Security architect jobs in Berkeley, CA

***We are unable to sponsor for this 6+ month straight contract role, no 3rd party candidates will be considered*** Prestigious Enterprise Company is currently seeking a Cyber Security Architect with strong Threat, Vulnerabilities, and Risk Compliance Architecture and Engineering experience. Candidate will be responsible for the planning, development and implementation of enterprise information security solutions to address the current and emerging security needs of the business. This role requires the solution of complex enterprise-scale information security problems. The role will design and develop new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Responsibilities: Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks. Serves as an expert in one or more of platform, application, storage, network, virtualization, cloud and mobile security best practices. Cloud Security: Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security lifecycle Image scanning Qualifications: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modeling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/ CD pipeline Integrate security tools Security testing

Role Purpose The Director of Information and Data Security will establish and lead Eltropy's IT and cybersecurity function, responsible for developing foundational systems, processes, and governance across infrastructure, data protection, and compliance. This leader will drive security maturity across the organization by balancing hands-on execution with long-term strategic planning, and by partnering with external GRC consultants to build a scalable security and compliance framework aligned with industry standards such as SOC 2 and ISO 27001. Location: Santa Clara, CA (Hybrid) Department: IT, Cyber Security and Ops Employment Type: Full-Time Minimum Experience: Senior Manager/Supervisor Compensation: $200,000-$240,000 (Base + Bonus) Strong cybersecurity background, with experience leading threat detection, incident response, and proactive security risk management across cloud and enterprise environments. Key Responsibilities IT and Infrastructure Security Oversee endpoint management, asset inventory, and identity and access management (IAM). Establish standards for device hardening, patch management, and secure configuration. Define and manage the budget for all security and IT tools, services, and human capital, ensuring cost-effectiveness and alignment with the overall security roadmap. Implement centralized visibility and control across systems and SaaS applications. Cybersecurity and Data Protection Lead threat detection, vulnerability management, and incident response operations. Implement and maintain a Cloud Security Posture Management (CSPM) solution to monitor cloud infrastructure (AWS/Azure) for misconfigurations and compliance issues. Deploy and tune SIEM/XDR solutions to enhance visibility and threat detection across environments. Conduct regular penetration testing, track remediation, and drive security awareness programs. Define and enforce data protection policies covering classification, encryption, and retention. Governance, Risk, and Compliance (in partnership with GRC Consultant) Partner with external GRC consultants to design and operationalize Eltropy's information security and compliance framework. Translate consultant-driven recommendations into actionable internal controls, policies, and monitoring mechanisms. Manage the Third-Party Risk Management (TPRM) program, including vendor due diligence, security questionnaires, and ongoing risk monitoring. Maintain a centralized risk register and oversee remediation tracking. Own operational compliance for frameworks such as SOC 2, ISO 27001, and GDPR. Security Architecture and Product Collaboration Work closely with Engineering and Product teams to embed security-by-design principles in SaaS architecture and cloud deployments. Implement automated security testing (SAST/DAST) within the CI/CD pipeline to shift security left and reduce vulnerabilities early in the development lifecycle. Review architecture and third-party integrations to ensure alignment with data security and privacy standards. Incident Management and Business Continuity Establish and operationalize the company's Incident Response Plan (IRP) and Business Continuity/Disaster Recovery (BCP/DR) framework. Conduct tabletop exercises and post-incident reviews to enhance preparedness and learning. Security Awareness and Culture Develop and implement a company-wide security awareness program. Partner with HR and Operations to ensure onboarding/offboarding includes security compliance and periodic training. Foster a security-first culture emphasizing accountability and vigilance across teams. Leadership and Department Setup Build and lead a high-performing IT and Security team, including IT administrators and cybersecurity engineers. Define structure, roles, and hiring priorities aligned with the company's growth stage. Create a phased roadmap for security maturity, including technology adoption and process optimization. Key Performance Indicators (KPIs) Security Tool Coverage: Achieve at least X% deployment and agent coverage across all corporate and cloud assets within the first 6 months. Vulnerability Remediation: Maintain average time-to-remediate critical and high vulnerabilities below X days. Compliance Milestones: Achieve SOC 2 / ISO 27001 readiness within agreed timelines. Asset Visibility: 100% endpoint and asset inventory completeness. Incident Management: Reduction in mean time to detect (MTTD) and mean time to respond (MTTR) for incidents. Team Ramp; Process Setup: Completion of key hires and operational processes within the first year. Requirements Independent, self-starter with strong ownership and execution bias. Ability to prioritize and execute in a resource-constrained, fast-paced SaaS environment. Strategic thinker with operational depth; able to balance long-term maturity goals with immediate risk mitigation. Excellent communication skills with the ability to influence and align cross-functional stakeholders. Proven experience setting up IT or cybersecurity programs in a SaaS or technology environment. Strong understanding of endpoint protection, cloud infrastructure security (AWS/Azure), IAM, and network security. Experience with SIEM and/or XDR deployment and tuning for threat detection and monitoring. Familiarity with CSPM, SAST/DAST, and vulnerability management tools. Knowledge of GRC frameworks (SOC 2, ISO 27001) and translating them into practical, auditable controls. Reporting to: VP of Operations Level: Senior Leadership Direct Reports: IT Team Cybersecurity Engineer(s)

Role: Cybersecurity Manager Duration: 6+ months Summary: The Cybersecurity Manager leads global cybersecurity operations, incident response, cloud security, and vulnerability management across IT, OT, and cloud environments. This role drives security maturity, manages SOC functions, and ensures compliance with frameworks like ISO 27001, NIST, and ITAR. Key Responsibilities:Lead cybersecurity operations, including SOC oversight, threat detection, and endpoint security. Manage incident response for ransomware, APT, insider threats, and major security events. Oversee vulnerability and patch management programs (Tenable, Automox, CrowdStrike). Strengthen cloud and identity security across Azure, Entra ID, and Microsoft 365. Implement Zero Trust architecture and secure configuration standards. Support compliance efforts (ISO 27001, NIST CSF/800-53/171, ITAR, GDPR, HIPAA, PCI). Lead global cybersecurity teams, contractors, and MSSP partners. Provide executive-level reporting on risk posture, incidents, and security metrics. Requirements:10+ years of cybersecurity experience with leadership responsibilities. Strong background in SOC operations, IR, EDR, SIEM/SOAR, and cloud security. Hands-on experience with Sentinel, XSOAR, CrowdStrike, Defender, Tenable. Knowledge of ISO 27001, NIST, ITAR, and broader regulatory frameworks. Strong communication, team leadership, and cross-functional collaboration skills.

Information Security Need Local to San Francisco, CA Onsite role Looking for independent folks. Top Skills: KQL - kusto query language - used by different Microsoft security tools like sentinel or defender SPL that Splunk uses General incident response actual incident tickets - resolve actual security incident tickets Requirements • Self-starter, able to readily explore and learn new areas and concepts. • Knowledge and experience normally acquired through, or equivalent to, the completion of a Computer Science or Computer Engineering Bachelor's degree with a minimum of 5 years of job-related experience. • Degrees in Computer Science or Engineering and/or relevant technically focused certifications in Cloud and/or enterprise security architecture such as GCAD or GDSA are advantageous Experience with • AWS commercial or government cloud • Experience securing critical workloads in a cloud environment. • Knowledge and experience with Databricks, Starburst, Collibra and Immuta is advantageous. Job Role Summary Lead and produce system threat models for integration of commercial components into a data lake platform. Help design secure cloud architectures. Propose effective security controls within the environment and identify and mitigate security vulnerabilities. Simplify complex security topics, lead discussion in technical and business teams, communicate risk accurately. Skills • Able to create AWS secure cloud architecture designs • Understand current security threats, techniques, and landscape • System threat modeling of applications and platforms • Able to identify and provide mitigation for security vulnerabilities within applications and application environments based on threat models. • Able to simplify complex security topics for consumption and critical decision making. • Clear and accurate communication • Able to lead/direct discussions with technical and business teams to achieve common goals. • Able to work well within a team and support team goals • Understand cyber security frameworks such as NIST 800-53 • Ability to work on a geographically distributed team across multiple time zones • Familiarity with SAFe a plus Responsibilities • Evolve and mature our models, templates, standards and procedures related to secure application development and secure application and cloud architecture. Ensure these artifacts are in alignment with FRS policy and standards. • Consult with our development teams to help them align with FRS policy and standards and meet the risk appetite of the customer. • Work with members of application development teams to review and create secure application and infrastructure designs and patterns. • Assist development teams by reviewing threat models related to applications and related systems. Analyze potential business impact and exposure leading to risk, based on emerging security threats, vulnerabilities, configurations, threat actor TTPs, etc. • Evaluate CICD pipeline design, and related development team processes and help to mature and secure creation, management and utilization of pipelines. • Assist in identification and integration of security focused tooling into development and operations processes. • Support secure application architecture within the Federal Reserve System by fostering constructive dialogue and seeking resolution when confronted with discordant views. • Solicit feedback and continuously improve your knowledge, skills and capabilities related to the position. • Assist with recruiting activities and administrative work.

