Security architect jobs in Downey, CA

WHO WE ARE: Headquartered in Southern California, Skechers-the Comfort Technology Company -has spent over 30 years helping men, women, and kids everywhere look and feel good. Comfort innovation is at the core of everything we do, driving the development of stylish, high-quality products at a great value. From our diverse footwear collections to our expanding range of apparel and accessories, Skechers is a complete lifestyle brand. ABOUT THE ROLE: Skechers is seeking a passionate Application Security Engineer to join our team and serve as a security champion who bridges the gap between development and security operations. This role is critical to strengthening our security posture by embedding security practices throughout the software development lifecycle and fostering a security-first culture across our development teams. The ideal candidate will be a hands-on security professional who thrives on collaboration, enjoys mentoring developers, and has the technical expertise to identify vulnerabilities while providing practical remediation guidance. You will play a pivotal role in scaling our application security program and ensuring our applications are secure by design. WHAT YOU'LL DO: Successfully integrate security practices into development workflows, resulting in measurable reduction of security vulnerabilities in production applications Conduct thorough security-focused code reviews that identify critical vulnerabilities while providing actionable feedback to development teams Establish and implement efficient processes for triaging, prioritizing, and tracking remediation of security findings with clear SLAs and accountability measures Enhance developer engagement through proactive security awareness initiatives, building trusted relationships that enable developers to implement secure coding practices throughout the development process. Assist with management and optimization of SAST, DAST, OSS, WAF, and other application security tools to maximize coverage and minimize false positives Provide analysis and support as needed during security incidents to contribute to faster resolution times WHAT YOU'LL BRING: Proficiency with application security tools including SAST, DAST, dependency scanning, and WAF technologies Strong understanding of common web application vulnerabilities (OWASP Top 10) and secure coding practices Experience with at least one programming language (Java, Python, JavaScript, C#, or similar) Knowledge of API security, authentication mechanisms, and authorization frameworks Familiarity with DevSecOps practices and CI/CD pipeline integration REQUIREMENTS: 3-5 years of hands-on application security experience with demonstrated expertise in secure code review Retail or e-commerce experience a plus The pay range for this position is $110,000-$155,000/yr USD.

At Balance Staffing, we're obsessed with your success! The Workstation Security Engineer I is an individual contributor who will participate in and manage all aspects of information and network security, including intrusion detection, incident response, vulnerability assessment, application security, and compliance with the corporate information security policy for all Client Device endpoints. This person Will primarily be responsible for designing, implementing, administrating, operating, and improving security technologies, including but not limited to Client device endpoints, Azure Microsoft Defender, Al Security tools, Network Access Control, End Point Protection, Two Factor Authentication, and their procedures and processes. ESSENTIAL FUNCTIONS Workstations Security Engineering - Design, build, test and deploy new security technologies, which include the development of the operational manual and run books Provides technical security operations engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement Investigates, recommends, evaluates, deploys and integrates operational security tools and techniques to improve our ability to protect corporate assets and infrastructure Participate in technical risk assessments and security exposure analyses of systems, networks and business applications Analyzes network security elements and overall network security architectural designs to ensure secure and optimal system and network performance and cost effectiveness Responsible for conducting vulnerability assessments and penetration testing, analyzing vulnerability data and prioritizing remediation efforts, and developing vulnerability policies and procedures with the collaboration of GRC. Oversees the installation, configuration, and supportive processes of security technologies Participate in or lead the Incident Response activities Interacts With internal and external clients on security operations requirements, identifies security process and develops strategies/solutions to security issues Keeps fully abreast of trends and changing technologies as they relate to IT and Network Engineering and Information Security fields Lead or assist in periodic or ad-hoc security reports that provide relevant situational awareness to our senior stakeholders Security Operations / Administration - Monitor and manage our networks and infrastructure environment for attacks, malicious software, and possible intrusions, which includes the follow-up of complete remediation of infected systems Implement changes to our security technologies/infrastructure in accordance with standard and change control policies/procedures Evaluate, implement, tune, and operate security solutions such as IPS, Vulnerability scanning tools, encryption capabilities, etc Monitor and recommend improvements of security technologies and their various reports Risk Management / Security Audit/Assessment Support / Ad-hoc support - Support security audit/assessment related activities and compliance reviews Performs other tasks, duties and projects as assigned Provide Ad-hoc support as required REQUIREMENTS Bachelor's Degree in Computer Science, Information Systems or related field, or equivalent experience Minimum 3 years of IT relevant experience or equivalent combination of experience plus at least 1 year of experience performing Security Engineering / Planning / Operations Experience in medium to complex computing environments, with advanced knowledge in security technologies and services Hands-on experience with at least two or more of the following Enterprise Security Technologies: Network Intrusion Prevention / Detection Virtual private Networks; SSL, IPSec and Site-to-Site Enterprise Class Stateful Inspection Firewalls Network Access Controls in context to Identity management Windows server OS & Desktop OS Network Packet Inspection Directory Services including LDAP, AD and Secure Authentication Technologies Experience in implementing Information Security technologies and/or processes required. Experience in defining Information Security strategies and frameworks Experience integrating security technologies into corporate operations frameworks. Ability to communicate effectively with client staff at all levels, from technical to executive Multi-task oriented in a team environment Demonstrated ability to pay close attention to detail Knowledge of Information security risk assessment methodologies and standards Experience developing technical documentation, including reports, proposals, statements of work, and whitepapers Ability to work independently, undertaking and completing project tasks on schedule with minimal supervision Balance Staffing is proud to be an equal-opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, Veteran status, or any other characteristic protected by federal or state law.

