approaches must transform to provide effective protection and enable business innovation. As part of the Security Engineering and Architecture department, the Sr. Security Architect I (II) plays a key role in development of the security strategy, defining roadmaps for achieving security objectives, architect secure solutions in partnership with enterprise architecture and application architecture, and build security into systems by collaborating with development teams and other internal technology groups. This individual will solve security challenges with implementing and integrating cloud-based services into PJM's business processes, implementing zero trust architecture principals, managing and controlling big data, and leveraging machine learning processes to solve complex business problems. Essential Functions: * Researches and supports development and advancement of a comprehensive security strategy and strategic roadmap. * Develops and maintains high quality documentation for cyber security policies, architectures, and standards. * Works across the organization to communicate security approaches and that internal and external stakeholders support the changes. * Supports cross-functional programs that advance security, such as zero-trust architecture, cloud security, data and analytics, machine learning, and security automation. * Monitors technical advancements and makes recommendations to improve network, system and application security architectures. * Supports enterprise architecture and application architecture initiatives and creates corresponding security design patterns. * Consults with project teams to design secure architecture for new projects in alignment with agreed upon security design patterns. * Supports application security assessments by developing improved tools and approaches for assessing security. * Defines data security policies and processes to protect corporate data. * Develops security solutions based on NIST Cybersecurity Framework (CSF) guidelines. * Supports architectural guidance team to evaluate project proposals for architectural fit. * Assists in prioritizing security efforts to balance security risks with operational and business risks. * Assists team and department management in developing work plans, including scope, milestones, schedule, releases, resources and deliverables. * Builds strong relationships with stakeholders by providing superior customer support as demonstrated by clearly owning, resolving and communicating issues and problems, and being responsive to needs, requirements, and deadlines. * Supports the Cyber Security Incident Response Team (CSIRT) process by participating in various responder roles. Characteristics & Qualifications: Required: * Bachelor's Degree in Computer Engineering, Computer Science, Information Technology or equivalent work experience * At least 5 years of experience overall IT/IS experience * At least 2 years of experience with security engineering/architecture * Two or more of the following: applications (on-prem or cloud-based), networks, operating systems, or DevOps. Cloud security experience such as implementing landing zone, encryption, identity and access management, security monitoring, infrastructure as code (IaC), cloud workload protection platform (CWPP), control plane configuration and cloud security posture management (CSPM) solutions. * Ability to produce high-quality work products with attention to detail * Ability to visualize and solve complex problems * Experience with NERC Critical Infrastructure Protection (CIP) Standards * Ability to collaborate, influence, and partner with business units * Experience using Microsoft Project * Experience with Operating Systems, networks, storage technologies, software development, databases, and security concepts * Experience using effective verbal and written communications skills Preferred: * Experience with PJM operations, markets, and planning functions * Experience implementing zero trust architecture, data and analytics, machine learning, and security automation. * Experience with defining data security policies and processes to protect corporate data as part of Data Security Governance. * Experience working in a regulated industry (especially NERC CIP). * Experience with NIST CSF. * Experience working with varying levels of classified data. * Knowledge and experience of importance of diversity and inclusion at workplace and its effective use to improve PJM's business functions as it relates to assigned responsibilities. * Certified Information Systems Auditor (CISA) * Certified Information Systems Security Professional (CISSP) * Certified Information Security Manager (CISM)

A best-in-class city that attracts best-in-class talent, Philadelphia is an incredible place to build a career. From our thriving arts scene and rich history to our culture of passion and grit, there are countless reasons to love living and working here. With a workforce of over 30,000 people, and more than 1,000 different job categories, the City of Philadelphia offers boundless opportunities to make an impact. As an employer, the City of Philadelphia values inclusion, integrity, innovation, empowerment, and hard work above all else. We offer a vibrant work environment, comprehensive health care and benefits, and the experience you need to grow and excel. If you're interested in working with a passionate team of people who care about the future of Philadelphia, start here. What We Offer: * Impact - The work you do here matters to millions. * Growth - Philadelphia is growing, why not grow with it? * Diversity & Inclusion - Find a career in a place where everyone belongs. * Benefits - We care about your well-being. The Office of Innovation & Technology (OIT) is the central IT agency for the City of Philadelphia headed by the Chief Information Officer (CIO). OIT oversees all major information and communications technology initiatives for the City of Philadelphia - increasing the effectiveness of the information technology infrastructure, where the services provided are advanced, optimized, and responsive to the needs of the City of Philadelphia's businesses, residents, and visitors. OIT responsibilities include: identifying the most effective approach for implementing new information technology directions throughout city government; improving the value of the city's technology assets and the return on the city's technology investments; ensuring data security continuity; planning for continuing operations in the event of disruption of information technology or communications services; and supporting accountable, efficient and effective government across every city department, board, commission and agency. Job Description The Philadelphia International Airport is managed by the Department of Aviation of the City of Philadelphia. The airport handles approximately 82,000 travelers per day. The airport Information Technology department is headed by the Chief Information Officer (CIO). As the Director of Information