Security Architect / Implementation Engineer Duration: 6 Months contract with possibility of extension We are seeking a highly skilled Security Architect / Security Implementation Engineer with expertise in designing, implementing, and integrating Google Cloud Security Command Center (SCC), Chronicle SIEM, and Cybereason XDR. The candidate will be responsible for architecting the end-to-end solution, implementing GCP native security controls, integrating third-party security tools, and producing detailed design and operational documentation. Key Responsibilities: Design and architect cloud-native security controls in GCP aligned with security and compliance frameworks (CIS, ISO 27001, NIST, etc.). Implement Google Security Command Center (SCC) for threat detection, vulnerability management, and risk insights. Architect and configure Chronicle SIEM for log ingestion, correlation, and advanced threat analytics. Integrate Cybereason XDR with SCC, Chronicle, and other security tools to establish end-to-end threat detection and response workflows. Define use cases, rules, policies, and security playbooks to automate detection and response. Document the solution architecture, design decisions, configuration standards, and integration workflows. Conduct knowledge transfer sessions with security operations and support teams. Collaborate with GCP Cloud Platform teams, SOC teams, and compliance teams to align solutions with enterprise policies. Required Skills & Experience: 8-12 years of overall IT security experience with at least 4-5 years in Google Cloud Security. Proven experience with Google Security Command Center (SCC), Chronicle SIEM, and XDR platforms (Cybereason preferred). Strong knowledge of GCP IAM, VPC Service Controls, Cloud Armor, DLP, Cloud Logging, Cloud Monitoring. Hands-on experience in integrating SIEM, XDR, and native GCP security tools. Experience with Terraform, Deployment Manager, or automation frameworks for security deployment. Strong documentation and presentation skills. Security certifications preferred: Google Professional Cloud Security Engineer, GCP Professional Architect, CISSP, CISM, CCSP.

In this role, you will drive the evolution of our infrastructure and security posture. You will have substantial ownership over our technology choices and implementation for deployment, observability, storage, and security. You will identify, triage, and implement incremental improvements in all of these domains, working closely with backend engineers and internal and external auditors to develop appropriately scoped interventions. You will work with engineers to ensure that security considerations are baked into software development from the outset. You should have a broad understanding of modern best practices around cloud architecture, data governance and infrastructure as code. You should approach questions of infrastructure and security risk with a sense of nuance and good judgment. You should be able to build consensus around your threat models such that the necessary consequences seem natural to other stakeholders. In this role, you will need to be fluent in Python and Terraform (at least to start). Company & Funding We're building the world's largest long-term insurer, using digital money and AI to serve billions of people profitably. We want anyone, anywhere, to be able to save for their future, protect their family, and build wealth across generations. We face a once-in-a-century opportunity to build a vertically integrated life (re)insurer. Our product offerings are globally unique, making it possible for us to scale our balance sheet, build modern systems from scratch, and then directly compete to win a market that is 3% of global GDP. We've raised over $140M to date. Sam Altman and Lachy Groom led our initial raise, and they've since been joined by leading investors in AI, insurance, and Bitcoin, including Northwestern Mutual, Apollo, Bain Capital, Pantera, Haun, Framework, Fulgur Ventures, MS&AD, Mouro, Stillmark, and Wences Casares. Our Bermuda operating subsidiary holds the the world's only license to issue life insurance denominated entirely in Bitcoin. It's also the only company in the world with audited financials stated in Bitcoin. (If you join us, you can expect to do a lot of things no one's ever done before.) Engineering at Meanwhile With the advent of ubiquitous AI tooling, the dynamic range in individual engineering effectiveness is only widening. At Meanwhile, we're planning for a world in which small, tight-knit engineering teams (supported by a small, tight-knit platform team) own entire lines of business, and are compensated accordingly. We're attacking a huge market with the leanest, most effective team in insurance. Where incumbents employ a thousand people, we think we can make it work with a hundred or a dozen. We're looking for hungry ICs (and former managers who see the writing on the wall) interested in pushing the boundaries of engineering productivity in a vertically integrated, regulated organization. We're growing quickly. You will fix million-dollar bugs. On the business side, we hire for deep domain expertise, ambition, and the creativity to figure out the previously impossible. Because our engineers work closely with people from the business, they need curiosity, flexibility, an appetite for (and the ability to digest) complex context, and strong communication skills. Our view is that ownership is taken, not given. You will be successful here if your work progressively builds others' trust in your ability to identify, attack, and solve larger and larger problems, including those that no one else has anticipated. We believe that "code wins arguments," that prototyping is often the best first step in a design process, and that the impact of velocity is non-linear. You are excited by putting up multiple meaningful changes, or writing thousands of lines of code, in a day (even though you know that deleting lines of code is more exciting than writing them, and that, occasionally, deep reflection is required in order to ship anything). You aren't fazed by building systems that don't work out - sometimes, you have to throw code away. Intellectual honesty is non-negotiable. You love to learn and to teach, to ask questions and to answer them, and to be transparent about your uncertainty. You are eager to learn, with the rest of the team, how to work with AI tools, including agents, in order to move faster and ship better, more complete versions of your ideas. You will experiment with new ways of working, with the expectation that some of them will be unsuccessful, and you will teach others what works. This is the most exciting time in decades to be a competent, technically ambitious engineer. We want to offer you the opportunity to see what's really possible and how much better you can get at your craft.

At PriMed, your uniqueness is valued, celebrated, encouraged, supported, and embraced. Whatever your relationship with Hill Physicians, we welcome ALL that you are. We value and respect your race, ethnicity, gender identity, sexual orientation, age, religion, disabilities, experiences, perspectives, and other attributes. Our celebration of diversity and foundation of inclusion allows us to leverage our differences and capitalize on our similarities to better serve our communities. We do it because it's right! Job Description We are seeking a skilled Governance, Risk, and Compliance (GRC) Engineer to strengthen our security posture and ensure adherence to healthcare regulations. The GRC Engineer will play a vital role in designing, implementing, and maintaining risk management processes, compliance frameworks, and policies that align with healthcare regulations such as HIPAA and HITECH. The ideal candidate will have experience with tools like SAI360, CyberArk, and other compliance and security platforms. Job Responsibilities: Develop, implement, and maintain GRC policies, processes, and controls in alignment with industry best practices and regulatory requirements (e.g., HIPAA, HITECH, NIST, ISO 27001). Perform risk assessments and develop mitigation strategies for identified security risks. Administer and optimize SAI360 for governance, risk management, and compliance activities, including reporting and policy management. Collaborate with cross-functional teams to ensure new projects and systems are designed with security and compliance in mind. Monitor and report on compliance status, identifying gaps and proposing remediation strategies. Oversee third-party vendor risk assessments and ensure adherence to security requirements. Support internal and external audits by providing documentation, evidence, and responses to audit findings. Conduct security awareness training programs and promote a culture of compliance within the organization. Required Experience/Skills/Knowledge: 5+ years of experience in Governance, Risk, and Compliance roles or a related field. Strong knowledge of healthcare regulations, including HIPAA, HITECH, and other relevant standards. Proficiency in GRC tools such as SAI360 for compliance and risk management. Experience with privileged access management tools like CyberArk. Solid understanding of risk assessment methodologies and security frameworks, including NIST CSF, ISO 27001, or COBIT. Excellent communication and collaboration skills to engage with technical and non-technical stakeholders. Strong analytical and organizational skills with attention to detail. This role is critical in maintaining our organization's compliance with healthcare security standards and reducing risk exposure. Required Education: Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field. Equivalent work experience may be considered in lieu of a degree.

