Security architect jobs in College Station, TX - 1,415 jobs

We are seeking an experienced and strategic Director of Data Security and Governance to lead our comprehensive data protection program. This critical role involves establishing and enforcing data security policies to meet stringent regulatory requirements, including the International Traffic in Arms Regulations (ITAR), and fulfilling complex data security obligations within commercial contracts. You will be responsible for building our data governance framework from the ground up, including implementing a robust data classification program and deploying modern security solutions like Data Security Posture Management (DSPM) and Data Rights Management (DRM)., in addition to managing the DLP program. Detailed Description Performs tasks such as, but not limited to, the following: Strategy & Policy Development: Design, implement, and oversee the enterprise-wide data security and governance strategy, policies, and standards. Compliance & Regulatory Oversight: Serve as the primary expert on data security requirements for ITAR and other government regulations. Ensure all data handling processes and systems are compliant with contractual and legal obligations. Data Classification Program: Develop and manage a corporate data classification policy and program. Work with business units to identify, classify, and protect sensitive and regulated data throughout its lifecycle. Technology Implementation: Lead the selection, implementation, and operationalization of a Data Security Posture Management (DSPM) solution to provide visibility and control over our data landscape. Data Rights Management (DRM): Implement and manage a DRM solution to control access to and usage of sensitive data, ensuring that only authorized individuals can access and interact with protected information according to defined policies. Risk Management: Conduct regular data security risk assessments, identify vulnerabilities, and oversee remediation efforts to mitigate risks. Incident Response: Develop and lead the data-focused components of the incident response plan, including containment, investigation, and reporting of data breaches. Collaboration & Training: Partner closely with Legal, IT, Engineering, and business stakeholders to embed data security principles into their operations. Develop and deliver training programs to raise awareness about data governance and security best practices. Typical Experience Minimum of 10 years of experience in cybersecurity and data governance, with at least 4 years in a leadership role. Proven track record of successfully implementing a data classification program across an enterprise. Direct experience with the procurement and deployment of DSPM and DRM technologies. Skills & Knowledge: Deep understanding of data protection principles, including encryption, access control, data loss prevention (DLP), and data discovery. Expert knowledge of security frameworks such as NIST Cybersecurity Framework, NIST 800-171, and ISO 27001. Excellent project management skills and the ability to lead cross-functional teams. Strong communication skills, with the ability to articulate complex security concepts to technical and non-technical audiences. Certifications (Preferred): Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Information Privacy Professional (CIPP) Typical Education Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field, or equivalent experience. A Master's degree is a plus. Educational requirements may vary by geography. Physical Demands Duties of this position are performed in a normal office environment. Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required. Notes This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Celestica's policy on equal employment opportunity prohibits discrimination based on race, color, creed, religion, national origin, gender, sexual orientation, gender identity, age, marital status, veteran or disability status, or other characteristics protected by law. This policy applies to hiring, promotion, discharge, pay, fringe benefits, job training, classification, referral and other aspects of employment and also states that retaliation against a person who files a charge of discrimination, participates in a discrimination proceeding, or otherwise opposes an unlawful employment practice will not be tolerated. All information will be kept confidential according to EEO guidelines. COMPANY OVERVIEW: Celestica (NYSE, TSX: CLS) enables the world's best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development - from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers. Celestica would like to thank all applicants, however, only qualified applicants will be contacted. Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services. This location is a US ITAR facility and these positions will involve the release of export controlled goods either directly to employees or through the employee's movement within the facility. As such, Celestica will require necessary information from all applicants upon an applicant's acceptance of employment to determine if any export control exemptions or licenses must be filed.

Title: Anaplan Employment Type: Full-Time Experience: 5 to 12 years As an Anaplan Solution Architect, you will lead the end-to-end design and implementation of Anaplan solutions for financial, supply chain, and operational planning use cases. You will act as the functional and technical lead across project phases-from requirement gathering and solution blueprinting to model deployment and user training. Strategic Responsibilities Lead solutioning for Anaplan projects, aligning model design with client business processes. Architect scalable and efficient Anaplan models. Translate complex business requirements into Anaplan blueprint and user stories Work closely with client stakeholders, business analysts, and developers to drive delivery. Perform solution reviews and provide technical governance across multiple projects. Support presales efforts including PoCs, effort estimation, and solution walkthroughs. Mentor and guide Anaplan model builders within the team. Keep abreast of Anaplan's latest capabilities, modelling techniques, and industry use cases Required Experience: 5- 12 years of experience in Anaplan. Minimum 4 years of hands-on experience in Anaplan with Solution Architect-level exposure. Certified Anaplan Solution Architect (mandatory) with an experience of minimum 1 year as SA, Master Ana planner is a strong advantage. Deep understanding of Anaplan's Best Services, workflows, ADO & Polaris Experience. Experience with FP&A, supply chain planning, workforce planning, or sales performance management. Strong business acumen with the ability to engage both technical and non-technical stakeholders. Exposure to integration tools (e.g., MuleSoft, Boomi, Informatica) and Anaplan Connect/REST APIs. Bachelor's/master's degree in finance, Engineering, or related disciplines Soft Skills: Exposure to Anaplan or hands-on experience with experience on Private Equity or finance. Prior experience working in Anaplan, including requirement gathering and documentation. Strong analytical skills with attention to detail. Effective communication and stakeholder management abilities

Must Have Technical/Functional Skills Strong Background in Enterprise Data Warehouse (EDW) concepts, dimensional modelling & performance tuning Proficiency in Teradata tools & utilities - TPT,BTEQ,FASTLOAD,SASDI Advanced SQL skills and Experience with ETL tools (Informatica, SAS DI) Familiarity with Teradata Vantage features like QueryGrid, NOS, and clear Scape Analytics Hands on coding in Python or similar Scripting Languages 5+ Years of Experience in Teradata Solutions Teradata certified Professional (preferred) Roles & Responsibilities Solution Design & Architecture Lead the design and architecture of enterprise data Wearhouse solution using Teradata Develop integration strategies and performance optimization technique Ensure solutions to comply with enterprise architecture standards and best practices Develop reusable python scripts for automation, data transformation and validation Platform Strategy & governance Evaluate Teradata platform features and create technology roadmaps Establish platform standards , integration patterns and governance frameworks Perform POC for new capabilities and onboard pilot projects Technical leadership Provide guidance on Terada utilities Collaborate with cross functional teams Optimize queries, indexing and workload management for high performance Data Management Oversee ETL/ELT Processes and data migration strategies Ensure Data quality , security and compliance with regulatory requirements Implement best practices for data lifecycle management and metadata governance Generic Managerial Skills, If any Leadership quality & good communication skill

Project Description: We are supporting long term strategic initiative to modernize and scale Frontend technology stack for industrial platform - a set of enterprise web and mobile applications in the electric utility space. This permanent full time role focuses on designing and evolving a composable user interface architecture with strong emphasis on reusability, performance, and future-ready web standards. Responsibilities: Lead the definition and evolution of UI architecture for web and mobile applications. Provide technical and architectural guidance to development teams in an agile environment. Build and maintain core UI frameworks and component libraries (Angular-centric). Collaborate with backend and data teams to optimize API usage and performance. Establish UI patterns, coding standards, and governance models. Mentor engineers on architectural best practices and performance optimization. Work closely with UX designers to ensure design-to-implementation alignment. Drive adoption of modern UI technologies, including micro-frontends and low-code/no-code configuration paradigms. Mandatory Skills Description: Extensive experience with UI architecture and component library development (Angular and modern frontend frameworks). Strong mastery of JavaScript/TypeScript and responsive, scalable frontend design. Hands-on experience with micro-frontend patterns and composable UIs. Familiarity with GraphQL integration and performance optimization techniques. Deep understanding of responsive design, cross-browser compatibility, performance tuning, and accessibility (e.g., WCAG). Minimum ~10+ years of relevant experience in UI/software engineering and architecture.