Security, you will play a pivotal role in safeguarding the confidentiality, integrity, and availability of Philadelphia International Airport's information assets. Reporting directly to the Chief Information Security Officer (CISO), you will be tasked with leading strategic initiatives to mitigate cyber threats, ensure compliance with industry regulations & standards. Must have a sound business acumen to help identify, evaluate and report information security risks in a manner that supports the risk posture of the organization. Essential Functions and Responsibilities: * Strategic Leadership - Collaborate with the CISO and senior leadership to develop and maintain the organization's information security strategy, policies, and procedures. Provide strategic direction and guidance to the information security team, aligning security initiatives with business objectives and risk tolerance. * Risk Management - Lead the identification, assessment, and prioritization of information security risks, threats, and vulnerabilities across the organization's IT infrastructure and systems. Implement risk mitigation strategies and controls to address identified risks effectively. Develop capabilities to manage third party Cybersecurity risks. * Security Governance & Compliance - Lead the identification, assessment, and prioritization of information security risks, threats, and vulnerabilities across the organization's IT infrastructure and systems. Develop risk mitigation strategies and controls to address identified risks effectively. * Threat Management - Execute strategies for continuous monitoring of network traffic, system logs, and user activities to identify unauthorized or suspicious behavior. Review security monitoring tools, technologies to detect and alert potential security incidents and anomalies. Maintain incident response plans and procedures to effectively respond to and mitigate security incidents. Lead the investigation of security breaches and incidents, coordinating response efforts and implementing corrective actions as necessary. * Third Party Risk Management -Assess and manage risks associated with third-party vendors and service providers, ensuring contractual obligations and security requirements are met. Develop processes for evaluating monitoring vendor security posture and performance. * Security Operations & Technology -Oversee the implementation and maintenance of security technologies and tools, ensuring they effectively identify, protect, detect, respond, and recover to security threats & vulnerabilities. * Change Management -Lead change management committee for reviewing, approving, and implementing changes and ensuring security controls, configurations are updated and maintained. Foster open communication and collaboration among stakeholders, creating forums for dialogue to facilitate decision-making and address concerns related to change initiatives. Experience/Required skills: * Strong leadership and management skills are essential for effectively leading a team of security professionals. * Proficiency in risk management is necessary for identifying, assessing, and mitigating information security risks. * In-depth knowledge of security architecture and design is necessary for developing and implementing robust security controls. * Expertise in security operations is essential for monitoring, detecting, and responding to security threats and incidents. * A comprehensive understanding of compliance and regulatory requirements is crucial for ensuring that the organization's security practices align with relevant standards and regulations. * Excellent communication and presentation skills are needed for effectively conveying complex security concepts to non-technical stakeholders. * Strategic planning and execution skills are essential for developing and implementing a comprehensive information security strategy aligned with business objectives. * Proficiency in vendor management is necessary for evaluating and selecting security vendors and managing vendor relationships effectively. * Strong team building, and development skills are crucial for fostering a collaborative and high-performing security team. Desired Experience and Abilities: * Proficiency in analyzing, evaluating security threats and vulnerabilities, as well as assessing the potential impact on the organization. * Extensive experience in conducting thorough risk assessments, vulnerability assessments, and penetration testing to identify and prioritize security risks. * Ability to architect and integrate security solutions into the organization's infrastructure, ensuring the confidentiality, integrity, and availability of information assets. * Commitment to staying updated on emerging security threats, trends, and technologies. * Ability to adapt to evolving security challenges and requirements, proactively adjusting security strategies and tactics to address new threats and vulnerabilities. * Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls. * Coordinate information security and risk management projects with resources from the IT organization and business unit teams. * Familiarity with cybersecurity principles, tools, and best practices. Qualifications * Bachelor's degree in Computer Science, Information Technology, Information Systems or a related field; Master's degree preferred. * Minimum of 10 years of progressive experience in information security, with 5 years of leadership or managerial experience. * Proven track record of developing and implementing information security strategies and initiatives in alignment with NIST Cybersecurity Framework. * Experience with conducting risk assessments, vulnerability assessments, and developing risk mitigation strategies. * Excellent leadership and communication skills, with the ability to collaborate effectively with cross-functional teams and influence stakeholders at all levels of the organization. * Strong analytical and problem-solving abilities, with a keen attention to detail and the ability to prioritize and manage multiple tasks simultaneously. * In-depth knowledge of cybersecurity principles, technologies, and best practices. * Strong understanding of regulatory requirements and compliance frameworks. * Excellent leadership, communication, and stakeholder management skills. * Relevant certifications such as CISSP, CISM, or CRISC are highly desirable. * Experience with security compliance frameworks (e.g., CIS, NIS CSF, NIST RMF, ISO 27001) is a plus. Additional Information Salary Range: $120,000 - $130,000 Starting salary to be determined based on experience and qualifications. Important: To apply, candidates must provide a cover letter and a resume. SPECIAL REQUIREMENTS: Must be a Philadelphia resident. Successful candidate must be a city of Philadelphia resident within six months of hire. Candidate must pass a background check. PHYSICAL AND MENTAL DEMANDS: Position requires a high level of mental concentration and commitment. Discover the Perks of Being a City of Philadelphia