Security architect jobs in Avondale, AZ

- 101 jobs

All

Security Architect

Senior Security Analyst

Information Security Engineer

Security Engineer

Senior Security Engineer

Senior Information Security Engineer

Senior Information Security Analyst

Information Systems Security Officer

Senior Information Security Consultant

SAP Security Consultant

Information Security Officer

Sr. Security Analyst - Perimeter Security Team
Edward Jones 4.5
Security architect job in Tempe, AZ
Innovate here. And see your ideas come to life. It's an exciting time to work in tech at Edward Jones. We are making massive investments in emerging technologies to improve how we work with our clients and with each other. Relationships are the focus of our business model. And working in Technology here means using your skills to build, deliver and maintain the technologies that enable us to deepen and support those relationships. The best part? We develop and create our own industry-leading solutions internally. And you can be a part of it. Working with emerging new technologies. Creating platforms, programs and experiences that change how we work together - and support our client-first focus. Changing the future of our firm, the industry and the advisor-client relationship. Job Overview Position Schedule: Full-Time This job posting is anticipated to remain open for 30 days, from 01-Dec-2025. The posting may close early due to the volume of applicants. Team Overview: As a Security Analyst you will work independently to manage 1 - 2 platforms within a product team and collaborate with colleagues to solve routine to difficult engineering challenges. You will ensure that all platforms within your span of responsibility meet your customer's requirements; are designed, built, documented, and maintained in adherence with the Firm's standards and architectural patterns; and are managed to the highest level for performance, stability, and security. As a Security Engineer you deeply understand network architecture and data flows, proxy solutions, remote access platforms and have the ability and drive to solve complex issues and manage competing priorities. What You'll Do: Identify and implement opportunities to improve solutions and ensure system availability while maintaining acceptable risk levels for the firm to remain in compliance with industry regulations and security framework. Serve as a subject matter expert for proxy and intrusion prevention platforms, remote access connectivity, zero-trust, and network security monitoring. Lead and oversee the solution design lifecycle for Zscaler and IPS, including stakeholder requirement gathering and prioritization, alignment with architectural standards and best practices, implementation planning, implementation execution, documentation completeness, and ongoing health monitoring and maintenance. Provide design thinking and oversight for Zscaler and IPS to ensure cohesiveness, completeness, and effectiveness of the platform; and provide feedback to the Team Lead on the overall direction of the technology stack. Continue to implement new features and performance improvements for Zscaler and IPS in partnership with key stakeholders. Adhere to frameworks and processes for cohesive change management, health monitoring, performance monitoring, stability, and backups across the product space. Support technology incidents including: triaging technology services performance segregation or outages, performing root cause analysis across a complex environment, and identifying short and long-term solutions while operating in stressful and time sensitive situations. Effectively communicate with peers and leaders to ensure the awareness of progress, the awareness of challenges, the identification and escalation of risks, and the impact of ongoing security work. Including the ability to clearly discuss complex technical or security topics with a non-technical audience. Establish and maintain effective communications and relationships across key departments, business areas, and vendors. Including supporting engagements with key vendors to ensure the correct level of support to the Firm and drive solution roadmaps to meet Firm needs. Mentor and coach less senior team members and represent the Firm across the financial service's information security community through industry forums, working groups, and conference presentations. Edward Jones' compensation and benefits package includes medical and prescription drug, dental, vision, voluntary benefits (such as accident, hospital indemnity, and critical illness), short- and long-term disability, basic life, and basic AD&D coverage. Short- and long-term disability, basic life, and basic AD&D coverage are provided at no cost to associates. Edward Jones offers a 401k retirement plan, and tax-advantaged accounts: health savings account, and flexible spending account. Edward Jones observes ten paid holidays and provides 15 days of vacation for new associates beginning on January 1 of each year, as well as sick time, personal days, and a paid day for volunteerism. Associates may be eligible for bonuses and profit sharing. All associates are eligible for the firm's Employee Assistance Program. For more information on the Benefits available to Edward Jones associates, please visit our benefits page. Hiring Minimum: $84100 Hiring Maximum: $143100 Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act. Edward Jones is prohibited from hiring individuals with certain specified criminal history as set forth in Section 3(a)(39) and 15(b)(4) and Rule 17a-3(a)(12) of the Securities and Exchange Act of 1934, and conducts background reviews consistent with FINRA Rule 3110(e). A copy of a notice regarding the provisions of the Los Angeles County Fair Chance Ordinance is available at: dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notice-Eng-Final-8.30.2024.pdf. Read More About Job Overview Skills/Requirements What Experience You'll Need: Degree in Cyber Security, Computer Science, Computer Engineering, or Information Systems or related field preferred; or equivalent training and certifications (A+, Net+, Sec+, SANS, Cloud, etc), or related work experience 3-5 years of managing enterprise class proxy solutions, remote access solutions, network security platforms, on-prem and cloud data centers. Experience in a variety of technical fields including software, infrastructure, and security engineering at an enterprise level. This experience gives you deep understanding of the full stack required to deliver and operate software and platforms at an enterprise level. Understanding of core enterprise technology platforms including: infrastructure, software, data, cloud and cloud native platforms, microservices, API management, event streaming, CI/CD pipelines. Experience with core enterprise level information security components, principles, practices, and procedures. Including common technology stack components, deep knowledge of threats and adversary tactics, and experience managing regulatory requirements and common frameworks used by security teams within the Financial Industry. Understanding of core enterprise best practices, including: security risk management, architecture diagrams and documentation, digital transformation, change management, crisis management, business continuity, disaster recovery, and observability. Experienced in designing and building highly scalable, distributed & secure solutions that run in a cloud environment such as Azure, AWS, or GCP. Including demonstrated proficiency in deploying infrastructure as code through Terraform, Ansible, or similar technologies. Experience with managing and delivering on stakeholder requirements in a way that balances design functionality, cost optimization, and production support considerations. Advanced experience with writing code/scripts in at least one language (Python, PowerShell, Bash, Go, etc) Demonstrated competency with reading and generating architectural diagrams and maintaining full and accurate documentation of software, systems, and platforms. Strong understanding of observability, performance monitoring, and root cause analysis principles to perform continuous platform improvements or quickly troubleshoot and restore services in a case of disruption. Experience working with Product Teams and Agile methodology and practices Demonstrated proficiency with proxy solutions and zero trust methodologies Demonstrated proficiency with network security best practices Candidates that live within in a commutable distance from our Tempe, AZ and St. Louis, MO home office locations are expected to work in the office three days per week, with preference for Tuesday through Thursday. Current INTERNAL home-based associates: While this role is posted as hybrid, if selected and accepted, you may retain your home-based status. Edward Jones intends in good faith to continue offering the role as home-based, though future business or regulatory needs may require on-site work. Read More About Skills/Requirements Awards & Accolades At Edward Jones, we are building a place where everyone feels like they belong. We're proud of our associates' contributions to the firm and the recognitions we have received. Check out our U.S. awards and accolades: Insights & Information Blog Postings about Edward Jones Check out our Canadian awards and accolades: Insights & Information Blog Postings about Edward Jones Read More About Awards & Accolades About Us Join a financial services firm where your contributions are valued. Edward Jones is a Fortune 500¹ company where people come first. With over 9 million clients and 20,000 financial advisors across the U.S. and Canada, we're proud to be privately-owned, placing the focus on our clients rather than shareholder returns. Behind everything we do is our purpose: We partner for positive impact to improve the lives of our clients and colleagues, and together, better our communities and society. We are an innovative, flexible, and inclusive organization that attracts, develops, and inspires performance excellence and a sense of belonging. People are at the center of our partnership. Edward Jones associates are seen, heard, respected, and supported. This is what we believe makes us the best place to start or build your career. View our Purpose, Inclusion and Citizenship Report. ¹Fortune 500, published June 2024, data as of December 2023. Compensation provided for using, not obtaining, the rating. Edward Jones does not discriminate on the basis of race, color, gender, religion, national origin, age, disability, sexual orientation, pregnancy, veteran status, genetic information or any other basis prohibited by applicable law. #LI-HO
$84.1k-143.1k yearly 4d ago
Senior Security Engineer - IAM Analyst
Edward Jones 4.5
Security architect job in Tempe, AZ
Innovate here. And see your ideas come to life. It's an exciting time to work in tech at Edward Jones. We are making massive investments in emerging technologies to improve how we work with our clients and with each other. Relationships are the focus of our business model. And working in Technology here means using your skills to build, deliver and maintain the technologies that enable us to deepen and support those relationships. The best part? We develop and create our own industry-leading solutions internally. And you can be a part of it. Working with emerging new technologies. Creating platforms, programs and experiences that change how we work together - and support our client-first focus. Changing the future of our firm, the industry and the advisor-client relationship. Job Overview Position Schedule: Full-Time This job posting is anticipated to remain open for 30 days, from 01-Dec-2025. The posting may close early due to the volume of applicants. Team Overview: As an IAM Analyst you will work independently to identify and define IAM solution requirements for both existing capabilities and the expansion of new features. You will ensure that all platforms within your span of responsibility meet your customer's requirements; designed, built, documented, and maintained in adherence with the Firm's standards and architectural patterns; and are managed to the highest level for performance, stability, and security. Serving as a Security practicioner, you will bring deep industry knowledge and experience to understand the threat landscape and use that knowledge to shape the platforms that the Firm depends on for critical identity lifecycle functions. In this role you will regularly engage in leading-edge technology initiatives, including research, vetting, and adoption of emerging technologies, tools and methodologies in alignment with the overall security strategy. What You'll Do: Identify and implement opportunities to improve solutions that combat advanced and relevant threats while considering