Job Title: Duckcreek Policy Architect Skills: Duckcreek, Policy, DCOD Experience: 12+ years Duration: Fulltime We at Coforge are hiring a Duckcreek Policy Architect with the following skillset : Minimum of 12 years of experience in software development, with at least 5 years in architecture roles. In-depth architectural knowledge of Policy, encompassing all components such as Author, Rating, Referral, Express, Server, User Admin, TransACT, and Party 360 within Duck Creek product versions 8.x or the latest versions. Hands-on experience with Duck Creek OnDemand (DCOD) and related technologies. Demonstrated ability to work effectively within the P&C insurance domain, specifically with applications and workflows related to Policy, Billing, Claims, and integrated systems. Strong technical leadership and communication skills for successful project delivery and client interaction. Experience with Active Delivery Migration is a Plud Experience with Remediation Activities Required for DCOD Active Delivery to identify, analyze, and resolve issues or gaps within existing systems, ensuring optimal performance and compliance. Hands-on familiarity with Express 3 is highly desirable

INFORMATION SECURITY OFFICER The Information Security Officer (“ISO”) is a senior level professional responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this risk management role is to ensure the execution of Information Security directives and activities in alignment with American Momentum Bank's Information Security Program and to remain compliance with all Regulatory requirements. Key Responsibilities Demonstrates understanding of AMB's Information Security standards and best practices. Communicates and recommends relevant updates and changes to AMB's Information Security standards and processes with the business. Establishes relationships with business managers and is consulted as a subject matter expert in Information Security. Influences decisions made by various Committees through recommendations and strong interpersonal skills. Performs ISO-related tasks across the AMB Information Security Program and ensures that deliverables are completed per applicable project timelines. Documents all suspected, identified, and reported security incidents (SIRTs). When needed, assists the Incident Response Team on investigation and triage tasks. Responsible for responding to security events by ordering emergency actions to protect the institution and its customers from imminent loss of information. Work with insurance companies and assist in the preparation of breach notification letters to clients/Regulators/etc., as needed. Receive and review Managed Security Service Provider SecurLOG alerts (i.e. Windows, firewall, intrusion detection, etc.). Assists in documenting corrective action plans for all Information Security-related gaps and reviews evidence prior to submitting issues for closure to ensure they meet AMB's technical and audit requirements. Works with the business to manage Information Security risk by analyzing the root cause, impact, and likelihood of issues, and then supports the business in implementing corrective action plans, risk exceptions, and/or compensating controls where appropriate. Partners with the Chief Technology Officer to ensure vulnerability assessments are completed and issues are remediated or risks accepted in accordance with AMB's Information Security Program. Review and recommend changes or enhancements to the IT Risk Assessment, Cybersecurity Assessment Tool, Ransomware Self-Assessment and any other policy or risk-based technology and security framework material with a focus on overall security protection and improvement. As required by State or FDIC regulators, the Information Security Officer may serve as the primary point of contact for Information Security-related topics and provide Information Security deliverables during all internal and external regulatory audits and examinations. Assists the business in ensuring that Information Security-related audit issues, identified through internal or external audits, are addressed timely. Provides general Information Security awareness training to business partners on relevant current and emerging Information Security risks. Advises the business of the appropriate controls for safeguarding sensitive information based on AMB's Information Security standards and the Information Security risks inherent and/or affecting the information assets. Participate as a member on all Committee's relevant to this job description. Assist in the review of IS/Cyber insurance policies. Assist with the completion of the annual GLBA IS/IT Report. Assist with ongoing role-based security reviews to ensure least privilege access is deployed across the Bank. Make recommendations to enhance user and group security across all application platforms. Qualifications 10+ years of relevant experience CISA, CISM and/or CISSP certification is desired Proficient in interpreting and applying policies, standards and procedures Consistently demonstrates clear and concise written and verbal communication Proven influencing and relationship management skills Excellent problem solving and proven analytical skills Reporting Structure Reports to the Chief Internal Auditor (solid line) Reports to the Board of Directors (dotted line) Education Bachelor's degree/University degree or equivalent experience Master's degree preferred

Who we are Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world's most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We're looking for talented team members who want to Dream. Do. Grow. with us. An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company- delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experience in an innovative, collaborative environment. To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time. Who we're looking for This role is responsible of the design, implementation, and maintenance of SAP security across multiple platforms. This role is critical to ensure secure access, compliance, and operational integrity of our SAP landscape, including S/4 HANA, Fiori, and MDG. What you'll be doing Design and manage SAP security roles and authorizations across S/4 HANA, Fiori, Solution Manager, MDG. Configure and maintain SAP GRC Access Control modules (ARA, ARM, BRM). Implement and monitor segregation of duties (SOD) policies and controls. Troubleshoot and resolve authorization issues across SAP modules. Collaborate with functional and technical teams to align security with business processes. Support SAP upgrades, migrations, and transformation initiatives. Conduct periodic audits and ensure compliance with internal and external regulations. Document security procedures, role matrices, and access control policies. What you bring Bachelor's degree in computer science, Information Systems, or related field. 10+ years of hands-on SAP security experience. Strong knowledge of SAP GRC, Fiori authorization concepts, and HANA DB security. Experience with SAP Activate methodology and UI/UX aspects of SAP Security. Familiarity with compliance frameworks (SOX, GDPR, etc.). Excellent problem-solving, communication, and documentation skills. Added bonus if you have SAP Certified Technology Associate - System Security. Experience with SAP BTP and cloud-based security models. Knowledge of identity management tools and integration. What We Bring During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities. A few highlights include: A work environment built on teamwork, flexibility, and respect. Professional growth and development programs to help advance your career, as well as tuition reimbursement. Team Member Vehicle Purchase Discount. Toyota Team Member Lease Vehicle Program (if applicable). Comprehensive health care and wellness plans for your entire family. Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute. Paid holidays and paid time off. Referral services related to prenatal services, adoption, childcare, schools, and more. Tax-Advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA). Relocation assistance (if applicable). Belonging at Toyota Our success begins and ends with our people. We embrace all perspectives and value unique human experiences. Respect for all is our North Star. Toyota is proud to have 10+ different Business Partnering Groups across 100 different North American chapter locations that support team members' efforts to dream, do and grow without questioning that they belong. Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law. Have a question, need assistance with your application or do you require any special accommodations? Please send an email to *****************************.