Employee: * We offer Comprehensive health coverage for employees and their eligible dependents * Our wellness program offers eligibility into the discounted medical plan * Employees receive paid vacation, sick leave, and holidays * Generous retirement savings options are available * Pay off your student loans faster - As a qualifying employer, City of Philadelphia employees are eligible to participate in the Public Service Loan Forgiveness program. Join the ranks of hundreds of employees who have already benefited from this program and achieved student loan forgiveness. * Enjoy a Free Commute on SEPTA - Starting September 1, 2023, eligible City employees will no longer have to worry about paying for SEPTA public transportation. Whether you're a full-time, part-time, or provisional employee, you can seize the opportunity to sign up for the SEPTA Key Advantage Program and receive free Key cards for free rides on SEPTA buses, trains, trolleys, and regional rails. * Unlock Tuition Discounts and Scholarships - The City of Philadelphia has forged partnerships with over a dozen esteemed colleges and universities in the area, ensuring that our employees have access to a wide range of tuition discounts and scholarships. Experience savings of 10% to 40% on your educational expenses, extending not only to City employees but in some cases, spouse and dependents too! Join the City of Philadelphia team today and seize these incredible benefits designed to enhance your financial well-being and personal growth! * The successful candidate must be a city of Philadelphia resident within six months of hire Effective May 22, 2023, vaccinations are no longer required for new employees that work in non-medical, non-emergency or patient facing positions with the City of Philadelphia. As a result, only employees in positions providing services that are patient-facing medical care (ex: Nurses, doctors, emergency medical personnel), must be fully vaccinated. The City of Philadelphia is an Equal Opportunity employer and does not permit discrimination based on race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, source of income, familial status, genetic information or domestic or sexual violence victim status. If you believe you were discriminated against, call the Philadelphia Commission on Human Relations at ************ or send an email to [email protected] . Job Location

A best-in-class city that attracts best-in-class talent, Philadelphia is an incredible place to build a career. From our thriving arts scene and rich history to our culture of passion and grit, there are countless reasons to love living and working here. With a workforce of over 30,000 people, and more than 1,000 different job categories, the City of Philadelphia offers boundless opportunities to make an impact. As an employer, the City of Philadelphia values inclusion, integrity, innovation, empowerment, and hard work above all else. We offer a vibrant work environment, comprehensive health care and benefits, and the experience you need to grow and excel. If you're interested in working with a passionate team of people who care about the future of Philadelphia, start here. What We Offer: • Impact - The work you do here matters to millions. • Growth - Philadelphia is growing, why not grow with it? • Diversity & Inclusion - Find a career in a place where everyone belongs. • Benefits - We care about your well-being. The Office of Innovation & Technology (OIT) is the central IT agency for the City of Philadelphia headed by the Chief Information Officer (CIO). OIT oversees all major information and communications technology initiatives for the City of Philadelphia - increasing the effectiveness of the information technology infrastructure, where the services provided are advanced, optimized, and responsive to the needs of the City of Philadelphia's businesses, residents, and visitors. OIT responsibilities include: identifying the most effective approach for implementing new information technology directions throughout city government; improving the value of the city's technology assets and the return on the city's technology investments; ensuring data security continuity; planning for continuing operations in the event of disruption of information technology or communications services; and supporting accountable, efficient and effective government across every city department, board, commission and agency. Job Description The Philadelphia International Airport is managed by the Department of Aviation of the City of Philadelphia. The airport handles approximately 82,000 travelers per day. The airport Information Technology department is headed by the Chief Information Officer (CIO). As the Director of Information Security, you will play a pivotal role in safeguarding the confidentiality, integrity, and availability of Philadelphia International Airport's information assets. Reporting directly to the Chief Information Security Officer (CISO), you will be tasked with leading strategic initiatives to mitigate cyber threats, ensure compliance with industry regulations & standards. Must have a sound business acumen to help identify, evaluate and report information security risks in a manner that supports the risk posture of the organization. Essential Functions and Responsibilities: Strategic Leadership - Collaborate with the CISO and senior leadership to develop and maintain the organization's information security strategy, policies, and procedures. Provide strategic direction and guidance to the information security team, aligning security initiatives with business objectives and risk tolerance. Risk Management - Lead the identification, assessment, and prioritization of information security risks, threats, and vulnerabilities across the organization's IT infrastructure and systems. Implement risk mitigation strategies and controls to address identified risks effectively. Develop capabilities to manage third party Cybersecurity risks. Security Governance & Compliance - Lead the identification, assessment, and prioritization of information security risks, threats, and vulnerabilities across the organization's IT infrastructure and systems. Develop risk mitigation strategies and controls to address identified risks effectively. Threat Management - Execute strategies for continuous monitoring of network traffic, system logs, and user activities to identify unauthorized or suspicious behavior. Review security monitoring tools, technologies to detect and alert potential security incidents and anomalies. Maintain incident response plans and procedures to effectively respond to and mitigate security incidents. Lead the investigation of security breaches and incidents, coordinating response efforts and implementing corrective actions as necessary. Third Party Risk Management -Assess and manage risks associated with third-party vendors and service providers, ensuring contractual obligations and security requirements are met. Develop processes for evaluating monitoring vendor security posture