About Company, Droisys is an innovation technology company focused on helping companies accelerate their digital initiatives from strategy and planning through execution. We leverage deep technical expertise, Agile methodologies, and data-driven intelligence to modernize systems of engagement and simplify human/tech interaction. Amazing things happen when we work in environments where everyone feels a true sense of belonging and when candidates have the requisite skills and opportunities to succeed. At Droisys, we invest in our talent and support career growth, and we are always on the lookout for amazing talent who can contribute to our growth by delivering top results for our clients. Join us to challenge yourself and accomplish work that matters. We're hiring Senior Backend Engineer - Cloud Security in Sunnyvale, CA What You Will Do Build containerized microservices and related components for a multi-tenant, distributed system that ingests and processes real-time cloud events, system telemetry, and network data across major cloud platforms. Your work will enable customers to detect risks and strengthen their cloud security posture. Mentor junior engineers, interns, and new graduates, helping them develop strong technical skills and become effective contributors. Write production-quality software primarily in Java using Spring Boot, and work extensively with Kafka, SQL, and other data interfaces. Work within a Kubernetes-based service infrastructure, while learning new technologies as needed. Take ownership of major features and subsystems through the entire development lifecycle-requirements, design, implementation, deployment, and customer adoption. Participate in operational responsibilities, gaining firsthand experience with real-world performance, reliability, and support scenarios-informing how you design and build better systems. Prioritize quality at every stage, performing thorough developer testing, functional validation, integration checks, and performance testing to ensure highly resilient systems. Collaborate closely with Product Management to review, refine, and finalize requirements. Develop a deep understanding of customer needs by engaging with peers, stakeholders, and real-world use cases. What You Bring Bachelor's degree in computer science or similar (Master's preferred). 5+ years of experience building scalable, distributed systems. Passion for software engineering, continuous learning, and working in a collaborative environment. Hands-on experience with AWS, Azure, or GCP, with strong familiarity at the API/programming level. Experience with networking and/or security concepts is a plus. Experience developing containerized services on Kubernetes is strongly desired. Strong programming experience in Java/Spring Boot or Golang. Experience building or using REST APIs. Knowledge of infrastructure-as-code tools such as CloudFormation, Terraform, or Ansible is a plus. Understanding of TCP/IP networking fundamentals. Experience developing in Unix/Linux environments. Droisys is an equal opportunity employer. We do not discriminate based on race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law. Droisys believes in diversity, inclusion, and belonging, and we are committed to fostering a diverse work environment

We are seeking highly skilled OpenStack and Nutanix Administrators to join our IT Infrastructure team. This role is crucial in managing, optimizing, and ensuring the seamless operation of cloud and hyper-converged infrastructure environments. The ideal candidates will possess strong technical expertise, excellent problem-solving skills, and a proven ability to work in dynamic environments. Key Responsibilities - Deploy, configure, and maintain OpenStack cloud environments and Nutanix hyper-converged infrastructure. - Monitor system performance, troubleshoot issues, and ensure high availability of services. - Design and implement scalable solutions to meet organizational needs. - Collaborate with cross-functional teams to align infrastructure with business objectives. - Perform upgrades, patches, and routine maintenance for OpenStack and Nutanix systems. - Develop automation scripts for efficient system management using tools like Ansible, Terraform and Pulumi. - Ensure compliance with security standards and implement best practices for data protection. - Document processes, configurations, and troubleshooting steps for knowledge sharing. Qualifications - Bachelors in Computer Science (or related field) and 6 - 9 years of relevant experience. - Strong expertise in OpenStack architecture, deployment, and management. - Hands-on experience with Nutanix AHV, Prism Central, and related tools. - Proficiency in Linux system administration and scripting (e.g., Bash, Python). - Excellent familiarity with virtualization technologies (e.g., KVM) and container platforms (e.g., Kubernetes). - Knowledge of networking concepts such as VLANs, SDN, and load balancing. - Experience with monitoring tools like Prometheus or Nagios. - Excellent communication skills to collaborate with technical and non-technical stakeholders. - Certifications in OpenStack or Nutanix (e.g., NCP-MCI) are a plus.

The requirements listed below are representative of the knowledge, skill, and/or ability required: Build the networks by taking into consideration various factors like, bandwidth requirements, infrastructure requirements and security. Responsible for estimating growth and plan for the network upgrade to meet future demands. Ability to work on multiple priorities and/or projects simultaneously. Excellent listening and communications skills, both verbal and written. flexible in working hours to support global project and migration during non-business hours. Ability to collaborate with multiple teams to achieve project goals. Organized, detail oriented and self-motivated. Ability to provide and maintain detailed documentation on each project. Demonstrate knowledge in advanced networking and infra security domain. Ability to successfully train the operation team on the new solution(s) implemented. Problem-solving skills and abilities to meet reasonable deadlines. Ability to work with little supervision and manage a team. Identify opportunities and recommend solutions for improving the overall network health by assessing overall effectiveness and efficiency. Stay current with existing, emerging, and evolving technologies and when appropriate, make recommendations as to how we may best harness a new technology or idea. BS in Engineering, Computer Science, or related field, with 15+ years of work experience in networking domain Have completed minimum 3 significant network solution designs In-depth knowledge of the OSI network model Experience with different network types (i. e. LAN, WAN, WLAN) Network protocols and technologies, e. g. DNS, HTTP, SSL, 802. 1x, Load Balancing, WAN optimization, SD-WAN, VPN, PKI Cisco network products (Nexus and Catalyst switches, routers, WLC, ISE) Knowledge of Palo Alto Networks firewall and IPS configuration and troubleshooting Knowledge of F5 load balancer Knowledge of public cloud is highly desirable Knowledge of Zero-Trust networking is highly desirable CCNP certification CCIE certification PCNSE certification Azure Network Engineer Associate