Who we are Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world's most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We're looking for talented team members who want to Dream. Do. Grow. with us. An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company- delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experience in an innovative, collaborative environment. To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time. Who we're looking for This role is responsible of the design, implementation, and maintenance of SAP security across multiple platforms. This role is critical to ensure secure access, compliance, and operational integrity of our SAP landscape, including S/4 HANA, Fiori, and MDG. What you'll be doing * Design and manage SAP security roles and authorizations across S/4 HANA, Fiori, Solution Manager, MDG. * Configure and maintain SAP GRC Access Control modules (ARA, ARM, BRM). * Implement and monitor segregation of duties (SOD) policies and controls. * Troubleshoot and resolve authorization issues across SAP modules. * Collaborate with functional and technical teams to align security with business processes. * Support SAP upgrades, migrations, and transformation initiatives. * Conduct periodic audits and ensure compliance with internal and external regulations. * Document security procedures, role matrices, and access control policies. What you bring * Bachelor's degree in computer science, Information Systems, or related field. * 10+ years of hands-on SAP security experience. * Strong knowledge of SAP GRC, Fiori authorization concepts, and HANA DB security. * Experience with SAP Activate methodology and UI/UX aspects of SAP Security. * Familiarity with compliance frameworks (SOX, GDPR, etc.). * Excellent problem-solving, communication, and documentation skills. Added bonus if you have * SAP Certified Technology Associate - System Security. * Experience with SAP BTP and cloud-based security models. * Knowledge of identity management tools and integration. What We Bring During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities. A few highlights include: * A work environment built on teamwork, flexibility, and respect. * Professional growth and development programs to help advance your career, as well as tuition reimbursement. * Team Member Vehicle Purchase Discount. * Toyota Team Member Lease Vehicle Program (if applicable). * Comprehensive health care and wellness plans for your entire family. * Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute. * Paid holidays and paid time off. * Referral services related to prenatal services, adoption, childcare, schools, and more. * Tax-Advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA). * Relocation assistance (if applicable). Belonging at Toyota Our success begins and ends with our people. We embrace all perspectives and value unique human experiences. Respect for all is our North Star. Toyota is proud to have 10+ different Business Partnering Groups across 100 different North American chapter locations that support team members' efforts to dream, do and grow without questioning that they belong. Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law. Have a question, need assistance with your application or do you require any special accommodations? Please send an email to *****************************.

Lead SAP Security Administrator needs 12+ years experience Lead SAP Security Administrator requires: Hybrid, onsite Dallas, TX; Mason, OH; Foothill Ranch, CA SAP Security skills SAP ECC 6.0 and Business Intelligence 7.0 Lead SAP Security Administrator duties: Evaluate practices of third-party vendors and service providers. Analyze the collected information to assess the overall risk profile of third parties. Evaluate the security posture and GRC practices of third-party vendors and service providers. Evaluate the TPRM program currently in place. Recommend improvements to TPRM program and operational handbook. Review third party risk reports and choose the top 10 risks which must be remediated. Support remediation planning for risks 11-xx. Review and improve processes taking advantage of recommended best practices. Coordinate the collection of necessary documentation such as security certifications, audit reports, and compliance evidence.

Information Security Manager I LOCATION: This is a full-time, on-site position based at our Houston office located at 13101 Northwest Freeway. PAY RANGE: $90,000-$150,000/yr Join a High-Growth Legal Services Leader ABOUT THE ROLE: Reporting directly to the VP of Information Security, this position will play a key role in building, maintaining, and continuously improving a comprehensive security program for Lexitas. The Information Security Manager will provide both technical expertise and leadership-overseeing policies, managing tools and processes, and guiding onshore and offshore teams to ensure security, privacy, and compliance. You'll also collaborate closely with third-party providers and internal stakeholders to monitor, investigate, and mitigate risks while aligning cybersecurity strategy with business objectives. Lexitas is a rapidly growing national provider of legal and corporate support services, including court reporting, medical record retrieval, process service, and legal talent. Built on a foundation of trust, professionalism, and innovation, Lexitas delivers customized solutions with unmatched personal service to clients across the U.S. and internationally. KEY RESPONSIBILITIES: Lead the design, implementation, and evaluation of security, privacy, risk, and compliance systems and processes. Monitor networks, tools, and provider services for security or compliance issues. Investigate and document security incidents, assessing impacts and supporting incident response. Conduct and facilitate security tests, audits, and risk assessments; track mitigation activities. Develop best practices for IT security and compliance while staying current on industry standards and emerging threats. Manage third-party providers and direct offshore teams in support of security initiatives. Provide regular reports and metrics on security performance and risk posture to senior leadership. Ensure compliance with laws, regulations, and frameworks (NIST, SOC 2, HIPAA, PCI DSS, GDPR, etc.). Support Security Operations Center functions, vulnerability management, and penetration testing. Contribute to business continuity and disaster recovery strategies. WHAT YOU'LL BRING: Strong leadership and people-management skills, with experience guiding onshore and offshore teams. Expertise in network and application vulnerability management, penetration testing, firewalls, SIEM, IDPS, antivirus, and patch management. Critical problem-solving ability with a proactive approach to identifying and mitigating risks. Excellent communication skills with the ability to explain technical concepts to both technical and non-technical audiences. Experience collaborating with third-party vendors and providers. Familiarity with ITIL, incident/change management, and security baseline auditing preferred. Commitment to Lexitas' SPIRIT values: Service, Positivity, Integrity, Respect, Innovation, and Teamwork. QUALIFICATIONS: Bachelor's degree in Computer Science or related field strongly preferred. IAT Level-2 technical certification required (e.g., CompTIA Security+, CISSP, CISM, CISA, CIPM). 6+ years of experience as an Information Security Analyst or SOC role. 3+ years managing Information Security, Privacy, Risk, and/or Compliance programs. 3+ years managing personnel in security-related roles. Demonstrated experience responding to, managing, and resolving security incidents. Strong knowledge of LAN/WAN networking, IP addressing, routing, and Windows/Linux/Unix systems. Experience with SIEM systems a plus. SUPERVISORY RESPONSIBILITIES: This is a supervisory role. LANGUAGE SKILLS Ability to effectively present information and respond to questions from internal and external customers whose first language is English. CERTIFICATES, LICENSES, REGISTRATIONS None PHYSICAL DEMANDS Climbing, balancing, stooping, kneeling, crouching, crawling, reaching, standing, walking, pushing, pulling, lifting, grasping, feeling, talking, hearing, seeing, and repetitive motions. Exerting up to 50 pounds of force occasionally, and/or up to 20 pounds of force frequently, and/or up to 10 pounds of force constantly to move objects. While performing the duties of this job, the employee is regularly required to stand; walk; use hands to finger, handle or feel objects, type and use mouse; reach with hands and arms; and talk and/or hear. The employee is required to sit for extended periods of time. WORK ENVIRONMENT The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions. While performing the duties of this job, the employee regularly works in an office environment in a clerical environment. This role routinely uses standard office equipment such as computers, phones, photocopiers and filing cabinets. TRAVEL REQUIREMENTS This position may require periodic travel. OTHER DUTIES Please note this is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to the job at any time with or without notice. AAP/EEO STATEMENT Lexitas prohibits discrimination based on race, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender identity, sexual orientation or any other legally protected status. EOE Employer/Vet/Disabled. If you require reasonable accommodation in the application process, please contact Human Resources at *********************** for assistance. All other applications must be submitted online.