integration into the environment, stability, availability, disaster recovery, and cost-effectiveness. Serve as a subject matter expert for the identity management platform (Saviynt) and be a key contributor to stabilization and expansion efforts. Lead conversations centered on solving for complex business requirements in solution designs, and ensuring compliance with internal standards, policies, and regulatory requirements. Identify potential gaps in existing IAM processes or systems and recommending solutions to improve security and efficiency. Manage SOX compliance, auditing, and access review processes. Collaborate with internal teams and stakeholders to understand requirements and develop solutions. Effectively document solutions and configurations for future reference. Produce, maintain, and facilitate distribution of training resources to effectively empower key stakeholders with the information needed to meet Firm objectives and/or drive adoption of new processes. Establish and maintain effective communications and relationships across key departments, business areas, and vendors, including supporting engagements with key vendors to ensure the correct level of support to the Firm and drive solution roadmaps to meet Firm expectations. Creating and maintaining documentation for IAM processes, procedures, solution designs, requirements, etc. Edward Jones' compensation and benefits package includes medical and prescription drug, dental, vision, voluntary benefits (such as accident, hospital indemnity, and critical illness), short- and long-term disability, basic life, and basic AD&D coverage. Short- and long-term disability, basic life, and basic AD&D coverage are provided at no cost to associates. Edward Jones offers a 401k retirement plan, and tax-advantaged accounts: health savings account, and flexible spending account. Edward Jones observes ten paid holidays and provides 15 days of vacation for new associates beginning on January 1 of each year, as well as sick time, personal days, and a paid day for volunteerism. Associates may be eligible for bonuses and profit sharing. All associates are eligible for the firm's Employee Assistance Program. For more information on the Benefits available to Edward Jones associates, please visit our benefits page. Hiring Minimum: $99200 Hiring Maximum: $168900 Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act. Edward Jones is prohibited from hiring individuals with certain specified criminal history as set forth in Section 3(a)(39) and 15(b)(4) and Rule 17a-3(a)(12) of the Securities and Exchange Act of 1934, and conducts background reviews consistent with FINRA Rule 3110(e). A copy of a notice regarding the provisions of the Los Angeles County Fair Chance Ordinance is available at: dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notice-Eng-Final-8.30.2024.pdf. Read More About Job Overview Skills/Requirements What Experience You'll Need: Minimum 4-5 years experience In-depth understanding of Saviynt product functionality, including provisioning, access certification, SOD, analytics, RBAC, workflow, email notifications, etc. Experience designing JML flows for Saviynt automation. Experience integrating applications with Saviynt using various connectors. Solid understanding of workflows in ARS and the ability to leverage Saviynt analytics tools. Experience managing SOX compliance, auditing, and access review processes within Saviynt. Experience with configuration management of Rules Technical Users, UI Global Configurations, Backend configurations, and GSP files. Excellent written and verbal communication skills. Experience with APIs and integrations Strong analytical and problem-solving skills Excellent communication and collaboration skills Experience using ticketing systems (e.g., Jira) **Candidates that live within in a commutable distance from our Tempe, AZ and St. Louis, MO home office locations are expected to work in the office three days per week, with preference for Tuesday through Thursday.** Current INTERNAL home-based associates: While this role is posted as hybrid, if selected and accepted, you may retain your home-based status. Edward Jones intends in good faith to continue offering the role as home-based, though future business or regulatory needs may require on-site work. Read More About Skills/Requirements Awards & Accolades At Edward Jones, we are building a place where everyone feels like they belong. We're proud of our associates' contributions to the firm and the recognitions we have received. Check out our U.S. awards and accolades: Insights & Information Blog Postings about Edward Jones Check out our Canadian awards and accolades: Insights & Information Blog Postings about Edward Jones Read More About Awards & Accolades About Us Join a financial services firm where your contributions are valued. Edward Jones is a Fortune 500¹ company where people come first. With over 9 million clients and 20,000 financial advisors across the U.S. and Canada, we're proud to be privately-owned, placing the focus on our clients rather than shareholder returns. Behind everything we do is our purpose: We partner for positive impact to improve the lives of our clients and colleagues, and together, better our communities and society. We are an innovative, flexible, and inclusive organization that attracts, develops, and inspires performance excellence and a sense of belonging. People are at the center of our partnership. Edward Jones associates are seen, heard, respected, and supported. This is what we believe makes us the best place to start or build your career. View our Purpose, Inclusion and Citizenship Report. ¹Fortune 500, published June 2024, data as of December 2023. Compensation provided for using, not obtaining, the rating. Edward Jones does not discriminate on the basis of race, color, gender, religion, national origin, age, disability, sexual orientation, pregnancy, veteran status, genetic information or any other basis prohibited by applicable law. #LI-HO
$99.2k-168.9k yearly 3d ago
Bank Information Security Governance Senior
USAA 4.7
Security architect job in Glendale, AZ
Why USAA? At USAA, our mission is to empower our members to achieve financial security through highly competitive products, exceptional service and trusted advice. We seek to be the #1 choice for the military community and their families. Embrace a fulfilling career at USAA, where our core values - honesty, integrity, loyalty and service - define how we treat each other and our members. Be part of what truly makes us special and impactful. The Opportunity We are seeking a dedicated Bank Information Security Governance Senior. We offer a flexible work environment that requires an individual to be in the office 4 days per week. This position can be based in our Phoenix, AZ; San Antonio, TX; Plano, TX; Colorado Springs, CO; Chesapeake, VA; Charlotte, NC or Tampa, FL offices. Relocation assistance is not available for this position. What you'll do: Supports the first line of defense in ensuring the effectiveness of Information Security (IS) governance, IS risk management, and compliance programs within the Bank Technology Office. Collaborates with Information Technology (IT) and IS teams, business stakeholders, Compliance, Risk Management, Audit Services, and external parties to support IS governance and IS risk and compliance-based initiatives. Acts as a key liaison between the Association's IS function and various Bank business units, ensuring alignment with enterprise security policies and standards. Continuously monitors IS environments to identify emerging risks related to cybersecurity, infrastructure, applications, and third-party services. Provides consultative services across Bank. Provides expert insights on the development, implementation, and continuous improvement of IT governance frameworks (e.g., COBIT, ITIL) tailored to the Bank organization's specific needs and strategic objectives. Analyzes incident trends and control gaps to anticipate potential risk scenarios and recommend preventive measures. Conducts forward-looking risk assessments for new technology initiatives, system changes, and digital transformation projects. Analyzes incident trends and control gaps to anticipate potential risk scenarios and recommend preventive measures. Partners with and leads IT/IS teams to embed IS risk considerations early in the project lifecycle and ensure timely mitigation strategies. Leads the development, implementation, and continuous improvement of IT governance frameworks (e.g., COBIT, ITIL) tailored to the organization's specific needs and strategic objectives. Defines, maintains, and enforces IS policies, standards, and procedures to ensure compliance with relevant laws, regulations, and industry best practices. Ensures IS risk compliance with legal, regulatory, and contractual requirements, coordinating audits and assessments. Provides governance oversight for IS related initiatives, ensuring they adhere to established standards, policies, and risk management practices. Mentors junior members of the IS governance team, providing guidance and support in their professional development. Enhances, and maintains awareness of the risk governance framework and its elements (RCSA). Performs root cause analysis to determine likelihood, impact, and mitigation approaches of identified risks. Prepares metrics reporting and participates in the metrics refresh process. Maintains awareness of cloud computing principles and AI and understands potential IS risks inherent within this discipline. Ensures risks associated with business activities are effectively identified, measured, monitored, and controlled in accordance with risk and compliance policies and procedures. What you have: Bachelor's degree in Information Technology, Computer Science, Business Administration, or a related field; OR 4 years of related experience (in addition to the minimum years of experience required) may be substituted in lieu of degree. 6 years experience supporting IS governance, IS risk management, compliance, or IT audit activities In-depth knowledge and application of IT governance frameworks such as COBIT, ITIL, ISO 27001, and NIST, CIS Controls and CMMC Experience working on and implementing IT and/or IS policies, standards, and procedures. Experience leading and coordinating IS audits and assessments and ensuring compliance with regulatory requirements. A strong understanding of regulatory and compliance requirements applicable to the organization. Ability to interpret complex IT/IS environments and detect early warning signals. Experience in identifying potential failure points and simulating risk scenarios. Proficiency in using data to identify trends, anomalies, and emerging risks. Understanding of cloud, cybersecurity, and digital transformation risks. Ability to articulate risk insights and influence stakeholders to take preventive actions. Familiarity with GRC platforms, vulnerability management tools, and risk dashboards. What sets you apart: Information Technology or Security certifications (e.g., CISA, CRISC, CISM, CISSP, CGEIT, CIA, NIST, COBIT, etc.). Familiarity with financial institutions regulations (GLBA, FFIEC Handbooks, PCI DSS) Work experience in highly regulated work environments including other large financial institutions Experience with data-driven analysis using AI tools and collaborating to drive process innovation Highly self-motivated individual capable of working independently and proactively handling their workload with minimal direct supervision. Strong analytical skills and demonstrated experience collaborating effectively with leadership at all levels within an organization. Compensation range: The salary range for this position is: $114,080-$218,030. USAA does not provide visa sponsorship for this role. Please do not apply for this role if at any time (now or in the future) you will need immigration support (i.e., H-1B, TN, STEM OPT Training Plans, etc.). Compensation: USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive. You are paid within the salary range based on your experience and market data of the position. The actual salary for this role may vary by location. Employees may be eligible for pay incentives based on overall corporate and individual performance and at the discretion of the USAA Board of Directors. The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job. Benefits: At USAA our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness. These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs. Additionally, our career path planning and continuing education assists employees with their professional goals. For more details on our outstanding benefits, visit our benefits page on USAAjobs.com. Applications for this position are accepted on an ongoing basis, this posting will remain open until the position is filled. Thus, interested candidates are encouraged to apply the same day they view this posting. USAA is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