About the Hiring TeamTencent Overseas IT has the mission to empower Tencent's rapid global growth with future ready, global IT platforms, applications and services. We are chartered to lead the Overseas IT strategy, architecture, roadmap and execution. Satisfying our internal/external customers and becoming a world class global IT team are our top aspirations.What the Role Entails Tencent Overseas IT is committed to accelerating Tencent's international business growth and enabling its success through the deployment of cutting-edge technology platforms in IT services, cloud, security, and DevOps. As leaders in IT technology, we are responsible for defining and executing on Tencent's Overseas IT strategy, architecture, and roadmap. Our primary focus is to deliver exceptional value to satisfy the diverse needs of our internal and external customers, while striving to build a world-class global IT team. Responsibilities We're seeking a Principal Security Architect to drive the overall security architecture of Tencent overseas business. This role will work closely with foundation IT and Business teams to ensure compliance with security best practices, regulatory requirements, and internal policies. Key responsibilities include: Security Strategy and Planning: Defining and implementing the organization's security strategy, roadmaps, and long-term vision. Security Architecture Design: Developing and maintaining the overall security architecture, including defining security frameworks, standards, and controls. Incident Response: Participating in incident response activities, providing expertise in identifying, containing, and recovering from security incidents. Risk Management: Identifying and assessing security risks, developing mitigation strategies, and ensuring alignment with business objectives. Security Compliance: Ensuring compliance with relevant security regulations, industry standards (e.g., NIST, ISO 27001, HIPAA), and internal policies. Who We Look For Key Skills • Security Architecture Design: Ability to design and implement secure and scalable architectures across various environments (e.g., cloud, containerized, on-premises), including developing and maintaining threat models and security reference architectures, with a strong emphasis on Zero Trust principles. • Security Operations & Incident Response: Experience with Security Information & Event Management (SIEM) systems, vulnerability scanners, malware analysis, and handling security incidents. The ability to lead threat modeling activities and support penetration testing is also important. • Networking: In-depth knowledge of networking principles, including routers, switches, firewalls, load balancers, and wireless devices, as well as network security protocols and technologies like VLANs, VPNs, IDS/IPS, and network segmentation. • Cloud Security: Expertise in cloud security principles and technologies across major platforms like AWS, Azure, and GCP, including implementing security controls and best practices in cloud environments. • Identity and Access Management (IAM): Strong understanding of enterprise IAM systems, including platforms like Okta, SailPoint, and Active Directory (AD), and the ability to implement and manage secure access controls based on the principle of least privilege. • Data Protection: Knowledge of data protection methods like encryption, pseudonymization, and shuffling, and how to apply them effectively to safeguard against data corruption, compromise, and loss. • Security Testing & Analysis: Experience in conducting penetration testing, vulnerability assessments, ethical hacking, and risk analysis to identify and mitigate security risks. • Security Automation & DevSecOps: Hands-on experience with security automation tools and scripting languages (e.g., Python, Lambda, Terraform) to streamline security processes and embed security into CI/CD workflows and Infrastructure-as-Code (IaC) processes. • Security Tools & Technologies: Proficiency in using various security tools and technologies, including SIEM platforms, XDR, cloud-native threat detection tools, vulnerability scanners, and encryption tools. • Operating Systems: Experience with various operating systems, including Windows, Linux, and UNIX. • Application Security: Experience in web application security, OWASP, API security, and secure design and testing. • SaaS Security: Experience with SaaS permission management, experience with SSPM (SaaS Security Posture Management) • AI for Security: real word experience with AI/LLM/Agentic for security, especially adopt LLM in SIEM rule, SOAR optimization. • Scripting skills in Python, PowerShell or Bash Qualifications • Education: Typically, a master's degree in computer science, Information Security, or a related technical field is required. • Minimum of 10-12+ years of progressive experience in cybersecurity, including at least 5-7 years in a security architecture or senior-level engineering role. • Experience securing workspace and key enterprise systems, including IAM, e-mail, DevSecOps, SaaS, and back-office systems. • Essential soft skills: Analytical Thinking; Problem-Solving; Risk Management; Adaptability & Continuous Learning;Attention to Detail • Experience working with remote, globally distributed teams • Previous experience in the gaming industry is a plus. • Relevant certifications: Certified Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) Certified Information Security Manager (CISM) AWS Certified Security - Specialty Other certifications like AWS Certified SA, Certified Ethical Hacker (CEH), CompTIA Security+, and GIAC Security Essentials Certification (GSEC) can also be beneficial. Location State(s) US-California-Palo AltoThe expected base pay range for this position in the location(s) listed above is $141,200.00 to $328,400.00 per year. Actual pay may vary depending on job-related knowledge, skills, and experience. Employees hired for this position may be eligible for a sign on payment, relocation package, and restricted stock units, which will be evaluated on a case-by-case basis. Subject to the terms and conditions of the plans in effect, hired applicants are also eligible for medical, dental, vision, life and disability benefits, and participation in the Company's 401(k) plan. The Employee is also eligible for up to 15 to 25 days of vacation per year (depending on the employee's tenure), up to 13 days of holidays throughout the calendar year, and up to 10 days of paid sick leave per year. Your benefits may be adjusted to reflect your location, employment status, duration of employment with the company, and position level. Benefits may also be pro-rated for those who start working during the calendar year.Equal Employment Opportunity at Tencent As an equal opportunity employer, we firmly believe that diverse voices fuel our innovation and allow us to better serve our users and the community. We foster an environment where every employee of Tencent feels supported and inspired to achieve individual and common goals.

QA Automation and Security Test Architect Job ID: 21-14390 Top must haves are: * 5+ years of experience as Automation Architect and doing web application security testing as per OWASP standards * 5+ years of experience designing, developing and executing Automation Scripts using Selenium * Ability to provide application security risk assessment of technologies stack used in cloud or web applications. TECHNICAL KNOWLEDGE AND SKILLS: * 5+ years of experience as an Automation Architect and doing web application security testing as per OWASP standards * 5+ years of experience designing, developing and executing Automation Scripts using Selenium * Knowledge and experience in other Automation tools (like QTP, Rational Robot, AutoIT) * Understanding and working knowledge with Data Driven, Keyword Driven and Hybrid frameworks * Knowledge of Defect Management Tool (Quality Center, JIRA) * Exploit application security flaws and vulnerabilities with attack simulations on multiple projects working against specific client-focused scopes of work. * Ability to provide application security risk assessment of technologies stack used in cloud or web applications. * Ability to perform application vulnerability assessments or application penetration testing, utilizing tools commercial and open source tools. * Perform, review and analyze security vulnerability data to identify applicability and false positives. * Create risk based security code reviews (Static, Dynamic and Interactive). * Conduct application security testing in line with OWASP (Open Web application Security Project) * Mentor junior engineers to build their skills and contribution levels * Write technical reports that include suggested resolution for identified problem areas and perform operational risk assessment. * Perform Proof of Concept testing and do evaluation of new security technologies and tools. * Assist and support Security Test Analysts as they perform vulnerability, network and network security assessments. * Experience DevOps tools like DynaTrace, Chef, Splunk and Vagrant. * Experience with scripting languages (e.g. python, PERL, SQL) a plus * Ability to perform below tasks: o Dynamic Application Security Testing (DAST) o Static Application Security Testing (SAST) o Interactive Application Security Testing (IAST) o Web Application Penetration Testing o Product Security Testing o Cloud Application Security Testing o Web Services Security Testing o Security Code Review o Network Security Assessment * Application Security Testing Tools: VeraCode, Synopsys, Contrast IAST, Burp Suite, Tamper Data, Live http Headers, Client Fortify, VeraCode, OWASP Top 10, N-Stealth, Hailstorm, Paros, SANS Top 20, Acunetix, Nessus * Fast learning, problem solving and analytical skills * Excellent communication, presentation, and interpersonal skills * Track record of good time management * Efficient in effort estimation, planning and prioritization * Ability to understand Business Requirements and transform them to functional units * Knowledge of SDLC and implementation * Knowledge of SoapUI * Proficiency in Java language * Proficiency in SQL * Job details *

Hello, Greetings for the day, We have an urgent job opening for a SAP Security Consultant in San Francisco, CA. Please find the complete below and consultant information details below to the job description. Duration: 5Months+ Job Title: SAP Security Duties: Provides the technical guidance in development of security roles and authorizations to SAP projects and production support for R3, BW, EBP, SMP, PI, AII/OER systems Ensures development and maintenance of SAP roles and authorizations are aligned with enterprise security best practices and corporate standards Delivers and manages overall SAP security standards and designs Works closely with SAP functional and technical teams in the identification and resolution of gaps in the security authentication and authorization processes Provides day-to-day support for GRC 5.3 CUP, FireFighter Works closely with security and technical teams in architecting and implementing Identity and Security best practices in SAP environment; Partners with teams in support of internal and external auditing of SAP environment Performs annual SAP licensing for all the systems onsite Skills: Minimum of 5 years of experience implementing and delivering SAP Security Solutions; Must have strong demonstrated knowledge of SAP Security and experience with GRC Analysis and Administration. Experience in implementing/upgrading/managing SAP GRC Access Controls, Access Risk Analysis and Emergency Access Management a plus; Must have excellent troubleshooting and resolution skills; Strong attention to detail. Strong technical knowledge of SAP Security architecture and role based authorization models; Strong analytical, problem solving and conceptual. Strong oral and written communication skills, with an ability to express complex technical concepts; Strong understanding of data privacy concepts. Strong Security and Risk mitigation mindset.Understanding of process re-engineering, segregation of duties, application security implementation, security auditing techniques Keywords: Education: Bachelor's degree in Computer Science or related field, OR equivalent combination of education and/or experience Skills and Experience: Required Skills: AUDITING MITIGATION PROBLEM SOLVING SAP Security GRC Additional Skills: RE-ENGINEERING RISK ANALYSIS ARCHITECTURE SAP SECURITY SECURITY ARCHITECTURE SECURITY IMPLEMENTATION SOLUTIONS AUTHENTICATION EBP MAINTENANCE R3 Thanks & Regards, Srikanth ************ 800 W, Fifth Avenue, Suite 208A Naperville, IL - 60563 " A Certified MBE & Women's Business Enterprise Alliance (WBEA)" Additional Information All your information will be kept confidential according to EEO guidelines.