and performance. Security Operations & Technology -Oversee the implementation and maintenance of security technologies and tools, ensuring they effectively identify, protect, detect, respond, and recover to security threats & vulnerabilities. Change Management -Lead change management committee for reviewing, approving, and implementing changes and ensuring security controls, configurations are updated and maintained. Foster open communication and collaboration among stakeholders, creating forums for dialogue to facilitate decision-making and address concerns related to change initiatives. Experience/Required skills: Strong leadership and management skills are essential for effectively leading a team of security professionals. Proficiency in risk management is necessary for identifying, assessing, and mitigating information security risks. In-depth knowledge of security architecture and design is necessary for developing and implementing robust security controls. Expertise in security operations is essential for monitoring, detecting, and responding to security threats and incidents. A comprehensive understanding of compliance and regulatory requirements is crucial for ensuring that the organization's security practices align with relevant standards and regulations. Excellent communication and presentation skills are needed for effectively conveying complex security concepts to non-technical stakeholders. Strategic planning and execution skills are essential for developing and implementing a comprehensive information security strategy aligned with business objectives. Proficiency in vendor management is necessary for evaluating and selecting security vendors and managing vendor relationships effectively. Strong team building, and development skills are crucial for fostering a collaborative and high-performing security team. Desired Experience and Abilities: Proficiency in analyzing, evaluating security threats and vulnerabilities, as well as assessing the potential impact on the organization. Extensive experience in conducting thorough risk assessments, vulnerability assessments, and penetration testing to identify and prioritize security risks. Ability to architect and integrate security solutions into the organization's infrastructure, ensuring the confidentiality, integrity, and availability of information assets. Commitment to staying updated on emerging security threats, trends, and technologies. Ability to adapt to evolving security challenges and requirements, proactively adjusting security strategies and tactics to address new threats and vulnerabilities. Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls. Coordinate information security and risk management projects with resources from the IT organization and business unit teams. Familiarity with cybersecurity principles, tools, and best practices. Qualifications Bachelor's degree in Computer Science, Information Technology, Information Systems or a related field; Master's degree preferred. Minimum of 10 years of progressive experience in information security, with 5 years of leadership or managerial experience. Proven track record of developing and implementing information security strategies and initiatives in alignment with NIST Cybersecurity Framework. Experience with conducting risk assessments, vulnerability assessments, and developing risk mitigation strategies. Excellent leadership and communication skills, with the ability to collaborate effectively with cross-functional teams and influence stakeholders at all levels of the organization. Strong analytical and problem-solving abilities, with a keen attention to detail and the ability to prioritize and manage multiple tasks simultaneously. In-depth knowledge of cybersecurity principles, technologies, and best practices. Strong understanding of regulatory requirements and compliance frameworks. Excellent leadership, communication, and stakeholder management skills. Relevant certifications such as CISSP, CISM, or CRISC are highly desirable. Experience with security compliance frameworks (e.g., CIS, NIS CSF, NIST RMF, ISO 27001) is a plus. Additional Information Salary Range: $120,000 - $130,000 Starting salary to be determined based on experience and qualifications. Important: To apply, candidates must provide a cover letter and a resume. SPECIAL REQUIREMENTS: Must be a Philadelphia resident. Successful candidate must be a city of Philadelphia resident within six months of hire. Candidate must pass a background check. PHYSICAL AND MENTAL DEMANDS: Position requires a high level of mental concentration and commitment. Discover the Perks of Being a City of Philadelphia Employee: • We offer Comprehensive health coverage for employees and their eligible dependents • Our wellness program offers eligibility into the discounted medical plan • Employees receive paid vacation, sick leave, and holidays • Generous retirement savings options are available • Pay off your student loans faster - As a qualifying employer, City of Philadelphia employees are eligible to participate in the Public Service Loan Forgiveness program. Join the ranks of hundreds of employees who have already benefited from this program and achieved student loan forgiveness. • Enjoy a Free Commute on SEPTA - Starting September 1, 2023, eligible City employees will no longer have to worry about paying for SEPTA public transportation. Whether you're a full-time, part-time, or provisional employee, you can seize the opportunity to sign up for the SEPTA Key Advantage Program and receive free Key cards for free rides on SEPTA buses, trains, trolleys, and regional rails. • Unlock Tuition Discounts and Scholarships - The City of Philadelphia has forged partnerships with over a dozen esteemed colleges and universities in the area, ensuring that our employees have access to a wide range of tuition discounts and scholarships. Experience savings of 10% to 40% on your educational expenses, extending not only to City employees but in some cases, spouse and dependents too! Join the City of Philadelphia team today and seize these incredible benefits designed to enhance your financial well-being and personal growth! *The successful candidate must be a city of Philadelphia resident within six months of hire Effective May 22, 2023, vaccinations are no longer required for new employees that work in non-medical, non-emergency or patient facing positions with the City of Philadelphia. As a result, only employees in positions providing services that are patient-facing medical care (ex: Nurses, doctors, emergency medical personnel), must be fully vaccinated. The City of Philadelphia is an Equal Opportunity employer and does not permit discrimination based on race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, source of income, familial status, genetic information or domestic or sexual violence victim status. If you believe you were discriminated against, call the Philadelphia Commission on Human Relations at ************ or send an email to [email protected].