Job DescriptionWho We Are Since 2007, Geoforce has been an industry leader in GPS tracking, providing reliable solutions for over 250,000 assets across 90+ countries. Our comprehensive platform combines rugged GPS devices with advanced software, supported by global satellite and cellular networks. From vehicles to heavy equipment, we deliver the visibility and control businesses need to optimize operations. Trusted by industry leaders like Southwest Airlines, DHL, and SLB (Schlumberger), Geoforce is the go-to partner for smarter asset management. Learn more at ***************** As a rapidly growing company committed to technology innovation and delivering high value services to its clients, Geoforce is constantly looking for high integrity, well-rounded professionals who thrive on challenges, are fascinated by technology, exhibit passion and pride, and don't mind rolling up their sleeves to get a job done. What We Need We are looking for a Manager of Information Security who will lead the information security strategy and security operations within Geoforce Inc. Reporting to the VP of Software Engineering, the Manager of Information Security serves as the organization's key cybersecurity authority, responsible for establishing, managing, and continually enhancing a robust, enterprise-wide information security program. Job Duties This role provides strategic direction, ensures regulatory compliance, leads incident response efforts, leads customer information security questionnaire responses, and fosters a strong security culture across the enterprise. The role also governs relationships with third-party vendors and managed security partners and drives business-aligned risk management and resiliency efforts. Strategic Leadership & Governance Develop, implement, and maintain the organization's information security and data privacy strategy, policies, and governance framework, aligning with frameworks such as NIST CSF 2.0, ISO, SOC II Type 2 and CIS Controls. Serve as a trusted advisor to leadership on cyber risk, regulatory/compliance obligations (e.g., GDPR, CCPA), and emerging threats. Establish and manage key performance indicators (KPIs) and dashboards to measure program effectiveness and foster continuous improvement. Develop and communicate a roadmap for the privacy & security program that balances business enablement with risk mitigation. Lead security-related projects and deliverables for security as well as external department projects. Create and implement processes for SOC II type 2 compliance during the year 2026. Implement third-party vendor risk management program, including onboarding security reviews and continuous monitoring. Security Operations, Communications & Incident Response Coordinate real-time monitoring, triage, and response to security alerts and vulnerabilities. Identify and implement core security platform needed to maintain security within Geoforce Infrastructure, Networking, and IT systems. Platforms may include EDR, SIEM, Secure email gateways etc. Oversee risk assessments, incident response, and vulnerability management across enterprise IT and Software Development. Lead customer communications and documentation around the InfoSec processes, documentation and certifications. Development and Governance of Security Policies and Procedures including SOC II Type2 audit readiness. Conduct regular risk assessments to identify vulnerabilities within the IT and Cloud environment. Implement risk mitigation strategies and continuously monitor their effectiveness. Conduct post-incident analysis to improve future responses. Report on security posture, risks, and incidents to leadership and regulatory auditor. Creation of SOPs related to security operations. Security Awareness & Culture Building Lead and enhance the Security Awareness Training (SAT) program (e.g., KnowBe4), including phishing simulations and compliance reporting. Advocate for a security-first culture across IT, software development, and business team through ongoing engagement, communication, and training. Identify, budget, and implement tools across company for improving and maintaining security posture. What Success Looks Like? A measurable reduction in organizational cyber risk through improved controls and visibility. Security events are detected, contained, and remediated with minimal business disruption. A well-established, compliant, and auditable information security program. A workforce that demonstrates security awareness and embraces shared accountability. Security technologies are implemented, optimized and integrated across IT towers and business units. Getting to a SOC II Type 2 compliance in 2026 Knowledge & Skills Technical Proficiency: Deep knowledge of cybersecurity principles, tools, technologies, risk management, and compliance frameworks (NIST, CIS, ISO, SOCII). Certifications: CISSP, CISM, or equivalent strongly preferred. Business Acumen: Ability to balance cybersecurity strategy with business growth goals, using risk-based prioritization. Communication Skills: Strong ability to articulate security concepts to non-technical customers, stakeholders, and executive leadership. Leadership: Collaborating with cross-functional teams and managing vendor relationships, including MDR (Managed Detection and Response) and performance measurement. Education & Work Experience Preferred Bachelor's degree in computer science or other quantitative fields. 6+ years in information security leadership roles, with expertise in managing enterprise-wide programs. Hands-on experience in implementing security assessment tools. Geoforce Perks Competitive Salaries Company-sponsored health insurance, dental insurance, vision insurance, life and AD&D insurance, 401(K) Plan, flexible spending account, and dependent care reimbursement account Paid Holidays Flexible Paid Time Off (PTO) Policy The opportunity to work with other cool people who have a passion for excellence, innovation, and adventure.

Title: Manager, Information Security & Compliance Duration: Fulltime Permanent with Client ________________________________ Responsibilities: Provide leadership, management, and guidance to the Operational Technology Security & Compliance team. Oversee and manage the security patch management, password management, configuration management and logging solution. Develop and maintain maintenance and configuration procedures, schedules and related evidentiary documentation. Manage on-call schedule. Maintain security system standards and NERC compliance in accordance with good utility practices. Manage daily system monitoring, verifying the integrity and availability of hardware, server resources, systems and key processes, reviewing and verifying system and application logs. Coordinate testing and implementing operating system patches in the operations technology environment. Ensure NERC CIP requirements are implemented when performing any work. Requirements: 5+ years of experience managing information security and compliance team. 10+ years of experience with security and compliance functions (Access Management, Threat and Vulnerability Management, Security Monitoring, Patch Management, Password Management, Configuration Management and Logging). Experience supporting CIP compliance is a plus. Experience working with a team required to operate in 24/7 shifts. Strong writing and communication skills. Commitment to providing excellent customer service. Qualifications NERC CIP Additional Information All your information will be kept confidential according to EEO guidelines.