$114.1k-218k yearly Auto-Apply 1d ago
Senior Cloud Security Engineer
Irvine Technology Corporation
Security architect job in Scottsdale, AZ
We are seeking a Senior Cloud Security Engineer to join our client for a full-time, direct hire role that will be hybrid in Scottsdale, AZ. This role will design, deploy, and manage security technologies and modern automation tools for the enforcement of security controls across private and public cloud service platforms. Location: Hybrid in Scottsdale, AZ (4 days onsite) Compensation: This job is expected to pay about $130,000-150,000 plus benefits Relocation Assistance Available What You'll Do: Design, implement, and maintain custom and native security services across large-scale hybrid multi-cloud environments. Automate and orchestrate secure cloud migrations and operations using configuration management tools and workflows. Partner with architecture, engineering, and operations teams to deploy security controls aligned with business strategies and industry standards (NIST, CIS, ISO 27001/31000, CSA). Manage PKI services, certificate lifecycle, cryptographic solutions, SSH key management, CSPM, and CWPP platforms. Integrate DevSecOps practices into CI/CD pipelines, including vulnerability scanning (SAST, DAST, SCA), IaC scanning, and secure coding guidance. Maintain CSPM vulnerability dashboards for multi-cloud environments; generate compliance and leadership reports. Configure and optimize WAF, DDoS, and bot protection policies. Collaborate with SOC to develop Splunk event management, integrate cloud/SaaS logs, and enhance security alerting. Contribute to enterprise security standards, documentation, and architecture diagrams. Provide Tier III/IV support, knowledge transfer, and escalation for security and network operations. What Gets You the Job: 5+ years in cloud security and/or IT security engineering. Expertise in AWS, Azure, Salesforce, and Google Cloud; strong SaaS and application workload security knowledge. Background in Windows Server, Linux (RHEL), Apache, SAP Hybris, MySQL, Tomcat, and native cloud services. Strong understanding of network/web protocols (TCP/IP, UDP, IPSEC, HTTP/S, routing). Proficient in automation/scripting with Java, JSON, Python, Bash, or similar. 4+ years with LDAP/AD, cloud identity federation, OIDC/OAuth2, and SAML2 SSO. Skilled in PKI, certificate lifecycle, cryptographic solutions, and SSH key management. Knowledge of DevOps, Jenkins CI/CD, BitBucket, and secure coding practices for common vulnerabilities. Please send your resume to Hannah Xu, Senior Technical Recruiter for immediate consideration. Irvine Technology Corporation (ITC) is a leading provider of technology and staffing solutions for IT, Security, Engineering, and Interactive Design disciplines servicing startups to enterprise clients, nationally. We pride ourselves in the ability to introduce you to our intimate network of business and technology leaders - bringing you opportunity coupled with personal growth, and professional development! Join us. Let us catapult your career! Irvine Technology Corporation provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Irvine Technology Corporation complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.
$130k-150k yearly 5d ago
Information Security Architect
Forhyre
Security architect job in Phoenix, AZ
Job Description We are looking for a Lead Information Security Architect who will be responsible for developing and maintaining a comprehensive information security architecture program and representing information security requirements for all technology solutions and business processes covering multiple technical disciplines, such as systems & networking infrastructure, DevOps, security, business applications, cloud security, and data architecture. The role oversees cybersecurity for our company's digital products, including software, firmware or products that contain code. This includes implementing a product security program designed to address cybersecurity across all stages of the product life cycle. This role identifies and oversees the mitigation of technical and operational threats; analyzes the security, supportability, and feasibility of new technology; and ensures conformance with regulatory guidelines and industry best practices. This position requires an extremely high level of analytical problem-solving skills to diagnose and resolve complex technical issues in addition to superlative process management and communication skills. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. To be Successful in this Role Develop an architectural vision to support the continued growth of the product suite Working knowledge of Data Security Best Practices: At Rest, In Flight, In Use Experience with privacy-enhancing technologies and encryption techniques. Working knowledge of cloud security architecture strategies, frameworks, and reference models Proven ability to develop effective partnerships with senior management and peer organizations. Must be able to explain technical concepts and problems to nontechnical senior executives Ability to build Risk Models and analyze security weaknesses in complex technology deployments. Provide security expertise and direction on projects related to cloud architecture and design, implementation, maintenance, governance, and risk management Work with governance teams to establish automated processes and best practices for AWS, Azure IAM policies, roles, identity federation, etc. Conduct automated (preferred) or manual security validation of cloud templates and/or cloud infrastructure Collaborate with business units and corporate partners to ensure they build solutions consistent with the organization's policies, programs, architectural recommendations, and information security standards Develop, establish, enforce, and sustain the Information Security Architecture, including standards and guidelines for infrastructure solutions and technologies, integration methodologies and practices, development processes, hardware platforms, and enterprise data design. Partner with stakeholders in building and implementing a robust, scalable, and agile information security architecture Partner with stakeholders in assessing the IT application & infrastructure portfolios today and design and execute the future state strategy to meet business objectives going forward. Make recommendations on the strategic use of technology for leveraging business results and work with stakeholders to incorporate these recommendations into appropriate roadmaps and life cycle plans. Anticipate and ensure alignment with long-term business requirements, ensuring identified change is reflected in the appropriate roadmaps, providing thought leadership both internally and externally Minimize the number of architectural components and total cost of ownership while maintaining maximum of functional flexibility, reliability, and security. Must be able to balance the role of strategist with urgency while simultaneously managing and delivering results in a growing and fast-paced environment. Must demonstrate the ability to manage via influence and have the credibility and interpersonal skills to become respected as a thought leader. Must be capable of articulating pragmatic, sensible, and simple solutions while executing across multiple business and technical perspectives. Act as a role model for service mentality, building long-term relationships with key internal customers and stakeholders, while remaining receptive to the customer's needs Facilitate and steward the documenting of the architecture design and analysis work, including the capture and mapping of the relationships between architecture components. You Will Have 8+ years' experience dedicated to information security architecture required with expert knowledge in building defense in-depth reference architecture Required industry security certification (e.g., CISSP, CISM, CISA, CCSP, etc.) Familiarity with information management practices, system development life cycle management, IT services management, agile and lean methodologies, infrastructure, and operations. Knowledge of business ecosystems, SaaS, infrastructure as a service (IaaS), platform as a service (PaaS), SOA, APIs, open data, microservices, event-driven IT and predictive analytics. Hands-on experience with Cloud Technologies AWS, Azure & GCP Good understanding of security management solutions, including IDS, IPS, SIEM, Vulnerability Scanning, Denial of Service, and Continued Compliance Experience with attacks and mitigation methods, with experience working in two or more of the following: Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, OS X, Android); Web application and browser security; Security assessments and penetration testing; Authentication and access control; Applied cryptography and security protocols; Security monitoring and intrusion detection, Incident response and forensics; Development of security tools, automation or frameworks Experience in managing and contributing to incident response Extensive experience in developing strategic information security plans, including the development of baseline security standards, information system hardening guides, and information security requirements documentation. Excellent analytical skills, organizational, time management, and problem-solving skills are essential.is work, including the capture and mapping of the relationships between architecture components.
$108k-159k yearly est. 17d ago
Application Security Architect
Cross Boarder Talents
Security architect job in Tempe, AZ
Summary of This Role Responsibilities range from auditing code, architecture and databases used in custom-developed web and cloud applications, to testing for common application level vulnerabilities, weaknesses, and providing both vulnerability analysis and development advise for application hardening. Applicant must possess a strong background in software development, secure coding techniques, secure architecture, software security frameworks, common weaknesses and vulnerability analysis. Candidate should have experience securing web and mobile applications, APIs, micro-services, containers, cloud and cloud-hybrid architectures. Responsibilities include: • Working with application development and QA teams across multiple products to: Review, evaluate and prioritize vulnerability findings • Provide SME support on secure code implementation, design and architecture. • Threat-modeling & risk analysis • Training • Participate in providing annual OWASP & PCI training for developers • Helps maintain updated Secure Coding Best Practices • Common application level vulnerabilities • Risk Management • Findings/vulnerability prioritization • Mitigation strategy • Controls Evaluation - Review, validate, recommend and create standards • Review of open-source development libraries for security risks • Web application firewall (WAF) rule development and implementation • Security technologies review and recommendations REQUIREMENTS • Qualifications: Bachelors of Computer Science or similar - 6 or more years of experience in applying Information Security best practices to Information Technology assets plus 5 or more years of experience with software development. • Experience with static and dynamic vulnerability identification using industry leading scanning tools and manual code reviews - • Experience with the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them - Solid understanding of Information Security in general and the specific behaviors that would secure TSYS information assets - • Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand; and ability to effectively communicate with both non-technical and technical people - • Strong problem solving with the ability to methodically and objectively analyze and resolve Information Security challenges - Ability to work well inside and outside the team. ******Please be inform that at this time all the positions do not have any relocation package, or the flexibility to work remotely, and do not offer any work permit, all the candidates must have their own authorization paper work. Interested! Send your updated CV and answer the questions below: 1) Have you ever worked or applied to this company before? 2) How far are you from the location? Where are you located? 3) What are your salary expectations for this position? 4) Are you a US citizen or a green card holder? (the company will not provide any work visa, they must have their own) 5) How many years of experience do you have in this industry? 6) Why are you looking for a new opportunity
$108k-159k yearly est. 60d+ ago
Cloud Security Architect