Chief Information Security Officer (CISO) Our Client Reports To: Chief Technology (CTO) About Our Client: Our client is a leading Alternative Investments asset manager. They provide tailored private equity, private credit, and private real estate investment solutions to institutional and individual investors. With a commitment to innovation, regulatory excellence, and security, they are seeking a highly skilled Chief Information Security Officer (CISO) to lead their cybersecurity and information security strategy. Role Overview: The Chief Information Security Officer (CISO) will be responsible for developing and executing Our Client cybersecurity strategy, ensuring compliance with SEC regulations, and safeguarding sensitive investor and corporate data. This executive will work closely with the CEO, executive leadership, regulators, investors, and clients to maintain the highest standards of information security and privacy. The ideal candidate will have deep technical expertise, extensive regulatory experience, and a passion for data privacy and risk management. Key Responsibilities: Strategic Leadership & Regulatory Compliance Develop, implement, and oversee enterprise-wide information security policies aligned with regulatory requirements (SEC, FINRA, GDPR, etc.). Serve as the primary security liaison with SEC regulators, auditors, clients, and investors, ensuring full transparency and compliance with cybersecurity frameworks. Advise the CTO, CEO and Board of Directors on cybersecurity risks, threats, and strategic investments in security infrastructure. Lead security due diligence for funding initiatives, M&A transactions, and third-party partnerships, ensuring compliance and risk mitigation. Technical Security & Risk Management Design and manage cyber risk management frameworks, including penetration testing, threat detection, and incident response strategies. Oversee the deployment and maintenance of cutting-edge security technologies, including cloud security, identity management, and encryption solutions. Work closely with IT and engineering teams to secure Our Client financial platforms, trading systems, and proprietary data analytics tools. Establish and monitor key security metrics and threat intelligence programs to proactively mitigate risks. Privacy & Client Trust Champion privacy-first security initiatives, ensuring the protection of investor and corporate data. Lead cybersecurity education and training programs for employees to foster a security-conscious culture. Develop and execute incident response plans to protect Our Client reputation and client trust in the event of a breach. Key Qualifications: 10+ years of experience in cybersecurity leadership roles, preferably within asset management, private equity, or investment banking. Deep expertise in SEC regulations, cybersecurity frameworks (NIST, ISO 27001), and financial services compliance. Strong technical background in network security, cloud security (AWS, Azure), encryption, and incident response. Proven ability to engage with SEC regulators, institutional clients, and investors on cybersecurity matters. Experience leading cybersecurity programs for funding rounds, acquisitions, and regulatory audits. Exceptional communication skills with the ability to translate complex security concepts for executive leadership. A genuine passion for data privacy, risk management, and protecting client trust. Relevant certifications such as CISSP, CISM, or CISA are highly desirable. Why Join Our Client? This is an opportunity to shape the cybersecurity future of a leading alternative asset manager. The CISO will have direct influence on executive decision-making, ensuring Our Client remains at the forefront of financial cybersecurity, regulatory compliance, and investor trust. Contact: Bob Flores Email: *************** ************** Contact: Scott Barcalow Email: ***************** **************

Data Intelligence, LLC (DI) is seeking a qualified and experienced Information Systems Security Officer III to support the Naval Surface Warfare Center (NSWC) in Philadelphia, PA. The successful candidate will be responsible for coordinating security efforts to ensure the safety and integrity of classified and unclassified information systems and assist in maintaining a secure operating environment. This position requires a strong understanding of cybersecurity protocols, as well as the ability to coordinate and implement security measures to meet the specific needs of the organization. **This position is contingent upon award of contract** Key Responsibilities: Collaborate with various levels of the organization to implement required security changes and ensure compliance with established security policies and standards. Conduct comprehensive cybersecurity vulnerability and threat assessments to identify and mitigate risks to information systems. Lead cyber-incident-response efforts, including isolating affected systems, conducting initial investigations, collecting relevant data, and providing status updates and reports to leadership. Provide guidance on best practices and recommend improvements to the organization's security posture. Perform risk assessments and develop mitigation strategies to protect sensitive data from internal and external threats. Support continuous monitoring of information systems and provide regular status reports on security compliance. Maintain up-to-date knowledge of emerging cybersecurity threats and industry best practices. Required Skills/Experience: Bachelor's degree in Computer Science, Information Technology, Communications Systems Management, or an equivalent science, technology, engineering, and mathematics (STEM) field. A minimum of 6 years of relevant experience in cybersecurity or information systems security. Prior experience supporting Navy programs. Current IAM Level II certification (or higher) in accordance with DoD 8570.01-M. At least a Secret-level security clearance is required, with the ability to obtain higher-level clearance if necessary. Proficiency in cybersecurity frameworks, risk management processes, and security controls. Strong analytical and problem-solving skills with attention to detail. Excellent communication and interpersonal skills, with the ability to work effectively with a diverse team. Preferred Qualifications: Experience with DoD security requirements and systems. Familiarity with NIST, RMF, and other relevant cybersecurity standards. Ability to work in a potentially remote environment with occasional on-site requirements. Why Work with Data Intelligence, LLC? At Data Intelligence, LLC, we are committed to delivering cutting-edge technology solutions and security expertise to our government clients. Our team members play an integral role in the development and protection of critical national security systems. Join our team and contribute to the defense of vital information assets while advancing your career in a collaborative and rewarding environment. About Us: Data Intelligence, DI is an established small business that has supported the critical missions of our government clients since 2005. We provide full life cycle system development, systems engineering, cybersecurity, and supporting analytical and logistics support to C4ISR and other complex systems. We are an equal opportunity employer that offers competitive salaries, comprehensive benefits, a team-oriented environment, and opportunities for advancement. Our excellent employee retention record reflects our employee focus. We work with Veteran's organization to proactively hire those who have served our country. We offer medical, dental and vision insurance, 401k, PTO and 11 paid holidays. Data Intelligence is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status. Data Intelligence, DI is an established small business that has supported the critical missions of our government clients since 2005. We provide full life cycle system development, systems engineering, cybersecurity, and supporting analytical and logistics support to C4ISR and other complex systems. We are an equal opportunity employer that offers competitive salaries, comprehensive benefits, a team-oriented environment, and opportunities for advancement. Our excellent employee retention record reflects our employee focus. We work with Veteran's organization to proactively hire those who have served our country. We offer medical, dental and vision insurance, 401k, PTO and 11 paid holidays. Data Intelligence is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

Experience protocols, such as SAML 2.0, OAuth 2.0, etc. Experience Internet protocols Experience with cryptography, and PKI Additional Information All your information will be kept confidential according to EEO guidelines.