Role Purpose The Director of Information and Data Security will establish and lead Eltropy's IT and Cybersecurity function, responsible for developing foundational systems, processes, and governance across infrastructure, data protection, and compliance. This leader will drive security maturity across the organization, balancing hands-on execution with long-term strategic planning, and partnering with external GRC consultants to build a scalable security and compliance framework aligned with industry standards (e.g., SOC 2, ISO 27001). Key Responsibilities IT and Infrastructure Security * Oversee endpoint management, asset inventory, and identity and access management (IAM). * Establish standards for device hardening, patch management, and secure configuration. * Define and manage the budget for all security and IT tools, services, and human capital, ensuring cost-effectiveness and alignment with the overall security roadmap. * Implement centralized visibility and control across systems and SaaS applications. Cybersecurity and Data Protection * Lead threat detection, vulnerability management, and incident response operations. * Implement and maintain a Cloud Security Posture Management (CSPM) solution to monitor cloud infrastructure (AWS/Azure) for misconfigurations and compliance issues. * Deploy and tune SIEM/XDR solutions to enhance visibility and threat detection across environments. * Conduct regular penetration testing, track remediation, and drive security awareness programs. * Define and enforce data protection policies covering classification, encryption, and retention. Governance, Risk, and Compliance (in partnership with GRC Consultant) * Partner with external GRC consultants to design and operationalize Eltropy's information security and compliance framework. * Translate consultant-driven recommendations into actionable internal controls, policies, and monitoring mechanisms. * Manage the Third-Party Risk Management (TPRM) program, including vendor due diligence, security questionnaires, and ongoing risk monitoring. * Maintain a centralized risk register and oversee remediation tracking. * Own operational compliance for frameworks such as SOC 2, ISO 27001, and GDPR. Security Architecture and Product Collaboration * Work closely with Engineering and Product teams to embed security-by-design principles in SaaS architecture and cloud deployments. * Implement automated security testing (SAST/DAST) within the CI/CD pipeline to shift security left and reduce vulnerabilities early in the development lifecycle. * Review architecture and third-party integrations to ensure alignment with data security and privacy standards. Incident Management and Business Continuity * Establish and operationalize the company's Incident Response Plan (IRP) and Business Continuity/Disaster Recovery (BCP/DR) framework. * Conduct tabletop exercises and post-incident reviews to enhance preparedness and learning. Security Awareness and Culture * Develop and implement a company-wide security awareness program. * Partner with HR and Operations to ensure onboarding/offboarding includes security compliance and periodic training. * Foster a security-first culture emphasizing accountability and vigilance across teams. Leadership and Department Setup * Build and lead a high-performing IT and Security team, including IT administrators and cybersecurity engineers. * Define structure, roles, and hiring priorities aligned with the company's growth stage. * Create a phased roadmap for security maturity, including technology adoption and process optimization. Key Performance Indicators (KPIs) * Security Tool Coverage: Achieve at least X% deployment and agent coverage across all corporate and cloud assets within the first 6 months. * Vulnerability Remediation: Maintain average time-to-remediate critical and high vulnerabilities below X days. * Compliance Milestones: Achieve SOC 2 / ISO 27001 readiness within agreed timelines. * Asset Visibility: 100% endpoint and asset inventory completeness. * Incident Management: Reduction in mean time to detect (MTTD) and mean time to respond (MTTR) for incidents. * Team Ramp; Process Setup: Completion of key hires and operational processes within the first year. Requirements * Independent, self-starter with strong ownership and execution bias. * Ability to prioritize and execute in a resource-constrained, fast-paced SaaS environment. * Strategic thinker with operational depth; able to balance long-term maturity goals with immediate risk mitigation. * Excellent communication skills with the ability to influence and align cross-functional stakeholders. * Proven experience setting up IT or cybersecurity programs in a SaaS or technology environment. * Strong understanding of endpoint protection, cloud infrastructure security (AWS/Azure), IAM, and network security. * Experience with SIEM and/or XDR deployment and tuning for threat detection and monitoring. * Familiarity with CSPM, SAST/DAST, and vulnerability management tools. * Knowledge of GRC frameworks (SOC 2, ISO 27001) and translating them into practical, auditable controls. Reporting to: VP of Operations Level: Senior Leadership Direct Reports: * IT Team * Cybersecurity Engineer(s)

ABOUT THE ROLE You'll be our first dedicated security leader, owning the technical execution of our security and compliance program. You'll drive SOC 2 and PCI DSS compliance, manage our vulnerability program, and build security capabilities that enable our engineering teams to move fast while staying secure. This is a hands-on role-you'll design controls, write policies, respond to incidents, and work directly with auditors. This is initially an individual contributor role with high impact and visibility. As our security program matures, you'll have the opportunity to build and lead a security team. IN THIS ROLE, YOU WILL Own Compliance Lead SOC 2 Type II and PCI DSS programs through successful audit Design and implement security controls without blocking velocity Serve as primary technical contact for external auditors and assessors Manage third-party vendor security assessments and ongoing monitoring Build automated evidence collection and continuous compliance monitoring Report security metrics and program status to executive leadership Manage Security Operations Establish vulnerability management program with defined SLAs and remediation workflows Own end-to-end vulnerability management: identify, assess, prioritize, and drive remediation to completion across infrastructure and applications Manage external penetration testing program with third-party vendors, including scoping, assessment review, and remediation tracking Perform internal penetration testing and security assessments of applications, APIs, and infrastructure Build SIEM detection rules, security dashboards, and alert triage processes Develop and test incident response runbooks Conduct threat modeling for critical systems and architectural changes Lead security assessments of new technologies and third-party integrations Enable & Collaborate Partner with platform engineering to implement security roadmap: AWS landing zone design, PAM/JIT workflows, account segmentation, disaster recovery testing Enforce enterprise security controls (SSO, secrets management, RBAC) Build and deliver security awareness training program for all employees Develop and maintain security policies, standards, and procedures Translate compliance requirements into actionable engineering tasks and drive completion YOU HAVE Security & Compliance: 5+ years in information security, with 2+ years in fintech or highly regulated industry CISSP certification (or actively pursuing - must obtain within 12 months of hire) Hands-on experience leading SOC 2 and PCI DSS audits from start to finish Strong incident response background-you've led real security incidents Experience with vulnerability management platforms (Wiz, Snyk, Tenable) Technical Skills: Solid understanding of AWS security: IAM, Security Hub, GuardDuty, CloudTrail, KMS Experience with SIEM platforms (Splunk, Datadog, Elastic)-you can write detection rules and build dashboards Hands-on experience with vulnerability assessment and penetration testing tools (Burp Suite, Nessus, Qualys, or similar) Ability to read code (Ruby, JavaScript, Python) and assess security implications Knowledge of web application security, API security, and OWASP Top 10 Understanding of access control patterns (PAM, SSO, RBAC, least privilege) Core Competencies: Strong communication-you can explain risks to engineers and executives alike Pragmatic risk management in fast-paced environments Self-starter who builds programs from scratch Collaborative mindset-security as enabler, not blocker Ability to drive remediation to completion across teams NICE TO HAVE Additional certifications (CISM, CISA, CCSP, CEH, OSCP, CRISC) Experience managing WAF deployments (Palo Alto, Cloudflare, AWS WAF) Infrastructure-as-code experience (Pulumi, Terraform) Kubernetes security knowledge SOAR platform experience DevSecOps or security automation background Scripting skills (Python, Bash) for security tooling and automation Kikoff: A FinTech Unicorn Powering Financial Progress with AI At Kikoff, our mission is to provide radically affordable financial tools to help consumers achieve financial security. We're a profitable, high growth FinTech unicorn serving millions of people, many of whom are building credit or navigating life paycheck to paycheck. With innovative technology and AI, we simplify credit building, reduce debt, and expand access to financial opportunities to those who need them the most. Founded in 2019, Kikoff is headquartered in San Francisco and backed by top-tier VC investors and NBA star Stephen Curry. Why Kikoff: This is a consumer fintech startup, and you will be working with serial entrepreneurs who have built strong consumer brands and innovative products. We value extreme ownership, clear communication, a strong sense of craftsmanship, and the desire to create lasting work and work relationships. Yes, you can build an exciting business AND have real-life real-customer impact. 🏥 Medical, dental, and vision coverage - Kikoff covers the full cost of health insurance for the employee! 📈 Meaningful equity in the form of RSU's 🏝 Flexible vacation policy to help you recharge 💰 Competitive pay based on experience consisting of base + equity + benefits Location: Hybrid, 3 days onsite in San Francisco, CA. Visa sponsorship available: Kikoff is willing to provide sponsorship for H1-B visas and U.S. green cards for exceptional talent. Equal Employment Opportunity Statement Kikoff Inc. is an equal opportunity employer. We are committed to complying with all federal, state, and local laws providing equal employment opportunities and considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. Please reference the following for more information. If you need reasonable accommodation for a job opening please connect with us at ***************** and describe the specific accommodation requested for a disability-related limitation. Reasonable accommodations are modifications or adjustments to the application or hiring process that would enable you to fully participate in that process. San Francisco Fair Chance Ordinance: Pursuant to the San Francisco Fair Chance Ordinance, Kikoff will consider for employment qualified applicants with arrest and conviction records.