Tata Consulting Services 4.3
Security architect job in Phoenix, AZ
Job Title : Cloud Security Architect - Service Cert Threat Modeling Experience Required - 7+ Years Must Have Technical/Functional Skills The Cloud Security Pattern Architect provides expertise to assess and certify cloud services for secure use within the organization. The role is responsible for documenting approved security patterns and embedding them into the threat modelling platform. This work ensures that cloud services are consistently evaluated, aligned with security and compliance requirements, and supported by reusable patterns. Strong understanding of cloud security architectures across AWS, GCP, or Azure. * Familiarity with application security and security control frameworks such as MITRE CAPEC and CWE, NIST 800-53, ISO 27001, or CIS Controls. * Practical experience in threat modeling Roles & Responsibilities 1. Cloud Service Assessment and Certification * Evaluate cloud services against internal and external security requirements and control frameworks. * Identify relevant threats, mitigations, and assurance evidence. * Support the formal certification of services by producing assessment documentation. 2. Security Pattern Development * Develop security patterns for approved cloud services and configurations. * Ensure each pattern includes defined threats, mitigations, and implementation guidance. * Structure patterns for consistency, clarity, and ease of consumption. 3. Threat Modeling Platform Integration * Model patterns in the threat modeling tool, for the target audience, maintaining data quality and traceability. * Align threat and control mappings within the tool to the organization's assurance framework. 4. Collaboration and Continuous Improvement * Work with architecture, security, and compliance teams to streamline service certification. • Review updates from cloud providers and revise patterns as required. * Provide knowledge transfer and guidance on using patterns effectively. Cloud security certifications (e.g., AWS Certified Security - Specialty, Azure Security Engineer Associate). * Prior work developing or maintaining threat libraries or security control mappings. Salary Range - $100,000 to $130,000 per year TCS Employee Benefits Summary: Discretionary Annual Incentive. Comprehensive Medical Coverage: Medical & amp; Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans. Family Support: Maternal & Parental Leaves. Insurance Options: Auto & Home Insurance, Identity Theft Protection. Convenience & Professional Growth: Commuter Benefits & Certification & Training Reimbursement. Time Off: Vacation, Time Off, Sick Leave & Holidays. Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing. #LI-JS2
$100k-130k yearly 31d ago
F-35 Information System Security Officer - Luke AFB, AZ (Early Career)
Lockheed Martin 4.8
Security architect job in Glendale, AZ
What We're Doing: Lockheed Martin's, Rotary & Mission Systems (LM RMS), F-35 Cyber Security invites you to step up to one of today's most daunting challenges: the protection of exquisite government capabilities leading to warfighter supremacy against our peer and near peer adversaries. As a cybersecurity professional at Lockheed Martin, you'll safeguard the sensitive information and warfighting capabilities that our citizens and the world depend upon to protect U.S. and ally interests. Here, you'll work alongside other cybersecurity experts, related departments, and military members to support the military operational objectives by providing them with a safe and secure operating environment. In this fast-paced, real-world environment, you'll draw on all your education and experience as well as the resources of Lockheed Martin to keep these exquisite capabilities protected. The Work: This Information System Security Officer (ISSO) position will support the Information System Security Manager (ISSM) in developing, maintaining and overseeing the cybersecurity of assigned classified and/or unclassified F-35 systems at Luke AFB. Typical ISSO responsibilities include but are not limited to: Ensuring required cybersecurity controls are implemented and validated, to include continuous monitoring actions for assigned systems. Supporting the development and maintenance of cybersecurity related plans and procedures. Monitoring for non-compliance, anomalous activity (i.e., threats), and effectively reporting such activity and associated risks. Ensuring POA&Ms or remediation plans are in place for vulnerabilities identified during monitoring activity, audits, inspections, etc. and implementing, or overseeing, corrective actions. Creating, collecting and retaining data to meet reporting requirements. Monitoring and correlating data (i.e., events) from a variety of sources (e.g., Splunk, ELA, ePO, ACAS, etc.) to identify and mitigate threats, vulnerabilities and non-compliance. Investigating, analyzing and responding to cyber events, incidents and non-compliance, including trend analysis, creating detailed written reports and briefing the appropriate parties. Identifying, implementing and enforcing requirements for the proper handling and storage of Government data and electronic media. Conducting self-inspections and preparing for customer inspections. Interacting professionally during the enforcement of security policy and procedures. Assigned systems may vary in classification, capabilities and complexity. Mission requirements may require other than first-shift work and additional responsibilities as assigned. Who we are: Lockheed Martin is a Cyber Security pioneer, partner, innovator and builder. In support of our many customers, the amazing members of our team are responsible for providing all aspects of cybersecurity support in a complex environment. In a rapidly growing enterprise, this role offers the opportunity to grow and hone the unique skills and experiences required as a cybersecurity expert to create, design and build solutions to some of the world's hardest engineering problems. Why Join Us: Your Health, Your Wealth, Your Life With our employees as our top priority, we provide diverse career opportunities designed to propel development and boost agility. Our flexible schedules, competitive pay and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. At Lockheed Martin, we place an emphasis on empowering our employees by fostering innovation. We believe that by applying the highest standards of business ethics and visionary thinking, everything is within our reach - and yours as a Lockheed Martin employee. Lockheed Martin values your skills, training and education. Come and experience your future! Final Transferable Secret security clearance; last Periodic Reinvestigation must be within the last five (5) years or enrollment in Continuous Vetting program. Ability to obtain and maintain Special Access Program (SAP) access. Possess a valid certification that meets or exceeds DoD 8570.01-M IAT II requirements. Meets: CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP Exceeds: CASP+ CE, CCNP Security, CISA, CISSP (or Assc), GCED, GCIH, CCSP Prior experience in a cyber workforce role, as categorized by the NICE or DoD workforce frameworks. Prior experience as an ISSO, ISSM or related DoD Cyber Workforce Role on one or more F-35 information systems. Prior experience ensuring compliance with applicable laws, regulations, guidance and policies as they relate to DoD cybersecurity and SAPs (e.g., DoDI 8510.01, JSIG, DoDM 5205.07, NIST SP 800 series). Prior experience with the system authorization process, associated artifacts and their requirements (e.g., SSP, SCTM, Security CONOPs, SOPs). Lockheed Martin is an equal opportunity employer. Qualified candidates will be considered without regard to legally protected characteristics. The application window will close in 90 days; applicants are encouraged to apply within 5 - 30 days of the requisition posting date in order to receive optimal consideration. * At Lockheed Martin, we use our passion for purposeful innovation to help keep people safe and solve the world's most complex challenges. Our people are some of the greatest minds in the industry and truly make Lockheed Martin a great place to work. With our employees as our priority, we provide diverse career opportunities designed to propel, develop, and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. We place an emphasis on empowering our employees by fostering an inclusive environment built upon integrity and corporate responsibility. If this sounds like a culture you connect with, you're invited to apply for this role. Or, if you are unsure whether your experience aligns with the requirements of this position, we encourage you to search on Lockheed Martin Jobs, and apply for roles that align with your qualifications. Other Important Information By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings. Ability to work remotely Onsite Full-time: The work associated with this position will be performed onsite at a designated Lockheed Martin facility. Work Schedule Information Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits. Security Clearance Information This position requires a government security clearance, you must be a US Citizen for consideration. Pay Rate: The annual base salary range for this position in California, Massachusetts, and New York (excluding most major metropolitan areas), Colorado, Hawaii, Illinois, Maryland, Minnesota, New Jersey, Vermont, Washington or Washington DC is $76,500 - $134,895. For states not referenced above, the salary range for this position will reflect the candidate's final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. (Washington state applicants only) Non-represented full-time employees: accrue at least 10 hours per month of Paid Time Off (PTO) to be used for incidental absences and other reasons; receive at least 90 hours for holidays. Represented full time employees accrue 6.67 hours of Vacation per month; accrue up to 52 hours of sick leave annually; receive at least 96 hours for holidays. PTO, Vacation, sick leave, and holiday hours are prorated based on start date during the calendar year. This position is incentive plan eligible. Pay Rate: The annual base salary range for this position in most major metropolitan areas in California, Massachusetts, and New York is $88,000 - $152,490. For states not referenced above, the salary range for this position will reflect the candidate's final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. This position is incentive plan eligible.
$88k-152.5k yearly 34d ago
Senior IT Security Analyst
First Busey Corporation 4.5
Security architect job in Phoenix, AZ
The Senior IT Security Analyst is responsible for managing activities relating to monitoring and responding to security events. The analyst is responsible for monitoring application, host, and network threats, including external threat actors and rogue insiders. As a trusted member of the Information Security team and industry community, the analyst works closely with internal technical teams, business units, and external entities aligned with the business, including private intelligence-sharing groups, law enforcement, and government agencies. The analyst is responsible for conducting in-depth research, documenting threats, understanding the risk to the business, and sharing information with those who need to know. Analysts are expected to continually adapt to stay a step ahead of cyber attackers and stay up to date on the latest methods attackers use to infiltrate computer systems. Analysts in this role are expected to consistently learn and grow. This is not a passive career opportunity, but rather one that requires a passion for security and rigor to protect the business. Duties & Responsibilities * Responsible for developing, managing, and maintaining threat intelligence and threat hunting program and processes * Regularly research and identify emerging threats, TTPs in public and closed forums, and work with colleagues to access risk and implement/validate controls as necessary. * Assist with Security Operations activities, including but not limited to, triage of alarms/alerts, and performing technical security assessments. * Participate in a call tree for outsourced Security Operations Center to assist with triage and remediation of critical and high rated alerts that are escalated both during and after business hours. * Research and recommend solutions to fulfill regulatory compliance with all standards set forth by FFIEC guidelines, Sarbanes Oxley, Gramm-Leach-Bliley and other regulations applicable to the financial services industry and publicly traded companies. * Perform periodic review of IT procedures and security of all systems in order to maintain integrity of company and customer data. * Document and perform verification of IT related changes in accordance