At Herren Associates, we're focused on driving innovation throughout the Federal landscape and in the business of turning insights into actions. Specializing in Cyber Security, Engineering and Management Consulting, our firm has a passion for fostering career progression and seeks to align motivated professionals with rewarding homes for their careers. With thirty years of experience supporting an array of clients throughout the Public Sector, we welcome you to learn more about our dynamic organization as we chart out a course for continued impact in the years to come.The Information System Security Officer (ISSO) will provide support for the DoD client's program by coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. Additionally, the ISSO will maintain operational security posture for information systems to ensure that security policies, standards, and procedures are adhered to. Requirements:• A Bachelor's degree in Computer Science, Cyber Security, Information Technology or related field of study• A minimum of five years of experience ensuring security compliance with RMF standards, along with experience conducting vulnerability and threat analysis• An active Security+ certification, along with one or more of the following certifications: CAP, CASP CE, CISM, CISSP, GSLC• An active Secret security clearance Herren Associates is an Equal Opportunity Employer.

ISSO Employment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: - Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. - Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. - Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). - Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. - Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. - Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. - Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. - Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: - Bachelor's Degree. - A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. - eMASS experience. - Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. - Strong desktop publishing skills using Microsoft Word and Excel. - Experience with industry writing styles such as grammar, sentence form, and structure. - Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: - CISSP, CASP, or a similar certificate is preferred. - Master's Degree in Cybersecurity or related field. - Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. - Demonstrated ability to work well independently and as a part of a team. - Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: ************************************* For more information about CGS please visit: ************************** or contact: Email: ******************* $92,213.33 - $125,146.66 a year

Mount Laurel, New Jersey, United States of America **Hours:** 40 **Pay Details:** 74,000 - 127,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. **Line of Business:** Technology Solutions **Job Description:** The Senior Information Security Analyst defines, develops and/or implements Technology Controls / Information Security related policies, programs, tools and provides specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank. Participates on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area. **Depth & Scope:** + Participates on projects of moderate to high complexity + Acts as a key resource and subject matter expert in at least one technology niche/ field and/or line of business + Advanced knowledge of one or more technology controls / security domains, disciplines and practices + Proficient to advanced knowledge of organization, technology controls / security/ risk issues **Education & Experience:** + Bachelor's degree preferred + Information security certification / accreditation an asset + 5-7 years of relevant experience **Customer Accountabilities:** + Understands and supports the Bank's Customer Service Strategy + Considers the impact of decisions on the well-being of TD, its Customers and stakeholders + Provides the highest level of Customer service when dealing with internal partners, vendors or our Customers - WOW at every opportunity + Models quality service delivery at every interaction + Leads and contributes to the ongoing improvement of the partner / Customer experience **Employee/Team Accountabilities:** + Be engaged in advancing and sustaining a unique, inclusive culture that reflects TD's diversity agenda, and create an extraordinary employee experience + Participates fully as a member of the team and contribute to a positive work environment + May provide leadership, training, and guidance to other team members + Ensures ongoing communication with the team on the status / progress of projects and issues / points of interest + Actively shares information and knowledge, and proactively learn from the expertise of others **Preferred Qualifications** **:** + Knowledge/Background: Knowledge of technology risk/cybersecurity, familiarity with regulatory oversight or audit + Skills: Strong written communication skills; ability to coordinate with multiple stakeholders at all levels, including senior executives; attention to detail + Certifications: Information Security certifications such as CRISC or CISA **Physical Requirements:** Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% + Domestic Travel - Occasional + International Travel - Never + Performing sedentary work - Continuous + Performing multiple tasks - Continuous + Operating standard office equipment - Continuous + Responding quickly to sounds - Occasional + Sitting - Continuous + Standing - Occasional + Walking - Occasional + Moving safely in confined spaces - Occasional + Lifting/Carrying (under 25 lbs.) - Occasional + Lifting/Carrying (over 25 lbs.) - Never + Squatting - Occasional + Bending - Occasional + Kneeling - Never + Crawling - Never + Climbing - Never + Reaching overhead - Never + Reaching forward - Occasional + Pushing - Never + Pulling - Never + Twisting - Never + Concentrating for long periods of time - Continuous + Applying common sense to deal with problems involving standardized situations - Continuous + Reading, writing and comprehending instructions - Continuous + Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. **Who We Are:** TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. **Our Total Rewards Package** Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more (*************************************** **Additional Information:** We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. **Colleague Development** If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. **Training & Onboarding** We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. **Interview Process** We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. **Accommodation** TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at *************** . Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process. Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.