This job requires relocation to the United States, Silicon Valley, through the use of a TN visa. If selected for this job, the process of coming to the United States will be handled by Tech-Mex. The Information Security Engineer maintains 24x7 support, responds to vendor security questionnaires, performs monitoring and maintenance of the security infrastructure and components, participates in project planning and deployment of new technologies and will be responsible for remediation of identified compliance and risk gaps. He/she works independently, operating under the defined guidelines established by the Director of Information Technology and Security. ESSENTIAL Job Duties & Responsibilities Monitor and advise on information security issues related to the systems and workflow to ensure the internal and external security controls for the company are appropriate and operating as intended Documenting gaps between vendor requirements and National MIs infrastructure Coordinate and execute IT security projects Coordinate response to information security incidents Conduct company-wide audits and manage remediation plans Collaborate with other areas of IT to manage security vulnerabilities Conduct research to keep abreast of latest security issues Ensures that system documentation is accurate and updated as needed Participates in disaster recovery (DR) exercises as directed Logfile review and analysis Install and maintain new systems Prioritize remediation of gaps based on internal and external audits Prepares compliance reports by collecting, analyzing, and summarizing data Evaluates information to determine compliance with laws, regulations, or standards MINIMUM QUALIFICATIONS 3-5 plus years related work experience Vendor audit and compliance experience, preferably with the SIG framework Strong technical skills in anti-virus, DLP, and PKI Strong experience with the McAfee suite of products Solid understanding of networking concepts and system administration Experience with Nessus, RSA envision, RedHat Linux and database security Knowledge of data compliance and privacy standards and regulations as they apply to insurance and banking industries Knowledge of Information Security Standards (ISO27001, NIST, etc) Self-motivated, self-directed and shows attention to detail while working Ability to effectively prioritize and execute reporting tasks in a fast-paced, results-driven environment Extensive experience working in a team-oriented, collaborative environment with a diverse team of business and IT staff Bachelor's degree in Computer Science or Information Systems preferred; Professional certifications are an advantage Essential Worker Competencies The ability to function independently with minimal supervision. Works ethically and with integrity supporting organizational goals and values Displays commitment to excellence Completes work in a timely manner and meets deadlines Good verbal and written communication skills Meets productivity standards and achieves key outcomes Is dependable and keeps commitments Contributes to building a positive team spirit and treats others with respect Candidate will be relocated to the United States