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Put your skills to the test by pushing the boundaries of what's possible. From global defense to sustainment and modernization to mission readiness, your experience and ability will make it a reality. Our programs are built on equal parts of curiosity and collaboration. Our combined effort means our customers can connect and defend millions of people around the world. With Northrop Grumman, you'll have the opportunity to be an essential part of projects that will define your career, now and in the future. Northrop Grumman Defense Systems is seeking an Principal or Sr. Principal Industrial Security Analyst (3/4) for our Northridge, CA location. **Roles and Responsibilities:** + Develops and administers physical security programs and procedures for classified or proprietary materials, documents, and equipment. Studies and implements federal security regulations that apply to company operations + Obtains rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies + Prepares manuals outlining regulations, and establishes procedures for handling, storing, and keeping records, and for granting personnel and visitors access to restricted records and materials + Conducts security education classes and security audits + Ensures security compliance as a CSSO in accordance with DoDM 5205.07 + Responsible for offsite and subcontractor security standups and posture **ISA duties will include:** + CSSO for offsite and subcontractor sites associated with the program + Support a fast-paced, high-profile program; creating, maintaining, and leveraging working relationships with internal and external customers + Study and implement company and federal security policies, regulations, and procedures that apply to company operations + Obtain rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies + Manage program security compliance and operations across multiple functions, including security SCIF and/or SAPF administration, PHYSEC, COMSEC, PERSEC, OPSEC, Contract Security, Security Education, Investigations, Visitor Control, and Document Control Management + Develop and implement a security education and awareness program + Conduct internal security audits. Investigate security violations and prepare reports specifying preventive action to be taken + Ensure adherence to contractual guidance for classified programs and cleared facilities in accordance with the Security Statements of Work, DD Form 254, DoD Contract Security Classification Specifications guidance + Assist program managers and professional staff in interpreting, applying, and complying with program Security Classification Guides (SCG) + Provide personnel security (PERSEC) support to include but not limited to reviewing and processing required documentation in support of SCI and SAP nomination processes; maintain PERSEC databases; prepare and administer program indoctrination and debriefings; access, review, and submit clearance and access information using the appropriate government database and other information systems + Provide facility security administration, documentation, and support: implement Standard Operating Procedures (SOP); conduct SCI and SAP security program self-inspections + Provide security support for Sensitive Compartmented Information Facility (SCIF) and Special Access Program Facility (SAPF) build construction projects to include obtaining customer accreditation in accordance with SCI and SAP DoD Manuals, ICD, ICS Tech Spec, and other government requirements + Manage and maintain UL-2050 Compliant Intrusion Detection Systems (IDS) and automated Access Control Systems (ACS) + Other duties as assigned **Basic Qualifications:** **Principal Industrial Security Analyst (level 3)** + Must have a high school diploma or GED with at least 9 years of related experience; OR 5 year of experience with a bachelor's degree + Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) + Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) + Excellent customer service and communication skills + Must have an active Secret clearance + Ability to maintain flexibility to deal with changing priorities and deadlines. + Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications + CSSO Experience + Ability to travel **Basic Qualifications:** **Sr. Principal Industrial Security Analyst (level 4)** + Must have a high school diploma or GED with at least 12 years of related experience; OR 8 year of experience with a bachelor's degree + Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) + Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) + Excellent customer service and communication skills + Must have an active Secret clearance + Ability to maintain flexibility to deal with changing priorities and deadlines. + Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications + CSSO Experience + Ability to travel **Preferred Qualifications:** + Experience Leading Security Teams from Subcontractors and Offsite + Ability to work independently and follow projects through to completion. + Current Top-Secret clearance + Self-starter with minimal supervision + Security experience in a manufacturing environment + Supply Chain Security Experience Primary Level Salary Range: $94,200.00 - $141,200.00 Secondary Level Salary Range: $117,500.00 - $176,300.00 The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business. The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates. Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