Salary Range: - Please note that the Salary Range shown is a guideline only. Salary offered may vary based on factors, including, but not limited to, the successful candidate's relevant knowledge, skills, and experience. Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture. Global Banking and Markets Global Banking and Markets (GBM) is a leading Canadian Capital Markets and Investment Banking business with a growing platform in the US and Latin America, operating globally for over 100 years. Scotiabank's strong U.S. presence provides our clients an important bridge to this key global market for trade and investment flows across the Americas and the world. Global Banking & Markets provides a full range of investment banking, credit and risk management products and services relevant to the financing and strategic development needs of our clients. Our products include debt and equity financing, mergers & acquisitions, corporate banking, institutional equity sales, trading and research, fixed income products, derivatives, energy, foreign exchange and precious & metals. We also cross-sell the full range of wholesale products and services offered by the Scotiabank Group. Be part of an innovative, Global Capital Markets and Investment Banking business with a unique geographic footprint that puts capital to work for our clients across industries! We work together to drive ambition for every future! Purpose The Cyber and Regulatory Audit Manager will participate and manage various aspects of information security, cyber risk assessments, and contribute to the overall success of the U.S. IS&C's governance, regulatory compliance, and risk program. This role requires a seasoned professional with a strong background in information security, risk management, cybersecurity technology risk, compliance, policy, and governance. The IS&C Manager will assist with regulatory responses, audit requests, and participate in various cybersecurity risk assessments, risk mitigation strategies, and safeguard the Bank from potential informational security threats. The person will also play a role in reviewing and implementing security policies, procedures, and controls to protect the organization's data, systems, and networks. The position will be expected to work closely with cross-functional teams to establish and maintain a robust cybersecurity and technology risk management program to proactively safeguard the organization from security threats by ensuring that vulnerabilities are identified, monitored, and treated, as well as assuring the Bank meets regulatory compliance. What You'll Do * Regulatory and Compliance Management (specific to cybersecurity): * Participates in engagements with external regulatory and internal/3rd party auditors requests for information security and cybersecurity. * Monitors, analyzes, and reports on cybersecurity requirements against relevant U.S. regulations and cybersecurity standards, such as NYSDFS, FFIEC, and NIST CSF. * Provides support to IT&S auditors and compliance with respect to regulatory and audit information requests. * Continuously monitors and assesses the effectiveness of security controls and processes. * Reviews cybersecurity control library periodically and provides updates as needed. * Participate in annual regulatory control testing exercises. * Cybersecurity and Technology Risk Governance: * Understand how the Bank's risk appetite and risk culture should be considered in day-to-day activities and decisions. * Identifies and assesses cybersecurity and technology risks to ensure compliance with regulations and internal policies. * Performs cybersecurity risk assessments and provide updates to US IS&C senior management. * Risk and Issues Management: * Reports and tracks all cybersecurity-related issues that pertain to audits, regulatory requirements, control testing, and other issues. * Provides guidance to internal stakeholders on cybersecurity best practices. * Prepares regular reports and presentation decks on risk management, gap assessment, cybersecurity-related issues for senior management and stakeholders. * Monitors and tracks the progress of risk mitigation efforts related to cybersecurity. * Participates in quarterly and annual Compliance Risk and Control Assessments for cybersecurity. * Actively pursues effective and efficient operations of his/her respective areas in accordance with Scotiabank's Values, its Code of Conduct, and the Global Sales Principles, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk. * Champions a high-performance environment and contributes to an inclusive work environment. What You'll Bring * Required 5+ years of experience as an Information Security Analyst or related cybersecurity field with technology risk background. * Experience in IT key security controls/mechanisms and risk assessment concepts pertaining to complex data, application, and networking environments. * Prior experience and knowledge with NYDFS, FFIEC, or other US financial regulatory audits. * Have strong verbal and written communication skills in English with excellent individual project management and tracking skills. * Cybersecurity related certification is preferred (CISSP, CCSP, CRISC, CISM). * University degree or college diploma in a cybersecurity related field is preferred. Interested? If your experience is closely related but doesn't align perfectly with every qualification, we do encourage you to apply - you might be the right candidate for this or other roles at Scotiabank! At Scotiabank, every employee is empowered to reach their fullest potential, respected for who they are and, embraced for their differences. That's why we work to grow and diversify talent and engage employees in a performance-oriented culture. What's in it for you? Scotiabank wants you to be able to bring your best self to work - and life, every day. With a focus on holistic well-being, our many flexible benefit programs are designed to help support your unique family, financial, physical, mental, and social health needs. #Dallas Location(s): United States : Texas : Dallas Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets. At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted. Scotiabank is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by federal, state, or local law. Nearest Major Market: New York City Job Segment: Information Technology, IT Manager, Information Security, Compliance, Investment Banking, Technology, Legal, Finance

**About this role:** Wells Fargo is seeking an Information Security Engineering Manager. The Engineering Manager will lead a team of developers responsible for securing, modernizing, and evolving enterprise applications. This role oversees vulnerability management and application hardening efforts while driving the adoption of DevSecOps, automation, and standardized engineering practices. The manager will guide the team through modernization and transformation initiative, including refactoring legacy components, improving architecture, and preparing the platform for future cloud readiness. **In this role, you will:** + Provide strategic and forward‑thinking leadership to define engineering direction, technology roadmaps, and long‑term platform evolution + Lead the team in managing vulnerabilities, applying secure coding practices, and implementing application hardening to protect critical systems + Drive modernization efforts by transforming applications through refactoring, re‑architecting, and adoption of modern engineering practices + Guide the team through DevSecOps, automation, and standardized delivery processes to improve reliability, security, and speed of delivery + Collaborate effectively across security, architecture, and product teams to deliver scalable, resilient, and compliant solutions aligned with organizational goals + Manage a team of engineers that design, document, test, maintain and provide issue resolution recommendations for highly complex security solutions related to networking, cryptography, cloud, authentication or directory services, email, internet, applications or endpoint security + Manage security consulting on large projects for internal clients to ensure conformity with corporate information security policy, and standards + Possess subject matter expertise at a mastery level in current and emerging security solutions and best practices + Conduct technical investigation of security-related incidents, and conduct post-incident digital forensics to identify causes and recommend future mitigation strategies + Manage implementation of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity + Work with more experienced technologists and team + Interface with more experienced management + Manage allocation of people and financial resources for Information Security Architecture + Mentor and guide talent development of direct reports and assist in hiring talent **Required Qualifications:** + 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education + 2+ years of Leadership experience **Desired Qualifications:** + Experience managing and developing high‑performing Agile teams of software engineers and platform developers + Strong knowledge of DevSecOps practices including secure CI/CD pipelines, automated testing, and integrated security controls + Hands‑on understanding of Kubernetes operations, container orchestration concepts, and cloud‑native deployment patterns + Proficiency with cloud‑based application architectures and modern cloud engineering practices + Ability to drive engineering excellence through automation, observability, and standardized delivery processes + Proven collaboration skills with security, architecture, and product teams to ensure resilient, compliant, and scalable solutions + Demonstrated leadership in **platform engineering** to build and operate developer platforms, pipelines, and self‑service tooling + Experience leading **application modernization** of home‑grown/legacy systems, including refactoring, re‑architecting, and reducing technical debt + Track record of **transformation leadership** and "clean‑sheet" solution design to establish new engineering patterns and operating models + Expertise in **CI/CD engineering and automation** across on‑prem and cloud environments, including policy‑as‑code and secrets management + Ability to develop a **cloud readiness** roadmap and guide teams through staged migration or hybrid adoption while maintaining uptime and compliance **Job Expectations:** + Ability to work on-site in one of the listed locations in a hybrid environment + This position is not available for visa sponsorship **Pay Range** Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to achievements, skills, experience, or work location. The range listed is just one component of the compensation package offered to candidates. $119,000.00 - $187,000.00 **Benefits** Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below. Visit Benefits - Wells Fargo Jobs (*************************************************************** for an overview of the following benefit plans and programs offered to employees. + Health benefits + 401(k) Plan + Paid time off + Disability benefits + Life insurance, critical illness insurance, and accident insurance + Parental leave + Critical caregiving leave + Discounts and savings + Commuter benefits + Tuition reimbursement + Scholarships for dependent children + Adoption reimbursement **Posting End Date:** 23 Jan 2026 ***** **_Job posting may come down early due to volume of applicants._** **We Value Equal Opportunity** Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic. Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements. **Applicants with Disabilities** To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo (****************************************************************** . **Drug and Alcohol Policy** Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy (********************************************************************** to learn more. **Wells Fargo Recruitment and Hiring Requirements:** a. Third-Party recordings are prohibited unless authorized by Wells Fargo. b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process. **Req Number:** R-515850