with Company security policies and procedures. * Research and recommend hardware and software solutions to augment or enhance existing security measures. * Stay current in events and trends in IT security. * Investigate and report any security violations and incidents and ensure proper protection and corrective measures have been taken when an incident or vulnerability has been discovered. * Conduct scheduled reviews of key application security settings. * Develop metrics and scorecards to measure risk to the organization, as well as effectiveness and efficiency of SOC associates. * Assist in process development and improvements to maximize the efficiency and effectiveness of the department and related programs * Supports audit and incident processes, as required * Monitor and support internal SEIM systems, reports, and searches * Monitor and support internal phishing email report systems and reports * Partner and establish relationships to work closely with cross-functional teams consisting of representatives in the business * Develops strong liaison relationships with key internal business and technology teams * Coach level I & IIs on security domains and program processes * Depending on need, VP Security may determine a Team Lead designation for Level III role * Participate in security work streams for a variety of enterprise projects and initiatives * Determine and communicate security risk postures to partners and leaders as appropriate Education & Experience Knowledge of: * Strong experience with threat information sharing and threat hunting processes to proactively identify potential or existing threats in medium to large environments. * Proficient with SIEM tools, threat intelligence platforms, and security orchestration, automation, and response (SOAR) solutions to centralize and manage the incident and remediation workflow. * Knowledge and understanding of networking concepts and securing traffic across LAN, WAN, and Internet infrastructure. * Proficiency in operating systems such as Windows, Linux, and MacOS to effectively research and analyze threats in a sandbox environment, and respond to incidents. * Experience in incident handling and investigation including using formal chain-of-custody methods, forensic tools, and best practices. * Applicable knowledge of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and CVSS. * Capable of scripting in Python, Bash, Perl, RegEx, or PowerShell. * Knowledge and understanding of networking concepts and securing traffic across LAN, WAN, and Internet infrastructure. * Familiarity with cloud architectures, security standards, and best practices * Strong oral and written communication skills * Strong organizational skills and attention to detail * Excellent interpersonal skills Ability to: * Ability to analyze incident logs, attack vectors, and understand vulnerabilities and exploits. * Take independent action within established options and develops new procedures and approaches to problems when necessary * Analyze assignments based on a wide knowledge of many factors where application of advanced or technical concepts are required * Self-starter requiring minimal supervision * Highly organized and efficient. * Demonstrated strategic and tactical thinking. * Stays current with the evolving threat landscape. * Perform duties and make decisions under frequent time pressures Education and Training: * (Preferred) Bachelor's degree in Computer Science, Management Information Systems (MIS) or related field or equivalent work experience. * On-the-job training in relevant roles relating to security operations, threat intel and hunting, system administration, incident response, or equivalent * Security+, CySA+, GCIH, CSA, CCSP or similar certification; or willingness and ability to pursue certification/re-certification within the first six months of hire. * At least 5 years' experience in security operations center environments, threat intelligence/hunting, or security systems administration * Requires knowledge of Microsoft Office and other productivity tools Benefits and Compensation Salary offered is based on factors, including but not limited to, the job duties, required qualifications and relevant experience, and local market trends. The role may be eligible for bonus or incentives based on company and individual performance. (Base Pay Range: $86,000 - $123,000/year) Busey provides a competitive Total Rewards package in return for your time, talents, efforts and ultimately, results. Your personal and professional well-being-now and in the years to come-are important to us. Busey's Total Rewards include a competitive benefits package offering 401(k) match, profit sharing, employee stock purchase plan, paid time off, medical, dental, vision, company-paid life insurance and long-term disability, supplemental voluntary life insurance, short-term and long-term disability, wellness incentives and an employee assistance program. In addition, eligible associates may take advantage of pre-tax health savings accounts and flexible spending accounts. Visit Busey Total Rewards for more information. Equal Opportunity Busey values a diverse and inclusive workplace and strives to recruit, develop and retain individuals with exceptional talent. A team with diverse talent, working together, is essential to Busey's commitment of delivering service excellence. Busey is an Equal Opportunity Employer including Disability/Vets. Visit Busey.com/Careers to learn more about Busey's Equal Opportunity Employment. Unsolicited Resumes Busey Bank, and its subsidiaries, does not accept any liability for fees for resumes from recruiters or employment agencies ("Agency"), without a binding, written recruitment agreement between Busey and Agency describing the services and specific job openings ("Agreement"). Busey may consider any candidate for whom an Agency has submitted an unsolicited resume and explicitly reserves the right to hire those candidate(s) without any financial obligation to the Agency, unless an Agreement is in place. Any email or verbal contact with any Busey associate is inadequate to create a binding agreement. Agencies without an Agreement are requested not to contact any associates of Busey with recruiting inquiries or resumes. Busey respectfully requests no phone calls or emails. Application Deadline 11/15/25
$86k-123k yearly Auto-Apply 47d ago
SAP GRC/Security Consultant
Turnkey Consulting
Security architect job in Phoenix, AZ
Job Title: SAP GRC/Security Consultant Company: Turnkey Consulting Turnkey Consulting is a leading advisory and implementation organization with deep expertise in risk management, governance, and compliance & security. Having the ability to provide end-to-end solutions that integrate technology, process, and people. Our business started within the SAP ecosystem, however expansion into being an agnostic partner, now gives us a wider range of solutions to support our customers, while securing their wider estate. Turnkey Consulting helps businesses optimize their risk management, security and compliance programs, protect against Cyber threats, reduce costs, and improve their operational efficiency. With a team of seasoned risk professionals and a commitment to excellence, we empower businesses to proactively protect their critical assets and stay ahead of evolving threats. Job Summary The candidate will play a key role in handling client engagements, as well as utilizing strong technical experience to find solutions that best fit our clients' needs. We are looking for a team-player and strong all-rounder with at least 2 implementations and 2 years of practical experience in the following areas Detailed understanding of the SAP authorization concept in one or more of the following areas: ECC, SAP S/4 HANA, HCM, CRM, SRM, BW, BI, BPC, SAP HANA Experience of designing, building and implementing SAP security and authorization solutions Exposure to various system user interfaces (UI), including SAP but also other relevant SaaS products Detailed understanding of SAP GRC suite of applications, with a demonstrable specialism in core modules contained within (ideally v12 onward) Experience of IDM solutions, either SAP's IDM solution, or non-SAP, such as SailPoint or Saviynt would be of advantage. Experience of third-party solutions to secure SAP estates also an advantage Experience of SAP Fiori catalogs, groups, pages and spaces Experience of SAP IAG solutions would be an advantage, both IAS and IPS Our experienced consultants are a key driver of our success as one of the most trusted names in the end-to-end security arena and we are committed to delivering to a consistently high standard. Key responsibilities of the role are: Task management of large / complex implementations, especially in Application security or enterprise risk/identity projects Implementation of GRC technology and supporting modules Work with clients to understand "why" they're in need of such solutions, define requirements and configure solutions to best fit those needs Perform controls and configuration reviews involving relevant application systems and processes Advise clients on controls in their enterprise systems relating to regulatory or legislative compliance Review and advise on security redesign and remediation projects Provide a broader range of information risk management solutions to clients as required Build relationships with new clients and maintain good relations with our existing client base Integrate solutions into wider cybersecurity controls estates We are looking ideally for someone with the following attributes: The ability to troubleshoot and diagnose problems / issues and provide prompt, robust resolution An enquiring mind to discover "why" clients need to introduce the controlling measures. The ability to manage projects within varied client engagements and lead reviews and implementations Knowledge of corporate business processes and their control points Good understanding of various IT regulations and standards, including: Sarbanes Oxley, COBIT, ISO series & the GDPR Bachelor's degree Professional certification (e.g. CISA, M.Inst.ISP, CISSP, ISO) SAP certification (Security, GRC) Consulting background Strong written and verbal communication skills Integration experience Ability to act as an SME to install, design, engineer and configure security solutions to meet client needs Ability to effectively manage own time and priorities effectively and to work both as part of a team and individually. Able to communicate technical and functional requirements to both the business and IT Key responsibilities of the role will include: Project manage large / complex SAP Security implementations, especially for S/4 HANA projects Implementation of GRC Access Controls and supporting modules Work with clients to understand requirements and configure solutions to best fit those needs Perform controls and configuration reviews involving SAP systems Advise clients on controls in SAP relating to regulatory or legislative compliance Review and advise on SAP security redesign and remediation projects Provide a broader range of information risk management solutions to clients as required Build relationships with new clients and maintain good relations with our existing client base Integrate solutions into wider cybersecurity controls estates We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state or local protected class. When we collect your personal information as part of a job application or offer of employment, we do so in accordance with industry standards and best practices and in compliance with applicable privacy laws.
$83k-115k yearly est. 60d+ ago
Sr Analyst, Cloud Security Assurance
Paypal 4.8
Security architect job in Scottsdale, AZ