Lead Info Security Engineer - (242429) Description Mitigates risk of the Health System's vulnerability to Cybersecurity attacks through the engineering/installation/management of a Security Information Event Management (SIEM) system. Participates in the implementation of the organization's strategic goals for information security. Participates in developing security standards/best practices for the organization. Recommends enhancements, as needed. Contributes to the development of strategies to respond to/recover from a security breach. Develops security awareness by providing orientation, educational programs, and on-going communication. Identifies/Installs/Manages applications necessary to protect sensitive information as needed or identified by the CISO. Assists computer users with installation/management of new security products/procedures. Identifies any weaknesses in the information security architecture which could be used to compromise information systems. Monitors systems/network for security breaches/intrusions using the SIEM system. In the event of a breach, participates in incident response activities to minimize the impact; assists with the technical/forensic investigation into how the breach occurred/extent of the damage. Reports findings to the CISO. EducationBachelors Degree : in Computer or Information Sciences (Required) Combination of relevant education and experience may be considered in lieu of degree. Experience3 Years experience in a system administration role supporting multiple platforms and applications. (Required)3 Years experience with risk assessment tools, technologies, and methods (Required) General Experience with communicating network security issues to peers and management (Required) Previous Experience with planning, researching and developing security policies, standards and procedures (Required) Previous Experience with several technical security disciplines such as System Information Event Management systems (SIEM), vulnerability management or security hardening (Required) License/CertificationsCISSP - Cert Info Sys Security Prof (Preferred) GCIH - GIAC Cert Incident Handler (Preferred) GPEN - GIAC Penetration Tester (Preferred) GCFE - GIAC Cert Forensic Examiner (Preferred)_ Your Tomorrow is Here!Temple Health is a dynamic network of outstanding hospitals, specialty centers, and physician practices that is advancing the fight against disease, pushing the boundaries of medical science, and educating future healthcare professionals. Temple Health consists of Temple University Hospital (TUH), Fox Chase Cancer Center, TUH-Jeanes Campus, TUH-Episcopal Campus, TUH-Northeastern Campus, Temple Physicians, Inc. , and Temple Transport Team. Temple Health is proudly affiliated with the Lewis Katz School of Medicine at Temple University. To support this mission, Temple Health is continuously recruiting top talent to join its diverse, 10,000 strong workforce that fosters a healthy, safe and productive environment for its patients, visitors, students and colleagues alike. At Temple Health, your tomorrow is here!Equal Opportunity Employer/Veterans/DisabledAn Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Your Tomorrow is Here!Temple Health is committed to setting new standards for preventing, diagnosing and treating major diseases in our community and across the nation. Achieving that goal means investing in our employees' success through staff and leadership development. Our recruitment strategy is to attract and retain a diverse, high performing workforce that fosters a healthy, safe and productive environment for our patients and colleagues alike. Primary Location: Pennsylvania-PhiladelphiaJob: Information TechnologySchedule: Full-time Shift: Day JobEmployee Status: Regular

in ONSITE in Pennsylvania. There is no relocation for the role. Our client is looking for a Chief Information Security Officer (CISO) to lead and elevate their cybersecurity program. This is a high-impact role for a seasoned leader who can balance strategic vision with hands-on execution. What You’ll Do: Create and Lead enterprise-wide information security strategy, policies, and governance. Manage cybersecurity risk across infrastructure, cloud, applications, and third-party vendors. Partner with IT, legal, compliance, and executive leadership to align security with business goals. Ensure compliance with regulatory requirements and industry standards. Develop and lead incident response plans, threat assessments, and recovery efforts. What You Bring: 10+ years of progressive experience in cybersecurity, including 5+ years in a senior leadership role. Proven success in a retail or consumer goods environment Deep understanding of cloud security, threat intelligence, and regulatory frameworks (e.g., PCI-DSS, NIST, ISO). Ability to lead teams, influence across the organization, and communicate risk to non-technical stakeholders. Relevant certifications such as CISSP, CISM, or CISA strongly preferred.

Flexible Work Arrangement: Hybrid The Sr. (Lead) Security Analyst is responsible for leading and coordinating activities related to compliance, documentation, verification, monitoring, and reporting for the NERC CIP (Critical Infrastructure Protection) standards. This individual develops and maintains policies, standards, procedures, and control activities by working closely with CIP Compliance business partners. This individual also verifies control design and effectiveness on a scheduled basis and develops submittals to regional entities and auditors. Essential Functions: Applies understanding of IT security in conjunction with NERC standards to develop effective strategies and work plans for PJM's NERC CIP program. Leads or participates in departmental and cross-functional projects to successful completion using project management approaches. Assists requirement owners in designing and implementing effective controls to ensure compliance with NERC CIP standards. Monitors and influences the development of new standards / new versions of standards and evaluates the impacts of the new /changed standards to PJM. Assists requirements owners with the transition process. Coordinates PJMs comments / balloting on all NERC CIP Standards related postings from FERC, NERC, RF and SERC. Verifies that the design of security controls for compliance with NERC CIP standards is effectively maintained. Lead or participate in the creation, modification, and implementation of control activities to ensure compliance with the NERC CIP standards. Reviews evidence of compliance and tests to ensure that the objectives of controls are being satisfied; identifies areas for improvement; and is an integral part of ensuring improvements are implemented. Works collaboratively with internal stakeholders by facilitating the assessment of new applications and new cyber assets to determine their criticality. Supports the automation of security control activities. Develops and implements detailed compliance reports for NERC CIP standards and control activities. Participates in policy, standard, and procedure reviews and updates. Participates in RSAW reviews and updates. Participates in industry calls as assigned. Leads