Salary Range: - Please note that the Salary Range shown is a guideline only. Salary offered may vary based on factors, including, but not limited to, the successful candidate's relevant knowledge, skills, and experience. Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture. Global Banking and Markets Global Banking and Markets (GBM) is a leading Canadian Capital Markets and Investment Banking business with a growing platform in the US and Latin America, operating globally for over 100 years. Scotiabank's strong U.S. presence provides our clients an important bridge to this key global market for trade and investment flows across the Americas and the world. Global Banking & Markets provides a full range of investment banking, credit and risk management products and services relevant to the financing and strategic development needs of our clients. Our products include debt and equity financing, mergers & acquisitions, corporate banking, institutional equity sales, trading and research, fixed income products, derivatives, energy, foreign exchange and precious & metals. We also cross-sell the full range of wholesale products and services offered by the Scotiabank Group. Be part of an innovative, Global Capital Markets and Investment Banking business with a unique geographic footprint that puts capital to work for our clients across industries! We work together to drive ambition for every future! Purpose The Cyber and Regulatory Audit Manager will participate and manage various aspects of information security, cyber risk assessments, and contribute to the overall success of the U.S. IS&C's governance, regulatory compliance, and risk program. This role requires a seasoned professional with a strong background in information security, risk management, cybersecurity technology risk, compliance, policy, and governance. The IS&C Manager will assist with regulatory responses, audit requests, and participate in various cybersecurity risk assessments, risk mitigation strategies, and safeguard the Bank from potential informational security threats. The person will also play a role in reviewing and implementing security policies, procedures, and controls to protect the organization's data, systems, and networks. The position will be expected to work closely with cross-functional teams to establish and maintain a robust cybersecurity and technology risk management program to proactively safeguard the organization from security threats by ensuring that vulnerabilities are identified, monitored, and treated, as well as assuring the Bank meets regulatory compliance. What You'll Do • Regulatory and Compliance Management (specific to cybersecurity): - Participates in engagements with external regulatory and internal/3rd party auditors requests for information security and cybersecurity. - Monitors, analyzes, and reports on cybersecurity requirements against relevant U.S. regulations and cybersecurity standards, such as NYSDFS, FFIEC, and NIST CSF. - Provides support to IT&S auditors and compliance with respect to regulatory and audit information requests. - Continuously monitors and assesses the effectiveness of security controls and processes. - Reviews cybersecurity control library periodically and provides updates as needed. - Participate in annual regulatory control testing exercises. • Cybersecurity and Technology Risk Governance: - Understand how the Bank's risk appetite and risk culture should be considered in day-to-day activities and decisions. - Identifies and assesses cybersecurity and technology risks to ensure compliance with regulations and internal policies. - Performs cybersecurity risk assessments and provide updates to US IS&C senior management. • Risk and Issues Management: - Reports and tracks all cybersecurity-related issues that pertain to audits, regulatory requirements, control testing, and other issues. - Provides guidance to internal stakeholders on cybersecurity best practices. - Prepares regular reports and presentation decks on risk management, gap assessment, cybersecurity-related issues for senior management and stakeholders. - Monitors and tracks the progress of risk mitigation efforts related to cybersecurity. - Participates in quarterly and annual Compliance Risk and Control Assessments for cybersecurity. • Actively pursues effective and efficient operations of his/her respective areas in accordance with Scotiabank's Values, its Code of Conduct, and the Global Sales Principles, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk. • Champions a high-performance environment and contributes to an inclusive work environment. What You'll Bring • Required 5+ years of experience as an Information Security Analyst or related cybersecurity field with technology risk background. • Experience in IT key security controls/mechanisms and risk assessment concepts pertaining to complex data, application, and networking environments. • Prior experience and knowledge with NYDFS, FFIEC, or other US financial regulatory audits. • Have strong verbal and written communication skills in English with excellent individual project management and tracking skills. • Cybersecurity related certification is preferred (CISSP, CCSP, CRISC, CISM). • University degree or college diploma in a cybersecurity related field is preferred. Interested? If your experience is closely related but doesn't align perfectly with every qualification, we do encourage you to apply - you might be the right candidate for this or other roles at Scotiabank! At Scotiabank, every employee is empowered to reach their fullest potential, respected for who they are and, embraced for their differences. That's why we work to grow and diversify talent and engage employees in a performance-oriented culture. What's in it for you? Scotiabank wants you to be able to bring your best self to work - and life, every day. With a focus on holistic well-being, our many flexible benefit programs are designed to help support your unique family, financial, physical, mental, and social health needs. #Dallas Location(s): United States : Texas : Dallas Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets. At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted. Scotiabank is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by federal, state, or local law.