The Department of Public Health prioritizes equitable and inclusive access to quality healthcare for its community and values the importance of diversity in its workforce. All employees at the Department of Public Health work to advance equity, inclusion, and diversity with a specific lens and focus on race, ethnicity, gender, sex, sexuality, disability, and immigration status. This is a Position-Based Test conducted in accordance with CSC Rule 111A. Learn more about the City's hiring process here: ***************************************** * Application Opening: Friday, November 21, 2025 * Application Deadline: Application filing will close on or after Friday, January 9, 2026. * Salary: $180,440 - $230,308 Annually (Range A) * Appointment Type: Permanent Civil Service * Recruitment ID: PBT-0933-160818 Becoming a City employee means being a part of a team that cares about making a difference. Your work will shape both the present and future of San Francisco. When you work for the City, you're choosing a job with purpose. The mission of the San Francisco Department of Public Health (SFDPH) is to protect and promote the health of all San Franciscans. SFDPH strives to achieve its mission through the work of several divisions - the San Francisco Health Network, Population Health Division, Behavioral Health Services, and Central Administration. The San Francisco Health Network is the City's only complete system of care and has locations throughout the City, including Zuckerberg San Francisco General Hospital and Trauma Center, Laguna Honda Hospital and Rehabilitation Center, and over 15 primary care health centers. The Population Health Division (PHD) provides core public health services for the City and County of San Francisco: health protection, health promotion, disease and injury prevention, disease surveillance, and disaster preparedness and response. Behavioral Health Services operates in conjunction with SFHN and provides a range of mental health and substance use treatment services. Central Administration houses core support organizations, including Finance, Information Technology (IT), Human Resources, Privacy and Compliance, Business Office, Facilities Management, and Security Services. Role description The San Francisco Department of Public Health is seeking a dynamic and experienced cybersecurity professional to join its IT leadership team. As a key strategic leader, the Chief Information Security Officer (CISO) (0933 Manager V) will be responsible for developing and executing a comprehensive information security strategy that safeguards the department's systems, data, and services. This role leads the implementation of an enterprise-wide security program that promotes collaboration, strengthens governance, and aligns cybersecurity initiatives with organizational goals. The CISO serves as a trusted advisor to senior leadership, providing expert guidance on risk management, security investments, and policy development. The CISO oversees a team of cybersecurity professionals within the SFDPH IT division and collaborates extensively with the CISO for the City and County of San Francisco. We are looking for a visionary and collaborative leader who can balance innovation with risk mitigation, and who thrives in a complex, mission-driven environment. The CISO reports directly to the Chief Information Officer (CIO). The Chief Information Security Officer (0933 Manager V) performs the following essential job functions: * Provides strategic leadership in evaluating and mitigating information security threats across the organization using a structured, risk-based methodology. Advises executive leadership on identified risks and ensures timely execution of mitigation and remediation plans with integrity and discretion * Directs the ongoing development of the department's information security program, including project portfolio management, incident response, policy frameworks, compliance activities, threat and vulnerability management, and third-party risk management * Allocates and manages resources to support a robust security strategy. Identifies and advocates for strategic investments, oversees capital and operating budgets, and delivers ROI analyses and budget recommendations * Partners with the Office of Compliance and Privacy Affairs to assess data security risks related to contracts, projects, artificial intelligence solutions, and other initiatives. Develops tools and interventions to mitigate risks, establishes performance metrics, and monitors compliance through audits and assessments * Builds alignment and support for security goals and initiatives across internal and external stakeholders. Communicates effectively with leadership at all levels on trends, risks, and the overall effectiveness of the security program * Promotes awareness and understanding of regulatory requirements across the organization. Leads or collaborates on testing and auditing activities to ensure ongoing compliance and successful certifications * Analyzes security requirements and ensures compliance with industry standards such as HIPAA, NIST, and PCI-DSS * Establishes and maintains comprehensive policies and procedures to support effective and sustainable security operations * Serves as the department's representative in security-related matters with City agencies and partners * Continuously monitors emerging trends, technologies, and best practices in cybersecurity to ensure the department's security posture remains current and effective The Chief Information Security Officer (0933 Manager V) may perform other duties as assigned/required. How to qualify 1. Education: Bachelor's degree from an accredited college or university; AND 2. Experience: Five (5) years of professional healthcare information systems security experience, of which three (3) years must include supervising IT professionals. Education Substitution: Additional experience as described above may be substituted for the required degree on a year-for-year basis. One (1) year is equivalent to thirty (30) semester units / forty-five (45) quarter units. Applicants must meet the minimum qualification requirements by the final filing date unless otherwise noted. One-year full-time employment is equivalent to 2,000 hours (2,000 hours of qualifying work experience is based on a 40-hour work week). Desirable Qualifications: The stated desirable qualifications may be considered at the end of the selection process when candidates are referred for hiring: * Possession of a Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) certification Verification of Education and Experience: Every application is reviewed to ensure that you meet the minimum qualifications as listed in the job ad. Review SF Careers Employment Applications for considerations taken when reviewing applications. Applicants may be required to submit verification of qualifying education and experience at any point during the recruitment and selection process. If education verification is required, information on how to verify education requirements, including verifying foreign education credits or degree equivalency, can be found at ******************************************************* Note: Falsifying one's education, training, or work experience or attempted deception on the application may result in disqualification for this and future job opportunities with the City and County of San Francisco. What else should I know? Selection Procedures: After application submission, candidates deemed qualified must complete all subsequent steps to advance in this selection process, which includes the following: Supplemental Questionnaire (SQ) Examination (Weight: 100%) Candidates that meet the minimum qualifications will be invited to participate in a Supplemental Questionnaire (SQ) examination that is designed to measure the knowledge, skills, and abilities in job related areas which may include but not be limited to: Knowledge of local, State and Federals laws and regulations relating to information security, including but not limited to HIPAA and HITECH; Knowledge of information security technology frameworks and standards, including but not limited to NIST, HITRUST, COBIT, ISO 27001, PCI-DSS or similar cyber security frameworks; Knowledge of technology relating to enterprise wide information security protection; Knowledge of structured systems analysis and design practices and techniques; common operating systems software and relational database systems; hospitals or community health network environments; Ability to apply principles and practices of management, administration, budgeting, training, and personnel management; Ability to manage, supervise, train and coordinate complex functional area of responsibility and groups of employees; Ability to analyze and report on activities, issues and problems and recommend appropriate solutions; Ability to communicate effectively orally; Ability to communicate effectively in writing; Ability to exercise judgement, decisiveness and creativity required in situations involving the direction, control and planning of a program(s); manage critical timelines effectively; Ability to establish and maintain good working relationships with department personnel, staff, vendors, peers, and management, and engage and influence a broad range of stakeholders (e.g. HR, IT, Legal, Compliance, senior management, etc.) Candidates must achieve a passing score on the Supplemental Questionnaire exam in order to continue in the selection process and will be placed on the confidential eligible list in rank order according to their final score. Additional selection processes may be conducted by the hiring department prior to making final hiring decisions. Certification The certification rule for the eligible list resulting from this examination will be the Rule of the List. Eligible List/Score Report: A confidential eligible list of applicant names that have passed the civil service examination process will be created and used for certification purposes only. An examination score report will be established, so applicants can view the ranks, final scores, and number of eligible candidates. Applicant information, including names of applicants on the eligible list, shall not be made public unless required by law. However, an eligible list shall be made available for public inspection, upon request, once the eligible list is exhausted or expired and referrals resolved. The eligible list/score report resulting from this civil service examination process is subject to change after adoption (e.g., as a result of appeals), as directed by the Human Resources Director or the Civil Service Commission. The duration of the eligible list resulting from this examination process will be of six months and may be extended with the approval of the Human Resources Director. To find Departments which use this classification, please see the city's Position Counts by Job Codes and Departments. Terms of Announcement and Appeal Rights: Applicants must be guided solely by the provisions of this announcement, including requirements, time periods and other particulars, except when superseded by federal, state or local laws, rules, or regulations. Clerical errors may be corrected by the posting the correction on the Department of Human Resources website at ************************ The terms of this announcement may be appealed under Civil Service Rule 111A.35.1. The standard for the review of such appeals is 'abuse of discretion' or 'no rational basis' for establishing the position description, the minimum qualifications and/or the certification rule. Appeals must include a written statement of the item(s) being contested and the specific reason(s) why the cited item(s) constitute(s) abuse of discretion by the Human Resources Director. Appeals must be submitted directly to the Executive Officer of the Civil Service Commission within five business days of the announcement issuance date. Additional information regarding Employment with the City and County of San Francisco: * Information about the Hiring Process * Conviction History * Employee Benefits Overview * Equal Employment Opportunity * Disaster Service Workers * ADA Accommodation * Right to Work * Copies of Application Documents * Diversity Statement * Veterans Preference * Seniority Credit in Promotional Exams Where to Apply All job applications for the City and County of San Francisco must be submitted through our online portal. Please visit *********************** to begin your application process. Applicants may be contacted by email about this recruitment. Please consider using a personal email address that you check regularly rather than a work or school account. Computers are available for the public (9:00 a.m. to 4:00 p.m. Monday through Friday) to file online applications in the lobby of the Dept. of Human Resources at 1 South Van Ness Avenue, 4th Floor and at the City Career Center at City Hall, 1 Dr. Carlton B. Goodlett Place, Room 110. Ensure your application information is accurate, as changes may not be possible after submission. Your first and last name must match your legal ID for verification, and preferred names can be included in parentheses. Use your personal email address, not a shared or work email, to avoid unfixable issues. Applicants will receive a confirmation email from ******************************** that their online application has been received in response to every announcement for which they file. Applicants should retain this confirmation email for their records. Failure to receive this email means that the online application was not submitted or received. If you have any questions regarding this recruitment or application process, please contact the analyst, Marielle Saldajeno at **************************** or **************. We may use text messaging to communicate with you on the phone number provided in your application. The first message will ask you to opt in to text messaging. The City and County of San Francisco encourages women, minorities and persons with disabilities to apply. Applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical disability, mental disability, medical condition (associated with cancer, a history of cancer, or genetic characteristics), HIV/AIDS status, genetic information, marital status, sexual orientation, gender, gender identity, gender expression, military and veteran status, or other protected category under the law.

Job Description About us: Lucence is a pioneering precision oncology company with a bold vision: a world where cancer is defeated through early detection and timely treatment. Our cutting-edge liquid biopsy tests use advanced molecular profiling to guide personalized cancer therapies, transforming how cancer is diagnosed and treated. At Lucence, we are shaping the future of precision medicine by capturing both genetic and cellular data from a single blood draw, bringing us closer to our mission of overcoming cancer. We are looking for an Information Security & Compliance Manager to lead Lucence's SOC 2 compliance programmes. You will own our internal controls, audits, and security governance frameworks, ensuring the company meets the standards required for global diagnostics operations. Key Responsibilities Compliance Ownership Own SOC 2 Type I/II, and build on HIPAA and cybersecurity certification roadmaps. Maintain documentation, evidence repositories, and ongoing readiness. Internal Controls & Policies Build, refine, and enforce security policies, risk registers, and access-control processes. Audit Management Partner with external auditors, coordinate internal contributors, drive remediation plans, and ensure timely closure of findings. Vendor & Data Protection Reviews Conduct security due diligence for vendors, manage DPAs, and ensure data-flow compliance for global partners. Security Governance Implement quarterly control testing, internal audits, DR/BCP drills, and continuous monitoring of compliance gaps. Cross-Functional Partnering Work closely with external vendors, Informatics, IT, Lab Ops, and Commercial teams to embed security into product and operational workflows. Preferred Qualifications Experience owning SOC 2 or ISO audit cycles end-to-end. Familiarity with cloud environments (AWS/Azure/GCP) and modern security tooling. Attention to detail to improve policies, controls, and audit documentation. Certifications: ISO Lead Auditor, CISA, CISSP, or equivalent.