training of internal personnel and presents compliance topics to members and industry stakeholders. Assesses new technologies and their associated security and compliance risks in order to put plans into place for mitigating these risks. Works to champion an understanding of the NERC CIP requirements as relative to PJM. Identifies, documents, and reports security risks as relative to NERC CIP standards. Conducts internal compliance reviews and coordinates self-reporting of potential violations. Assists control owners in the development and execution of mitigation plans. Ensures timely completion of all mitigation plan activities and facilitates evidence collection. Develops an understanding and assists in defining the obligations of PJM's affected Business Units to reasonably demonstrate compliance with the NERC CIP Standards. May assist other team members as assigned Other related duties as assigned Characteristics & Qualifications: Required: BS, Business Administration BS, Information Systems or equivalent work experience At least 5 years of experience in the field of Information Security, Information Systems Auditing, Information Technology At least 5 years of experience auditing/compliance, security, and/or information technology Ability to produce high-quality work products with attention to detail Ability to communicate effectively in a team environment Experience in quantitative and qualitative analysis Experience using verbal and written communications skills Ability to use Microsoft Office Suite (MS-Word, MS-Excel and MS-PowerPoint) Ability to produce high-quality work products with attention to detail Ability to visualize and solve complex problems Experience with FERC, NERC CIP and RFC compliance Experience in information security, access control systems, encryption, and related applications Experience with conducting an annual security assessment to identify risk and vulnerabilities and develop recommendations for senior management based on results Preferred: MBA, Business Administration MS, Information Systems Experience with PJM operations, markets, and planning functions Experience supporting any of PJM Committees Experience with PJM operations, markets, and planning functions Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP)

Experience protocols, such as SAML 2.0, OAuth 2.0, etc. Experience Internet protocols Experience with cryptography, and PKI Additional Information All your information will be kept confidential according to EEO guidelines.

Flexible Work Arrangement: Hybrid The Sr. (Lead) Security Analyst is responsible for leading and coordinating activities related to compliance, documentation, verification, monitoring, and reporting for the NERC CIP (Critical Infrastructure Protection) standards. This individual develops and maintains policies, standards, procedures, and control activities by working closely with CIP Compliance business partners. This individual also verifies control design and effectiveness on a scheduled basis and develops submittals to regional entities and auditors. Essential Functions: * Applies understanding of IT security in conjunction with NERC standards to develop effective strategies and work plans for PJM's NERC CIP program. * Leads or participates in departmental and cross-functional projects to successful completion using project management approaches. * Assists requirement owners in designing and implementing effective controls to ensure compliance with NERC CIP standards. * Monitors and influences the development of new standards / new versions of standards and evaluates the impacts of the new /changed standards to PJM. Assists requirements owners with the transition process. * Coordinates PJMs comments / balloting on all NERC CIP Standards related postings from FERC, NERC, RF and SERC. * Verifies that the design of security controls for compliance with NERC CIP standards is effectively maintained. * Lead or participate in the creation, modification, and implementation of control activities to ensure compliance with the NERC CIP standards. * Reviews evidence of compliance and tests to ensure that the objectives of controls are being satisfied; identifies areas for improvement; and is an integral part of ensuring improvements are implemented. * Works collaboratively with internal stakeholders by facilitating the assessment of new applications and new cyber assets to determine their criticality. * Supports the automation of security control activities. * Develops and implements detailed compliance reports for NERC CIP standards and control activities. * Participates in policy, standard, and procedure reviews and updates. * Participates in RSAW reviews and updates. * Participates in industry calls as assigned. * Leads training of internal personnel and presents compliance topics to members and industry stakeholders. * Assesses new technologies and their associated security and compliance risks in order to put plans into place for mitigating these risks. * Works to champion an understanding of the NERC CIP requirements as relative to PJM. * Identifies, documents, and reports security risks as relative to NERC CIP standards. * Conducts internal compliance reviews and coordinates self-reporting of potential violations. Assists control owners in the development and execution of mitigation plans. Ensures timely completion of all mitigation plan activities and facilitates evidence collection. * Develops an understanding and assists in defining the obligations of PJM's affected Business Units to reasonably demonstrate compliance with the NERC CIP Standards. * May assist other team members as assigned * Other related duties as assigned Characteristics & Qualifications: Required: * BS, Business Administration * BS, Information Systems or equivalent work experience * At least 5 years of experience in the field of Information Security, Information Systems Auditing, Information Technology * At least 5 years of experience auditing/compliance, security, and/or information technology * Ability to produce high-quality work products with attention to detail * Ability to communicate effectively in a team environment * Experience in quantitative and qualitative analysis * Experience using verbal and written communications skills * Ability to use Microsoft Office Suite (MS-Word, MS-Excel and MS-PowerPoint) * Ability to produce high-quality work products with attention to detail * Ability to visualize and solve complex problems * Experience with FERC, NERC CIP and RFC compliance * Experience in information security, access control systems, encryption, and related applications * Experience with conducting an annual security assessment to identify risk and vulnerabilities and develop recommendations for senior management based on results Preferred: * MBA, Business Administration * MS, Information Systems * Experience with PJM operations, markets, and planning functions * Experience supporting any of PJM Committees * Experience with PJM operations, markets, and planning functions * Certified Information Systems Auditor (CISA) * Certified Information Security Manager (CISM) * Certified Information Systems Security Professional (CISSP)