Company Details Berkley Technology Services (BTS) is the dynamic technology solution for W. R. Berkley Corporation, a Fortune 500 Commercial Lines Insurance Company. With key locations in Urbandale, IA and Wilmington, DE, BTS provides innovative and customer-focused IT solutions to the majority of WRBC's 60+ operating units across the globe. BTS's wide reach ensures that ideas and opinions are considered at every level of the organization to guarantee we find the best solutions possible. Driven by a commitment to collaboration, BTS acts as consultants to our customers and Operating Units by providing comprehensive solutions that not only address the challenge at hand, but proactively plan for the “ What's Next ” in our industry and beyond. With a culture centered on innovation and entrepreneurial spirit, BTS stands as a community of technology leaders with eyes toward the future -- leaders who genuinely care about growing not only their team members, but themselves, and take pride in their employees who shine. BTS offers endless ways to get involved and have the chance to grow your career into a wide range of roles you'd never known existed. Come join us as we push forward into the future of industry leading technological solutions. Berkley Technology Services: Right Team, Right Technology, Simple and Secure. Responsibilities The Information Security Architecture Manager at BTS is entrusted with a critical role in sculpting our Global Information Security Architecture framework. This leadership role demands a hands-on approach in the architectural design, strategic implementation, and management of security technologies and processes across various technology platforms. This role is integral in ensuring alignment with the overarching Global Information Security Strategy at WRBC. This role is designed for a visionary leader eager to drive the future of information security architecture at a global scale, ensuring the protection and resilience of Berkley Technology Services' technological assets and services. Spearhead the architectural design, deployment, and management of cutting-edge security solutions, including but not limited to SIEM, EDR, PAM, Data Access Governance, Identity Governance, Cloud Access Security Brokers, and WAFs. Architect and sustain the security infrastructure, ensuring seamless integration with existing technology ecosystems. Craft and execute architectural strategies for bolstering vulnerability management, security automation, and the safeguarding of infrastructure. Guide the formulation and continuous refinement of security policies and procedures, with a spotlight on architectural best practices. Cultivate an environment of innovation within the team, promoting continual learning and professional advancement. Function as a principal consultant and subject matter authority on information security architecture, offering pivotal guidance to internal teams and key stakeholders. Develop and maintain roadmaps for critical security infrastructure components, aligning them with the strategic goals of the organization. Collaborate with fellow Information Security leaders to forge a unified and robust Information Security Framework and Strategy. Perform regular technology evaluations, risk assessments, and devise appropriate remediation strategies. Lead and nurture a team of security architects and engineers in a fast-paced, global setting. Provide “Person in Charge” (PIC) coverage when on rotation. This added responsibility is factored into your base salary. Qualifications Demonstrated expertise in Information Security Architecture, with practical experience in the design and management of a broad spectrum of security technologies. Exceptional leadership and communication capabilities, adept at guiding global, interdisciplinary teams. Deep familiarity with contemporary cybersecurity trends and a commitment to remaining at the cutting edge of technology. Desirable certifications include CISSP, CISM, CEH, or other relevant qualifications. Proficiency in cloud security architecture and solutions, with experience in AWS, Azure, or Google Cloud platforms. Expertise in security frameworks such as NIST, ISO 27001, and CIS. Strong analytical and problem-solving skills, capable of making informed decisions in complex scenarios. Ability to foster relationships and collaborate effectively with various internal and external stakeholders. Commitment to ethical conduct and a deep understanding of regulatory compliance requirements relevant to the insurance and financial sectors. Bachelor's or Master's degree in Computer Science, Information Security, or a related discipline, or equivalent experience. Behavioral Core Competencies Flexibility Customer Service Oriented & Operational Effectiveness Personal Ownership Quick Decision Making Team Builder Transformational Leadership The Company is an equal employment opportunity employer. Not ready to apply? Connect with us for general consideration.

Who are we? Sanlam Group Technology is responsible for the provision of a digitally enabled technology service as a group COE, drive business and transformation and provide group-wide digital and data architecture. We operate the various technology platforms and shared services, ensure Cyber and Information Security resilience, and act as technology governance and risk orchestrator for technology across Sanlam. What will you do? The Business Information Security Officer (BISO) is responsible for identifying and assessing the InformationSecurity requirements of the business. The BISO in conjunction with the Business CIO, is responsible for theestablishment and maintenance of an Information Security Management System (ISMS) and ensure that theappropriate Information Security controls are implemented, maintained and aligned with the GroupGovernance requirements (i.e. Policies, Standards, Procedures and Guidelines and Cyber ResilienceFramework). The BISO is responsible for Security Awareness, Information Risk Management and translatingrisks and the effect thereof to Lines of Business to ensure informed risk assessment. Other responsibilitiesinclude: Participation in Group Information Security bodies and initiatives, logical access management,incident response, vulnerability management, IT audit coordination, ensuring new systems adhere to securitypolicy and Providing management assurance regarding the Cyber and Information Security posture of the Business. What will make you successful in this role? Establish and manage a Business Information Security Programme, effective participation in GroupInformation Security Programme (GISP) initiatives, Information Security Incident response and Cyber CrisisManagement, Information Security Governance and assurance, Application (including cloud) and Infrastructure Security, and Cybersecurity Education, Training and Awareness. The BISO will implement processes and controls as agreed with the CISO and the Business CIO. The BISOwill be responsible for quality and cost effectiveness of delivery of information security services in the BU andwill report on these metrics to the GISP. Outputs * Regular feedback to Business Manco on Group-wide information security issues. * The BISO must have an action plan to implement these initiatives in the Business . * The BISO will report to the GISP Manager on new initiatives, plans and progress which will be discussed at the Cyber Steering Committee. * Review and improve existing IT and Information Risk assessment, reporting and management practices. * Up to date and complete Business IT and Information Security Risk register. * Documented Security risk management action plan. This must include relative priorities of agreed actions; Ownership of the actions; Agree timelines. Priorities will be aligned to Business and GIS Ppriorities. * Up to date and complete Business Cloud register (if these services are used in the Business). * Review and respond to Policies, Standards, Procedures and Guidelines and Risk Acceptance requests within the agreed time. * Document processes and artefacts that prove that the relevant Governance and Assurance processes were implemented as designed. * Clear and timely communication to management and users regarding planned group awareness campaigns. * Risk assessment that identifies a requirement for additional awareness or targeted education, training and awareness interventions. * Maintenance of Business/ Cluster and alignment with the Group annual security education, training and awareness plan. * Documented Logical Access review schedule for Line of Business Applications, review results, facilitate resolution, progress report on resolution of issues that were identified during the reviews. * Review and respond to audit findings related to application logical access and other Business specific Information Security findings. Ensure that the ratings are accurate. * Provide management comment to the audit observations/ findings, that is specific as far as actions anddue dates are concerned. * Track and follow up on audit finding commitments. * Report all cyber security incidents, or information security incidents (including privacy related incidents) where the compromise was through technology to the SGT CSIRT. * Be contactable or provide alternative contact details for Cybersecurity incidents that are identified by the SGT CSIRT. * Ensure appropriate actions are taken when policy breaches are identified in the Business. * Assist by facilitating engagement and communication with key stakeholders in the Cluster during amajor incident. * Provide context on system and process criticality. * Produce Quarterly Group ISO Forum and GISP reports. * Provide input into requirements documents - ensure security roles; auditing; data protection (in transit and rest); monitoring etc. are defined in line with approved. Information Security policies and standards. * Ensure that Security 'gates' are a formal part of the SDLC/ Agile/ relevant solution development methodology. * Interventions and role-players must be clearly specified. * Active participation in Sanlam sanctioned industry bodies (e.g. ISF Live, ISACA). * Timeous escalation of new, high or escalating risks. * Engage with application owners and Group Cyber Security Centre Operations Team to ensure that system vulnerabilities are addressed that were identified during Penetration tests, Red Team exercises or Vulnerability scans. Ensure that the Business CIO's are aware of risk and actions required. * Facilitate workshops and risk documentation during Control Self Assessments, or Crown Jewel Risk Assessment processes. Qualifications * Grade 12 * Bachelor's degree in Information Technology, Commerce, Science, or Social Science (preferable). * In force Information Security Certifications such as CISM, CISSP, CCSP, CISA, ISO 27000 Lead Implementer/ Auditor. Experience and Knowledge * Experience in policy writing and reviews. * Experience in agile/ relevant solution development methodologies. * Familiarity with security practices and standards in development like the security development life cycle (e.g. OWASP). * Understanding of the technical and application environment of the Cluster/ Business. * Experience in analysis and control design, strong written and verbal communication skills. * Knowledge of ISO27k, Cobit, ITIL, CIS and ISF best practices. * Knowledge of Information Risk Methodologies (ideally ISF IRAM2), threat modelling and Operational Risk management methodologies. * Knowledge of the key business processes, key stakeholders and have their contact details readily available. * Understanding of the risk management and governance structures within the Cluster. Knowledge and Skills Infiltration testing (hacking) Risk management Project Management Tools Reporting and Administration Research and trend analysis on IT security leading practice Personal Attributes Tech savvy - Contributing through others Manages complexity - Contributing through others Optimises work processes - Contributing through others Communicates effectively - Contributing through others Build a successful career with us We're all about building strong, lasting relationships with our employees. We know that you have hopes for your future - your career, your personal development and of achieving great things. We pride ourselves in helping our employees to realise their worth. Through its five business clusters - Sanlam Fintech, Sanlam Life and Savings, Sanlam Investment Group, Sanlam Allianz, Santam, as well as MiWay and the Group Office - the group provides many opportunities for growth and development. Core Competencies Cultivates innovation - Contributing through others Customer focus - Contributing through others Drives results - Contributing through others Collaborates - Contributing through others Being resilient - Contributing through others Turnaround time The shortlisting process will only start once the application due date has been reached. The time taken to complete this process will depend on how far you progress and the availability of managers. Our commitment to transformation The Sanlam Group is committed to achieving transformation and embraces diversity. This commitment is what drives us to achieve a diverse, inclusive and equitable workplace as we believe that these are key components to ensuring a thriving and sustainable business in South Africa. The Group's Employment Equity plan and targets will be considered as part of the selection process.