The Company PayPal has been revolutionizing commerce globally for more than 25 years. Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy. We operate a global, two-sided network at scale that connects hundreds of millions of merchants and consumers. We help merchants and consumers connect, transact, and complete payments, whether they are online or in person. PayPal is more than a connection to third-party payment networks. We provide proprietary payment solutions accepted by merchants that enable the completion of payments on our platform on behalf of our customers. We offer our customers the flexibility to use their accounts to purchase and receive payments for goods and services, as well as the ability to transfer and withdraw funds. We enable consumers to exchange funds more safely with merchants using a variety of funding sources, which may include a bank account, a PayPal or Venmo account balance, PayPal and Venmo branded credit products, a credit card, a debit card, certain cryptocurrencies, or other stored value products such as gift cards, and eligible credit card rewards. Our PayPal, Venmo, and Xoom products also make it safer and simpler for friends and family to transfer funds to each other. We offer merchants an end-to-end payments solution that provides authorization and settlement capabilities, as well as instant access to funds and payouts. We also help merchants connect with their customers, process exchanges and returns, and manage risk. We enable consumers to engage in cross-border shopping and merchants to extend their global reach while reducing the complexity and friction involved in enabling cross-border trade. Our beliefs are the foundation for how we conduct business every day. We live each day guided by our core values of Inclusion, Innovation, Collaboration, and Wellness. Together, our values ensure that we work together as one global team with our customers at the center of everything we do - and they push us to ensure we take care of ourselves, each other, and our communities. Job Summary: Sr. Analyst, Cybersecurity Operations focused on cloud security. As a key player in our Cloud Assurance team, you will help provide comprehensive visibility into cloud infrastructures, monitor for misconfigurations, and proactively detect threats. Job Description: Essential Responsibilities: * Independently apply security best practices to enhance and optimize cyber threat management, ensuring robust protection and efficiency, while beginning to understand and align security measures with business objectives. * Partner with peers and internal teams to drive security initiatives, contribute to cross-functional projects, and at times co-lead efforts to strengthen security posture and cyber threat management. * Analyze and resolve security challenges by adapting standard cyber threat management processes and exploring alternative approaches to address complex threats. * Influence the quality, efficiency, and effectiveness of the team through informed decision-making, with a potential impact on other teams. * Collaborate with key partners to gather and incorporate feedback, driving continuous improvements in cyber threat management. Minimum Qualifications: * Minimum of 5 years of relevant work experience and a Bachelor's degree or equivalent experience. Preferred Qualification: Your day to day: This role will be focused primarily on the security in AWS and GCP cloud environments at PayPal. This will include the security aspects of infrastructure, build pipelines, application design, cloud native service and tool design patterns, stakeholder communications, consulting and advisement of peer security teams, and solution review and approval. Daily tasks will include but not limited to: * Onboarding Cloud accounts (such as Azure, AWS & GCP) - this includes access grant, enabling policies, configuring baselines, configuring agents (if applicable), verifying health status * Administer CSPM solution - this includes managing user roles, audit logs, manage API access * Discover cloud assets - this includes gaining visibility and manage cloud assets * Manage Security policies and Benchmarks - this includes configuring CSPs specific security policies, industry specific compliance policies (such as PCI), benchmarks standards (such as CIS, NIST, etc.) * Respond to alerts - this includes monitor, investigate and triage incidents based on actionable alerts * Manage OS hardening - this includes administer operating system baseline and hardening * Integration with 3rd party systems - this includes manage changes, requests on integration with other systems (such as ITSM and CI/CD Tools) * Remediation guidance - this includes providing recommendations to the stakeholders to fix the potential threats, applying configurations on the systems to maintain IT security regulatory compliance and standards * Manage reports - this includes providing reports to the business and IT stakeholders What do you need to bring: * 5+ years' experience in Cloud Security, CSPM * Collaborate with the team to design and deliver scalable back-end services that enhance our leading CSPM platform * Develop user-friendly command-line utilities that interact with our web services * Excellent communication and documentation skills * Provide integration support and documentation for various teams, including UX/UI and Sensors * Configure and monitor uptime alerts related to the services you manage * Continuously improve architecture, models, user experience, performance, and stability through rapid prototyping and agile decision-making * Innovate and refine methods to utilize data for automating global-scale cyber threat intelligence * Contribute to building a platform that secures the entire lifecycle of cloud workloads for our customers * Proficiency in at least one object-oriented programming language with strong typing * Experience in developing and using RESTful API web services * Familiarity with cloud provider APIs and CLI tools for AWS, Azure, and GCP * Experience with infrastructure-as-code tools like CloudFormation, Terraform, and Azure Templates * Hands-on experience with Docker containers in Kubernetes environments * Experience with message queues including defining messages, estimating sizes and rates, and monitoring lag * Experience with RDBMS databases and SQL, such as Postgres Preferred certifications: * Cloud Security related certifications (AWS, GCP) * Bachelors / Master's Degree in Computer Science / Cybersecurity or related field Bonus Points: * Industry experience or certifications related to CNAPP, CSPM, or Cloud Security * Experience with application observability tools such as Splunk and PagerDuty * Experience managing production environments with Postgres, Kubernetes etc. * Familiarity with graph structures, data, and graph databases * Compliance knowledge/experience * Automation Subsidiary: PayPal Travel Percent: 0 * PayPal is committed to fair and equitable compensation practices. Actual Compensation is based on various factors including but not limited to work location, and relevant skills and experience. The total compensation for this practice may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit ******************************* The US national annual pay range for this role is $111,500 to $191,950 PayPal does not charge candidates any fees for courses, applications, resume reviews, interviews, background checks, or onboarding. Any such request is a red flag and likely part of a scam. To learn more about how to identify and avoid recruitment fraud please visit ************************************ For the majority of employees, PayPal's balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations. Our Benefits: At PayPal, we're committed to building an equitable and inclusive global economy. And we can't do this without our most important asset-you. That's why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you. We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit ******************************* Who We Are: Click Here to learn more about our culture and community. Commitment to Diversity and Inclusion PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at ****************************************. Belonging at PayPal: Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with a sense of acceptance and security where all employees feel included and valued. We are proud to have a diverse workforce reflective of the merchants, consumers, and communities that we serve, and we continue to take tangible actions to cultivate inclusivity and belonging at PayPal. Any general requests for consideration of your skills, please Join our Talent Community. We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don't hesitate to apply.
$111.5k-192k yearly 49d ago
Sr Information Security Engineer
MUFG (DBA
Security architect job in Tempe, AZ
Do you want your voice heard and your actions to count? Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world. With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career. Join MUFG, where being inspired is expected and making a meaningful impact is rewarded. The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. A member of our recruitment team will provide more details. Job Summary: The Assistant Vice President in Security Engineering will be responsible for supporting and enhancing Unix-based security infrastructure across enterprise environments. This role requires deep technical expertise in AIX and RedHat Linux systems, along with strong scripting skills in Bash, Korn, Shell, and Python to automate security tasks and streamline operations. The candidate should be proficient in using Ansible for configuration management and have a solid understanding of TCP/IP networking principles. Key responsibilities include analyzing system logs to identify and resolve issues, utilizing Splunk and SIEM platforms for threat detection, and ensuring secure configurations across Unix systems. The role also involves working with threat detection tools and file integrity monitoring solutions, as well as managing SSH protocols and secure key access. Responsibilities: * Administer and secure Unix-based systems (AIX, RedHat Linux) across enterprise environments, ensuring compliance with internal security policies and external regulatory standards * Develop and maintain automation scripts using Bash, Korn, Shell, and Python to support security operations and system hardening * Assist in improving Ansible playbooks for secure configuration deployment and infrastructure consistency * Monitor and analyze system logs to identify anomalies, troubleshooting issues, and supporting incident response efforts * Utilize SIEM platforms such as Splunk to detect threats, correlate events, and support forensic investigations * Evaluate and remediate insecure configurations across Unix systems, contributing to continuous improvement of security posture * Support threat detection and file integrity monitoring initiatives, integrating tools and processes into Unix environments * Secure SSH configurations, including key management, access controls, and audit logging * Collaborate with cross-functional teams to support secure application deployments and infrastructure changes * Contribute to the development of security metrics and reporting to track system health, compliance, and risk indicators Qualifications: * 3 to 5 years background in IT administration with emphasis on Unix systems, including AIX and RedHat Linux * Proficient in scripting languages such as Bash, Korn, Shell, and Python, with a focus on security automation and tooling. * Experience with Ansible is a plus, but not required * Familiarity with TCP/IP networking, including secure configuration and troubleshooting * Skilled in log analysis and issue identification using native Unix tools and centralized logging platforms * Hands-on experience with Splunk and other SIEM technologies for monitoring and threat detection * Ability to identify and remediate insecure configurations across Unix-based systems * Exposure to threat detection methodologies and file integrity monitoring tools * Deep understanding of SSH, including secure key management and access control Education: * Bachelor's degree in Computer Science or a closely-related discipline, or an equivalent combination of formal education and experience "Visa sponsorship/support is based on business needs. We do not anticipate providing visa sponsorship/support for this position." The typical base pay range for this role is between $113k - $146k depending on job-related knowledge, skills, experience, and location. This role may also be eligible for certain discretionary performance-based bonuses and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays. For more information on our Total Rewards package, please click the link below. MUFG Benefits Summary We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws (including (i) the San Francisco Fair Chance Ordinance, (ii) the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, (iii) the Los Angeles County Fair Chance Ordinance, and (iv) the California Fair Chance Act) to the extent that (a) an applicant is not subject to a statutory disqualification pursuant to Section 3(a)(39) of the Securities and Exchange Act of 1934 or Section 8a(2) or 8a(3) of the Commodity Exchange Act, and (b) they do not conflict with the background screening requirements of the Financial Industry Regulatory Authority (FINRA) and the National Futures Association (NFA). The major responsibilities listed above are the material job duties of this role for which the Company reasonably believes that criminal history may have a direct, adverse and negative relationship potentially resulting in the withdrawal of conditional offer of employment, if any. The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified. We are proud to be an Equal Opportunity Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual's associates or relatives that is protected under applicable federal, state, or local law.