A client of Sharp Decisions if looking for a Security Architect. This role is ONSITE in Torrance, CA- a multi-year contract with no end date, W2 only. Daily Task Performed: * Security Design and Architecture: Knowledge of security design and architecture for organizational systems to meet defined cybersecurity needs; ability to embed security principles into the design goals while minimizing the risk from cyber security threats and vulnerabilities. * Cross-functional Collaboration: Knowledge of collaborative techniques and approaches; ability to promote a culture of continuous improvement and working together across functions to solve business problems and meet business goals. * Frameworks and Industry Standards: Knowledge of cybersecurity enterprise programs, policies, and standards to govern the organization's approach towards protecting their systems; Ability to align them with regulations, organization's context, operating environment, and cyber threats. Position Success Criteria (Desired) - 'WANTS' * IS related bachelors degree and/or equivalent work experience. * 5+ years of IT business work experience Desired Certifications: CISSP, CCSP, CCNP, CISA, or equivalent are highly desirable * Problem Solving: Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply knowledge of problem solving appropriately to diverse situations. * Conceptual Thinking: Knowledge of thinking and reasoning at a conceptual level; ability to identify the critical ideas and interdependencies among system elements that impact performance. * Cloud Security: Knowledge of tools, technologies, and processes of cloud security; ability to minimize security risks to secure cloud computing services. #LI-MM1

**About Us** We are a global leader in outdoor sports, golf simulation, and cycling/ power sports equipment, delivering innovative products and digital experiences to athletes and enthusiasts worldwide. Our technology ecosystem spans retail, e-commerce, connected devices, SaaS platforms, and manufacturing systems. Protecting our customers, intellectual property, and operations is essential to maintaining trust and enabling innovation. **Role Overview** We are seeking a Principal Security Architect who will own enterprise security architecture strategy and execution across a complex global landscape. This is not a maintenance role-it's a change leadership position for someone who thrives on solving complex problems, challenging assumptions, and driving transformation. You will work alongside senior IT and business leaders to design and implement enterprise and security architectures that enable innovation and accelerate top-line growth. This role demands autonomy, influence, and the ability to lead engineers through discovery, design, and delivery. **Key Responsibilities** **Enterprise Architecture Leadership** + Define anddrive enterprise-wide security architecture strategy, ensuring alignment with business objectives and growth initiatives. + Influencenetwork and compute architecture decisions to embed security into foundational design. + Champion acloud-first strategy, guiding migration and modernization efforts across hybrid and on-prem environments. + Develop reference architectures, standards, and design patterns that embed security into every layer of our technology stack. **Engineering & Technical Execution** + Lead engineers throughdiscovery and design workshops, translating business priorities into actionable security solutions. + Provide hands-on technical leadership in solution selection and integration (IAM, PAM, SIEM, EDR, cloud security, data security, DevSecOps pipelines). + Oversee proof-of-concept and pilot deployments of new security technologies, ensuring scalability and performance. **Business Partnership & Influence** + Collaborate with senior IT and business leaders toalign security architecture with revenue-driving initiatives. + Influence stakeholders by clearly articulating trade-offs between security, usability, and cost. + Act as a trusted advisor to product, engineering, and business teams during digital transformation efforts. **Governance & Risk Alignment** + Translate regulatory and compliance requirements (PCI-DSS, SOC2, ISO 27001, GDPR, CCPA) into practical security controls. + Participate in security design reviews, risk assessments, and threat modeling for critical projects. + Ensure architectural alignment with enterprise risk management and business continuity objectives. **What We're Looking For** + Relentless problem-solver who thrives in ambiguity and challenges the status quo. + Someone that can envision an effective and efficient technical landscape and then align resources to deliver. + Ability toinfluence without authority and rally teams around a bold vision. + Comfortable makinghigh-impact decisions and owning outcomes. **Qualifications** + Proven track record ofleading enterprise security transformations and delivering measurable improvements. + Deep expertise in cloud-native (AWS, Azure, GCP), hybrid, and on-prem environments. + Strong understanding of identity & access management, zero-trust models, DevSecOps, and container security. + Familiarity with MITRE ATT&CK, NIST CSF, and security design principles. + Excellent communication and stakeholder management skills. **Preferred Experience** + Security leadership in global manufacturing, retail, e-commerce, or supply chain environments. + Hands-on experience with API security, payment security (PCI-DSS), and secure mobile applications. + Knowledge of security automation and orchestration (SOAR) and infrastructure-as-code security (Terraform, CloudFormation). + Simplification of complex legacy landscapes. **Certifications** Certifications are valued but demonstrated experience in driving change and leading architecture at scale is essential. **Why This Role Matters** This is a strategic leadership position that will shape the future of our security posture and enable innovation across the enterprise. Your work will directly impact customer