At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with modern software, big data ecosystems, and cloud based technologies. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: Act as a central Information Security point of contact for the Enterprise Platforms line of business Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Data Security, Web Security, and Mobile Security Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures, and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in development processes Escalate and manage cyber security risk Educate and influence executive leadership and associates to effectively leverage security capabilities and solutions to mitigate risks and emerging threats Deliver Cyber agenda and integration of Information Security within business objectives for the line of business area Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives You are able to tailor communications and analysis to the intended audience Basic Qualifications: High School Diploma, GED, or equivalent certification At least 6 years of experience working in cybersecurity or information technology At least 6 years of experience providing guidance and oversight of cyber security concepts At least 5 years of experience performing security risk assessments or security architecture reviews At least 5 years of experience with architecture, software design, networking, or cloud infrastructure At least 4 years of experience with cloud security engineering At least 2 years experience utilizing agile methodologies within DevOps environments Preferred Qualifications: Bachelor's Degree 8+ years of experience in cyber security or information technology 6+ years of experience in securing a public cloud environment 5+ years of experience securing Identity Applications 5+ years of experience with Threat Modeling AWS Certified Solutions Architect or Certified Information Systems Security Professional (CISSP) certification At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, E-2, E-3, L-1 and O-1, or any EADs or other forms of work authorization that require immigration support from an employer). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Plano, TX: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to ********************** Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Company Details Berkley Technology Services (BTS) is the dynamic technology solution for W. R. Berkley Corporation, a Fortune 500 Commercial Lines Insurance Company. With key locations in Urbandale, IA and Wilmington, DE, BTS provides innovative and customer-focused IT solutions to the majority of WRBC's 60+ operating units across the globe. BTS's wide reach ensures that ideas and opinions are considered at every level of the organization to guarantee we find the best solutions possible. Driven by a commitment to collaboration, BTS acts as consultants to our customers and Operating Units by providing comprehensive solutions that not only address the challenge at hand, but proactively plan for the “ What's Next ” in our industry and beyond. With a culture centered on innovation and entrepreneurial spirit, BTS stands as a community of technology leaders with eyes toward the future -- leaders who genuinely care about growing not only their team members, but themselves, and take pride in their employees who shine. BTS offers endless ways to get involved and have the chance to grow your career into a wide range of roles you'd never known existed. Come join us as we push forward into the future of industry leading technological solutions. Berkley Technology Services: Right Team, Right Technology, Simple and Secure. Responsibilities The Information Security Architecture Manager at BTS is entrusted with a critical role in sculpting our Global Information Security Architecture framework. This leadership role demands a hands-on approach in the architectural design, strategic implementation, and management of security technologies and processes across various technology platforms. This role is integral in ensuring alignment with the overarching Global Information Security Strategy at WRBC. This role is designed for a visionary leader eager to drive the future of information security architecture at a global scale, ensuring the protection and resilience of Berkley Technology Services' technological assets and services. Spearhead the architectural design, deployment, and management of cutting-edge security solutions, including but not limited to SIEM, EDR, PAM, Data Access Governance, Identity Governance, Cloud Access Security Brokers, and WAFs. Architect and sustain the security infrastructure, ensuring seamless integration with existing technology ecosystems. Craft and execute architectural strategies for bolstering vulnerability management, security automation, and the safeguarding of infrastructure. Guide the formulation and continuous refinement of security policies and procedures, with a spotlight on architectural best practices. Cultivate an environment of innovation within the team, promoting continual learning and professional advancement. Function as a principal consultant and subject matter authority on information security architecture, offering pivotal guidance to internal teams and key stakeholders. Develop and maintain roadmaps for critical security infrastructure components, aligning them with the strategic goals of the organization. Collaborate with fellow Information Security leaders to forge a unified and robust Information Security Framework and Strategy. Perform regular technology evaluations, risk assessments, and devise appropriate remediation strategies. Lead and nurture a team of security architects and engineers in a fast-paced, global setting. Provide “Person in Charge” (PIC) coverage when on rotation. This added responsibility is factored into your base salary. Qualifications Demonstrated expertise in Information Security Architecture, with practical experience in the design and management of a broad spectrum of security technologies. Exceptional leadership and communication capabilities, adept at guiding global, interdisciplinary teams. Deep familiarity with contemporary cybersecurity trends and a commitment to remaining at the cutting edge of technology. Desirable certifications include CISSP, CISM, CEH, or other relevant qualifications. Proficiency in cloud security architecture and solutions, with experience in AWS, Azure, or Google Cloud platforms. Expertise in security frameworks such as NIST, ISO 27001, and CIS. Strong analytical and problem-solving skills, capable of making informed decisions in complex scenarios. Ability to foster relationships and collaborate effectively with various internal and external stakeholders. Commitment to ethical conduct and a deep understanding of regulatory compliance requirements relevant to the insurance and financial sectors. Bachelor's or Master's degree in Computer Science, Information Security, or a related discipline, or equivalent experience. Behavioral Core Competencies Flexibility Customer Service Oriented & Operational Effectiveness Personal Ownership Quick Decision Making Team Builder Transformational Leadership The Company is an equal employment opportunity employer.