$113k-146k yearly Auto-Apply 2d ago
Engineer, Information Security and Risk
Cardinal Health 4.4
Security architect job in Phoenix, AZ
Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************
$94.9k-135.6k yearly 14d ago
Security Engineer - Tool Ownership, Integration & Maturity
Revspring 4.4
Security architect job in Phoenix, AZ
Job Title: Security Engineer - Tool Ownership, Integration & Maturity Job Summary: This is not a passive, monitor-the-dashboard role - it is designed for a builder. The Security Engineer at RevSpring will lead efforts to secure infrastructure by owning, integrating, and optimizing the full lifecycle of security tools. From SIEM and CSPM to EDR and SOAR, each control will be made actionable, automated, and aligned to risk. Collaboration across teams will be essential to embed security into systems and processes, driving measurable maturity and delivering real protection - not just checklists. The role also supports compliance initiatives, leads risk assessments, manages security frameworks (NIST, HITRUST, ISO 27001), and responds to emerging threats with a solid understanding of both offensive and defensive security practices. Positioned at the intersection of security engineering, architecture, and strategy, this is a high-impact opportunity. This position is part of a high-impact team focused on building the security backbone for an organization that enables critical communications in healthcare, finance, and beyond. The work contributes directly to securing the ways millions of people connect with the services they depend on - confidently and securely. For professionals who view security maturity not as a project, but as an ongoing discipline, this role offers the ideal environment to thrive. Essential Functions: Tool Ownership & Security Architecture Own the lifecycle of security platforms including EDR/XDR, SIEM, SOAR, CSPM, IAM, and vulnerability management. Integrate and automate security tools and workflows across IT, cloud, and SOC environments. Continuously tune alerting, dashboards, and policies to reduce noise and improve signal quality. Maintain security control maps and maturity metrics. Security Maturity & Measurement Build and maintain RevSpring's Security Tool Maturity Roadmap. Track and report key performance indicators (KPIs) and return on investment (ROI) for all tools. Map control capabilities to frameworks such as NIST CSF, HITRUST, ISO 27001, and CIS Controls. Identify coverage gaps and eliminate redundant tools. Security Engineering & Compliance Conduct regular security risk assessments and audits across systems, applications, and networks. Design and implement new security solutions, collaborating closely with infrastructure, cloud, and AppSec teams. Support and maintain compliance with HIPAA, HITRUST, PCI-DSS, SOX, NIST, and GLBA. Formulate and manage IT security incident response strategies. Automation & Enablement Develop scripts and integrations using Python, PowerShell, Bash, and REST APIs to automate security operations. Embed security controls into CI/CD pipelines and infrastructure as code. Maintain documentation, runbooks, and diagrams to support repeatable security improvements. Governance & Cross-Functional Collaboration Partner with procurement, risk, and compliance teams to manage tool renewals, licensing, and governance. Communicate security tool performance, maturity, and improvements to leadership in clear, data-driven ways. Translate complex technical issues into business-relevant language. Minimum Requirements: Specific Job Skills: Strong understanding of at least three areas of the modern security stack: SIEM, EDR/XDR, SOAR, CSPM, IAM, or vulnerability management. Experience in cloud security (AWS, Azure, or GCP) and implementing security controls across cloud platforms. Experience with security assessments, architecture design, and risk-based security implementation. Familiarity with standards/frameworks: NIST CSF, HITRUST, ISO 27001/27002, COBIT, ITIL, CIS. Proficient in scripting/automation (e.g., Python, PowerShell) and integrating APIs. Experience with penetration testing, ethical hacking, or advanced threat detection tools. Ability to support compliance requirements and perform security reviews for internal and external stakeholders. Experience building or managing a security tool governance or maturity framework. Certifications such as GDSA, GCIA, AWS Security Specialty, CISSP, CISM, or similar. Familiarity with MITRE ATT&CK, secure coding practices, and modern DevSecOps workflows. Strong project management, reporting, and stakeholder communication skills. Analytical mindset with the ability to break down complex problems. Strong written and verbal communication skills - technical and non-technical audiences. Proven ability to work independently and as part of a team. Flexible and adaptable to evolving business and technical priorities. Passion for continuous learning and measurable security outcomes. Education: N/A Experience: 4-7 years of hands-on experience in Security Engineering, SOC Engineering, or DevSecOps. Supervision: N/A Certifications: N/A Language Skills: Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures or governmental regulations. Ability to write reports, business correspondence and procedure manuals. Ability to effectively present information and respond to questions from a variety of both internal and external sources. Physical Capabilities: Standard categories The physical capabilities described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit; use hands to finger, handle, or feel; reach with hands and arms; and talk or hear. The employee is occasionally required to stand and walk. The employee must occasionally lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and ability to adjust focus. RevSpring is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. Note: This may not describe all of the job responsibilities and standards assigned to this position. The duties may change from time to time. RevSpring does not discriminate against any group in hiring or employment practices. Nothing in this job description constitutes a contract for employment.
$93k-130k yearly est. 56d ago
Security Engineer(32790)
Idealforce
Security architect job in Phoenix, AZ
IDEALFORCE has a CONTRACT position available immediately for Security Engineer (Nexpose & Nessus) to join our customer in Phoenix AZ. This is an ONSITE position. Please find below additional details about this job. Kindly respond with your most up to date resume if you would like to pursue this opportunity. Client is considering only LOCAL CANDIDATES for this position. The Arizona State Retirement System is seeking an experienced Security Engineer consultant with skills as at least 2 years of experience as a Nexpose vulnerability scanner expert. This position will perform the configuration and fine tuning for output for the agency's Nexpose enterprise implementation. Job Description - collaborate with all realms of staff members to assist them in protecting the ASRS information assets. - Set and work within deadlines to complete assignments; exercise resourcefulness and prioritize tasks to meet multiple demands; set objectives and goals to measure performance - Manage the delivery of projects on-time and within budgetary constraints - Be detail oriented and thorough - Develop procedures, analyze problems and design effective plans for process improvement surrounding the vulnerability scanning environment - Ability to identify security issues and risks, and assist in developing mitigation plans. - Hands on coordination with implementation and/or configuration of the entire Nexpose environment reviewing the existing configuration relative to our requirements and making appropriate adjustments - Hands on experience developing and providing technical and management reports from the Nexpose environment Qualifications - In-depth experience with NEXPOSE including, implementation, configuration, maintenance and report generation - In-depth experience with NESSUS including, implementation, configuration, maintenance and report generation - Current information security certification in one or more of the industry recognized organizations (ISC2, ISACA, etc.) - Successful experience and ability to perform knowledge transfer to technical staff - Should have at least 4 years of information security experience Additional Information - "All your information will be kept confidential according to EEO guidelines". - All candidates who are authorized to work in US are encouraged to apply. - Candidates must clear the Background check prior to commencing the assignment. SOURCER ASSIGNED: Pete Tylor; Email: pete dot tylor at idealforce.com Disclaimer : The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.
$87k-123k yearly est. 1d ago
Senior Security Analyst (L2)
Lumifi Cyber
Security architect job in Scottsdale, AZ
L2 Security Analyst Full-Time, Exempt We are looking for a Senior Security Analyst (L2) to join the Lumifi Cyber SOC team. Senior Security Analysts are expected to handle customer facing investigations, mentoring, and training of fellow analysts, and to participate in interaction with customers and other teams through email or phone. This position is located on-site at our SOC in Scottsdale, AZ. Primary Duties Triage alerts and determine if further investigation or action is required by the customer Assist customers with the investigation and response of incidents throughout the incident response process Perform investigations of customer requests and be able to provide further contextual information along with recommended actions Proactively threat hunt using network and host data within customer environments Mentor junior analysts Required Qualifications Ability to analyze packet captures/data and logs to perform incident response and identify potential compromises to customer networks Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and common TTP's (tactics, techniques, and procedures) used by threat actors Experience analyzing both log and packet data in a SIEM (RSA NetWitness, Azure Sentinel, Splunk, etc.) Strong understanding of incident response methodologies and reporting Experience using ticketing systems for tracking (JIRA, Remedy, ServiceNow, etc.) Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers Preferred Qualifications Minimum of 3+ years of experience performing triage/incident response in enterprise environments Minimum of 3+ years of experience performing forensic analysis of logs and packet captures to identify malicious artifacts Higher level security certifications (CEH, GCIH, GCFA, GCFE, GCTI, GCIA, GREM, GPEN, GFNA, OCSP) Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis A mentoring/leadership background including mentoring other analysts and orchestrating team efforts for problem solving Ability to manage projects to completion both individually and in a group Benefits Include: Health Insurance 80% paid by employer Dental Insurance 80% paid by employer Vision Insurance 80% paid by employer Self- Managed vacation leave Paid sick leave Paid holiday leave All candidates must be eligible to work in the U.S. for any employer. We are an E-Verify employer. Lumifi welcomes and encourages diversity in our workplace. All qualified applicants will receive consideration for employment without regard to race color, religion, sex, sexual orientation, gender identity, national origin or disability.
$87k-119k yearly est. Auto-Apply 32d ago
Information System Security Officer
Special Aerospace Security Services Inc.
Security architect job in Scottsdale, AZ