LinkedIn is the world's largest professional network, built to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day. We're also committed to providing transformational opportunities for our own employees by investing in their growth. We aspire to create a culture that's built on trust, care, inclusion, and fun - where everyone can succeed. Join us to transform the way the world works. At LinkedIn, our approach to flexible work is centered on trust and optimized for culture, connection, clarity, and the evolving needs of our business. This role may be remote or hybrid. At LinkedIn, hybrid roles are performed both from home and from a LinkedIn office on select days, as determined by the business needs of the team. Remote roles are performed from the designated home work location upon time of hire, and any changes to this home work location requires a review of remote status and approval. LinkedIn's members entrust us with their information every day and we take their security seriously. Our core value of putting our members first powers all the decisions we make, including how we manage and protect the data of our members and customers. We never stop working to ensure LinkedIn is secure. We follow industry standards and have developed our own best practices to stay ahead of the increasing number of threats facing all Internet services and infrastructure. LinkedIn is looking for an experienced Engineering Manager to lead the Detection Engineering team in the US and to be an integral part of our Information Security organization. The Detection Engineering team is responsible for developing and maintaining threat detection capabilities, security monitoring systems, and detection rules to protect our infrastructure, applications, and, most importantly, our members. This is a key role in supporting and growing our security detection and monitoring capabilities. Responsibilities: Leadership and Team Management + Lead and manage the detection engineering team, including hiring, training, and mentoring team members. + Develop and maintain detection engineering policies, procedures, infrastructure, and guidelines. + Coordinate and oversee all activities of the detection engineering team during threat detection development and implementation. Detection Development and Management + Serve as the primary point of contact for all threat detection development and enhancement initiatives. + Ensure timely development, testing, and deployment of detection rules and monitoring capabilities. + Conduct post-deployment analysis and create detailed reports on detection effectiveness with KPIs, including tuning recommendations and optimization strategies. Communication and Coordination + Communicate detection development status, updates, metrics and reporting, and capabilities to senior management, stakeholders, and security teams regularly. + Coordinate with internal and external teams, including security operations, defense infrastructure, incident response, and product engineering teams to develop and maintain effective detection capabilities. + Develop and maintain an effective detection engineering communication plan. Continuous Improvement + Continuously evaluate and improve detection engineering processes, tools, and capabilities. + Conduct and report on regular detection testing and validation exercises to test and refine detection rules and monitoring systems. + Stay current with emerging threats, attack techniques, and detection technologies to enhance the detection engineering program. Reporting and Documentation + Maintain comprehensive documentation of all detection rules, including development rationale, testing results, and performance metrics. + Prepare and present detection engineering reports and metrics to senior leadership and stakeholders. + Ensure compliance with regulatory requirements and industry standards related to threat detection and monitoring. Training and Awareness + Develop and deliver detection engineering training programs for team members and other relevant personnel. + Promote security detection awareness and best practices across the organization. + Ensure the detection engineering team is up-to-date with the latest tools, techniques, and procedures. Budget and Resource Management + Manage the detection engineering budget and allocate resources effectively. + Evaluate and recommend tools, technologies, and services to enhance the detection engineering program. + Ensure the team has the necessary resources and support to perform their duties effectively. Basic Qualifications: + Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related technical discipline, or equivalent practical experience. + 1+ year(s) of management experience or 1+ year(s) of staff level engineering experience with management training. + 7+ years of experience in cybersecurity, with a focus on detection engineering, security monitoring, threat intelligence, incident response, or related security roles. + Experience leading or managing a cybersecurity, incident response, or detection engineering team. + Experience in cybersecurity frameworks and standards (e.g., NIST, MITRE ATT&CK, OCSF). + Experience in detection engineering tools and technologies (e.g., Query Languages, CI/CD, YARA, Sigma rules, threat intelligence platforms). + Experience with threat analysis, detection rule development, automation engineering, and security monitoring optimization. + Project management experience with managing budgets and resources. Preferred Qualifications: + Master's degree in Cybersecurity, Information Assurance, or a related field. + 10+ years of experience in cybersecurity, with significant experience in detection engineering, threat intelligence, or incident response. + 3+ years of management experience in building small to medium-sized teams, demonstrating growth and a track record of successful deliveries. + Ability to work under pressure and manage multiple detection development projects simultaneously as well as managing an oncall team. + Relevant certifications (e.g., CISSP, CISM, GCIH, GCFA, SANS). + Experience in developing and delivering detection engineering training and awareness programs. + Strong proficiency in Kusto Query Language (KQL) and SQL. + Proficiency in programming or scripting languages (e.g., Python, Go, etc.) for automating detection development and testing processes. + Experience with cloud security and detection engineering in cloud environments especially Azure. + Knowledge of advanced threat detection techniques, including threat hunting and behavioral analysis as well as applied threat intelligence. + Familiarity with detection engineering frameworks and best practices (e.g., Sigma, YARA, STIX/TAXII, OCSF). + Strong communication skills, both written and verbal, with the ability to convey complex technical information to non-technical stakeholders. Suggested Skills : + Security Information and Event Management (SIEM) + Query languages (KQL, SPL, SQL, Elastic, etc.) + Detection Rule Development (YARA, Sigma) + Scripting and Automation (e.g., Python, PowerShell, SQL) + Threat Intelligence Integration + Cloud Security (e.g., Azure, GCP) You will Benefit from our Culture We strongly believe in the well-being of our employees and their families. That is why we offer generous health and wellness programs and time away for employees of all levels. LinkedIn is committed to fair and equitable compensation practices. The pay range for this role is $152,000 - $248,000. Actual compensation packages are based on a wide array of factors unique to each candidate, including but not limited to skill set, years & depth of experience, certifications and specific office location. This may differ in other locations due to cost of labor considerations. The total compensation package for this position may also include annual performance bonus, stock, benefits and/or other applicable incentive compensation plans. For additional information, visit: ************************************** **Equal Opportunity Statement** We seek candidates with a wide range of perspectives and backgrounds and we are proud to be an equal opportunity employer. LinkedIn considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. LinkedIn is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful. If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at accommodations@linkedin.com and describe the specific accommodation requested for a disability-related limitation. Reasonable accommodations are modifications or adjustments to the application or hiring process that would enable you to fully participate in that process. Examples of reasonable accommodations include but are not limited to: + Documents in alternate formats or read aloud to you + Having interviews in an accessible location + Being accompanied by a service dog + Having a sign language interpreter present for the interview A request for an accommodation will be responded to within three business days. However, non-disability related requests, such as following up on an application, will not receive a response. LinkedIn will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by LinkedIn, or (c) consistent with LinkedIn's legal duty to furnish information. **San Francisco Fair Chance Ordinance ** Pursuant to the San Francisco Fair Chance Ordinance, LinkedIn will consider for employment qualified applicants with arrest and conviction records. **Pay Transparency Policy Statement ** As a federal contractor, LinkedIn follows the Pay Transparency and non-discrimination provisions described at this link: ******************************** **Global Data Privacy Notice for Job Candidates ** Please follow this link to access the document that provides transparency around the way in which LinkedIn handles personal data of employees and job applicants: ********************************************