Job Description Senior Information Systems Security Officer (ISSO) Clearance Requirement: U.S. Citizen, active DoD Secret clearance or higher Job Type: Full-Time SASSI is seeking an experienced Senior Information Systems Security Officer (ISSO) to support a DoD customer in Scottsdale, AZ. This role plays a critical part in securing systems across on-prem and commercial cloud environments, supporting initial system delivery, authorization, and ongoing cybersecurity efforts. The ideal candidate holds a CISSP or CISM certification and brings 5-10 years of relevant cybersecurity or IT experience. You'll work closely with the ISSM, System Owner, and Authorizing Officials, contributing to the development and maintenance of authorization documentation and ongoing security posture. Key Responsibilities: Collaborate with the Information System Security Manager (ISSM), Information System Owner (ISO), and DoD Authorizing Official team. Develop, update, and maintain system security documentation including the SSP, SCTM, and RMF Body of Evidence. Ensure assigned systems maintain an appropriate security posture. Prepare systems for RMF assessments in accordance with NIST SP 800-37, 800-53, and related guidance. Identify security deficiencies and support resolution via POA&Ms and risk acceptance documentation. Monitor systems continuously to ensure compliance with the authorization package. Assist with system administration and the maintenance of cybersecurity tools (e.g., audit logs, vulnerability management, endpoint protection). Support change management processes and evaluating the security impact of proposed changes. Conduct regular audit log reviews (daily, weekly, monthly) and track findings. Participate in engineering and integration efforts across the customer's production environment. Communicate clearly and professionally with both government and contractor audiences, in writing and verbally. Basic Qualifications: U.S. Citizenship and active DoD Secret clearance (or higher) DoD 8570.01-M / DoD 8140.01-compliant certification (IAT Level II, IAM Level II, or IASAE Level II) Bachelor's degree in IT, Cybersecurity, Computer Science, Engineering, or related field with 4+ years of relevant experience Strong working knowledge of RMF, ICD 503, NIST SP 800-53, and JSIG/DJSIG Familiarity with DoD system authorization processes Preferred Qualifications: Experience with Windows, Linux, UNIX, Cloud platforms, Cisco, SQL/Oracle databases, and virtual environments Proficiency in cybersecurity tools for vulnerability scanning, patching, audit management, and endpoint protection Work Schedule: 8-hour shift, Monday-Friday Onsite support required in Scottsdale, AZ
$77k-107k yearly est. 8d ago
Bank Information Security Governance Senior
USAA 4.7
Security architect job in Scottsdale, AZ
Why USAA? At USAA, our mission is to empower our members to achieve financial security through highly competitive products, exceptional service and trusted advice. We seek to be the #1 choice for the military community and their families. Embrace a fulfilling career at USAA, where our core values - honesty, integrity, loyalty and service - define how we treat each other and our members. Be part of what truly makes us special and impactful. The Opportunity We are seeking a dedicated Bank Information Security Governance Senior. We offer a flexible work environment that requires an individual to be in the office 4 days per week. This position can be based in our Phoenix, AZ; San Antonio, TX; Plano, TX; Colorado Springs, CO; Chesapeake, VA; Charlotte, NC or Tampa, FL offices. Relocation assistance is not available for this position. What you'll do: Supports the first line of defense in ensuring the effectiveness of Information Security (IS) governance, IS risk management, and compliance programs within the Bank Technology Office. Collaborates with Information Technology (IT) and IS teams, business stakeholders, Compliance, Risk Management, Audit Services, and external parties to support IS governance and IS risk and compliance-based initiatives. Acts as a key liaison between the Association's IS function and various Bank business units, ensuring alignment with enterprise security policies and standards. Continuously monitors IS environments to identify emerging risks related to cybersecurity, infrastructure, applications, and third-party services. Provides consultative services across Bank. Provides expert insights on the development, implementation, and continuous improvement of IT governance frameworks (e.g., COBIT, ITIL) tailored to the Bank organization's specific needs and strategic objectives. Analyzes incident trends and control gaps to anticipate potential risk scenarios and recommend preventive measures. Conducts forward-looking risk assessments for new technology initiatives, system changes, and digital transformation projects. Analyzes incident trends and control gaps to anticipate potential risk scenarios and recommend preventive measures. Partners with and leads IT/IS teams to embed IS risk considerations early in the project lifecycle and ensure timely mitigation strategies. Leads the development, implementation, and continuous improvement of IT governance frameworks (e.g., COBIT, ITIL) tailored to the organization's specific needs and strategic objectives. Defines, maintains, and enforces IS policies, standards, and procedures to ensure compliance with relevant laws, regulations, and industry best practices. Ensures IS risk compliance with legal, regulatory, and contractual requirements, coordinating audits and assessments. Provides governance oversight for IS related initiatives, ensuring they adhere to established standards, policies, and risk management practices. Mentors junior members of the IS governance team, providing guidance and support in their professional development. Enhances, and maintains awareness of the risk governance framework and its elements (RCSA). Performs root cause analysis to determine likelihood, impact, and mitigation approaches of identified risks. Prepares metrics reporting and participates in the metrics refresh process. Maintains awareness of cloud computing principles and AI and understands potential IS risks inherent within this discipline. Ensures risks associated with business activities are effectively identified, measured, monitored, and controlled in accordance with risk and compliance policies and procedures. What you have: Bachelor's degree in Information Technology, Computer Science, Business Administration, or a related field; OR 4 years of related experience (in addition to the minimum years of experience required) may be substituted in lieu of degree. 6 years experience supporting IS governance, IS risk management, compliance, or IT audit activities In-depth knowledge and application of IT governance frameworks such as COBIT, ITIL, ISO 27001, and NIST, CIS Controls and CMMC Experience working on and implementing IT and/or IS policies, standards, and procedures. Experience leading and coordinating IS audits and assessments and ensuring compliance with regulatory requirements. A strong understanding of regulatory and compliance requirements applicable to the organization. Ability to interpret complex IT/IS environments and detect early warning signals. Experience in identifying potential failure points and simulating risk scenarios. Proficiency in using data to identify trends, anomalies, and emerging risks. Understanding of cloud, cybersecurity, and digital transformation risks. Ability to articulate risk insights and influence stakeholders to take preventive actions. Familiarity with GRC platforms, vulnerability management tools, and risk dashboards. What sets you apart: Information Technology or Security certifications (e.g., CISA, CRISC, CISM, CISSP, CGEIT, CIA, NIST, COBIT, etc.). Familiarity with financial institutions regulations (GLBA, FFIEC Handbooks, PCI DSS) Work experience in highly regulated work environments including other large financial institutions Experience with data-driven analysis using AI tools and collaborating to drive process innovation Highly self-motivated individual capable of working independently and proactively handling their workload with minimal direct supervision. Strong analytical skills and demonstrated experience collaborating effectively with leadership at all levels within an organization. Compensation range: The salary range for this position is: $114,080-$218,030. USAA does not provide visa sponsorship for this role. Please do not apply for this role if at any time (now or in the future) you will need immigration support (i.e., H-1B, TN, STEM OPT Training Plans, etc.). Compensation: USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive. You are paid within the salary range based on your experience and market data of the position. The actual salary for this role may vary by location. Employees may be eligible for pay incentives based on overall corporate and individual performance and at the discretion of the USAA Board of Directors. The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job. Benefits: At USAA our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness. These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs. Additionally, our career path planning and continuing education assists employees with their professional goals. For more details on our outstanding benefits, visit our benefits page on USAAjobs.com. Applications for this position are accepted on an ongoing basis, this posting will remain open until the position is filled. Thus, interested candidates are encouraged to apply the same day they view this posting. USAA is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
$114.1k-218k yearly Auto-Apply 1d ago
Engineer, Information Security and Risk
Cardinal Health 4.4
Security architect job in Phoenix, AZ
Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************
$94.9k-135.6k yearly 14d ago
Senior Security Analyst (L2)
Lumifi Cyber
Security architect job in Scottsdale, AZ
Job Description L2 Security Analyst Full-Time, Exempt We are looking for a Senior Security Analyst (L2) to join the Lumifi Cyber SOC team. Senior Security Analysts are expected to handle customer facing investigations, mentoring, and training of fellow analysts, and to participate in interaction with customers and other teams through email or phone. This position is located on-site at our SOC in Scottsdale, AZ. Primary Duties Triage alerts and determine if further investigation or action is required by the customer Assist customers with the investigation and response of incidents throughout the incident response process Perform investigations of customer requests and be able to provide further contextual information along with recommended actions Proactively threat hunt using network and host data within customer environments Mentor junior analysts Required Qualifications Ability to analyze packet captures/data and logs to perform incident response and identify potential compromises to customer networks Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and common TTP's (tactics, techniques, and procedures) used by threat actors Experience analyzing both log and packet data in a SIEM (RSA NetWitness, Azure Sentinel, Splunk, etc.) Strong understanding of incident response methodologies and reporting Experience using ticketing systems for tracking (JIRA, Remedy, ServiceNow, etc.) Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers Preferred Qualifications Minimum of 3+ years of experience performing triage/incident response in enterprise environments Minimum of 3+ years of experience performing forensic analysis of logs and packet captures to identify malicious artifacts Higher level security certifications (CEH, GCIH, GCFA, GCFE, GCTI, GCIA, GREM, GPEN, GFNA, OCSP) Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis A mentoring/leadership background including mentoring other analysts and orchestrating team efforts for problem solving Ability to manage projects to completion both individually and in a group Benefits Include: Health Insurance 80% paid by employer Dental Insurance 80% paid by employer Vision Insurance 80% paid by employer Self- Managed vacation leave Paid sick leave Paid holiday leave All candidates must be eligible to work in the U.S. for any employer. We are an E-Verify employer. Lumifi welcomes and encourages diversity in our workplace. All qualified applicants will receive consideration for employment without regard to race color, religion, sex, sexual orientation, gender identity, national origin or disability. Powered by JazzHR 6oXedfgOJk
$87k-119k yearly est. 23d ago

Learn more about security architect jobs

How much does a security architect earn in Avondale, AZ?

The average security architect in Avondale, AZ earns between $91,000 and $189,000 annually. This compares to the national average security architect range of $92,000 to $179,000.

Average security architect salary in Avondale, AZ

$131,000

$91,00010%

$131,000Median

$189,00090%

Job type you want

Full Time

Part Time

Internship

Temporary

Security architect jobs in Avondale, AZ

Sr. Security Analyst - Perimeter Security Team

Senior Security Engineer - IAM Analyst

Bank Information Security Governance Senior

Senior Cloud Security Engineer

Information Security Architect

Application Security Architect

Cloud Security Architect

F-35 Information System Security Officer - Luke AFB, AZ (Early Career)

Senior IT Security Analyst

SAP GRC/Security Consultant

Sr Analyst, Cloud Security Assurance

Sr Information Security Engineer

Engineer, Information Security and Risk

Security Engineer - Tool Ownership, Integration & Maturity

Security Engineer(32790)

Senior Security Analyst (L2)

Information System Security Officer

Bank Information Security Governance Senior

Engineer, Information Security and Risk

Senior Security Analyst (L2)

Learn more about security architect jobs

How much does a security architect earn in Avondale, AZ?