trust, operational resilience, and top-line growth. **Location** This role will be in either Orange County or San Diego County in California. Out of the area candidates will not be considered. \#LI-CD1 **Pay Range:** $123,200.00 - $162,800.00 The actual annual salary offered to a candidate will be based on variables including experience, geographic location, education, and skills/achievements, and will be mutually agreed upon at the time of offer. We offer a highly competitive salary, comprehensive benefits including: medical and dental, vision, disability and life insurance, 401K, PTO, paid holidays, gear discounts and the ability to add value to an exciting mission! Our Postings are not intended for distribution to or use in any jurisdiction, country or territory where such distribution or use would violate local law or would subject us to any regulations in another jurisdiction, country or territory. We reserve the right to limit our Postings in any jurisdiction, country or territory. Equal Opportunity Employer Minorities/Females/Protected Veteran/Disabled **Revelyst is a collective of makers that design and manufacture performance gear and precision technologies. Our category-defining brands leverage meticulous craftsmanship and cross-collaboration to pursue new innovations that redefine what is humanly possible in the outdoors. Portfolio brands include Foresight Sports, Bushnell Golf, Fox, Bell, Giro, CamelBak, Bushnell, Simms Fishing and more.** Revelyst is an equal opportunity employer. All applicants are considered for employment without regard race, color, religion, sexual orientation, gender identity, national origin, disability, veteran status, and any other characteristics protected by law. The EEO Law poster is available here: **************************************************************** If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to ******************** . Please note that this email address is for accommodation purposes only. Revelyst will not respond to inquiries for other purposes.

The Information Security organization at Sony Pictures Entertainment is responsible for protecting our content, systems, and data from being stolen, damaged, or destroyed. To do so, we are continuously improving our tools, capabilities, and processes to stay ahead of evolving threats. The Manager, Information Security Productions is accountable for operationalizing the Information Security Productions program across all SPE U.S. productions. This includes driving consistent implementation of approved security standards, tools, and controls; ensuring data-driven visibility into production security risk; and supporting compliance and readiness reporting to leadership. Success in this role requires strong cross-functional collaboration across Information Security, IT, S3, and production teams to embed security into creative workflows without friction, while ensuring protection of SPE's most valuable assets-our stories and intellectual property. This role will also ensure program consistency with regional and global counterparts, contribute to automation and standardization of key controls, and support ongoing improvement of information security for productions practices across the production lifecycle. Key indicators of success in this role will be: + Business leaders have near real-time visibility into production information security risk using meaningful, actionable metrics that drive timely and effective decision-making. + Consistent application of approved tools, workflows, and controls across productions, ensuring compliance and readiness reporting aligns with studio KPIs. + Production teams trust SPE to provide a secure, highly available, and easy-to-use digital production environment that safeguards our content and data. + Information Security, Physical Security, and IT operate as unified partners to protect SPE productions from concept to archive. Within this organization, we value learning, agility, and collaboration. The Manager, Information Security Productions (CC, US) will be a key contributor to Sony Pictures Entertainment's goal of being the most trusted studio in the industry. Responsibilities Provide visibility and actionable insight into Information Security risk across active U.S. productions. + Monitor, analyze, and report on production security posture and key control performance metrics for each production. + Partner with global InfoSec, Risk, Threat Intelligence, Incident Response, Training, and Governance teams to align production needs with enterprise programs. + Prepare and present dashboards and reports on security trends, compliance status, and improvement opportunities. + Support the development of production-specific metrics and KPIs to measure control effectiveness. + With IT and Physical Security, maintain security controls in place for productions to most effectively meet our business goals. Operationalize the Production Information Security Program across U.S. productions. + Ensure consistent implementation of approved security tools, policies, and workflows within productions. + Coordinate adoption of automated controls with productions, such as provisioning, watermarking, and access telemetry. + Support the standardization and scalability of production security practices across production titles and business units. Ensure and track production security culture, awareness, and response readiness. + Amplify the reach of security training and awareness initiatives by coordinating rollout to productions, ensuring consistent messaging and participation tracking. + Gather feedback from productions to help refine information security for productions training and awareness efforts. + Partner with Incident Response to ensure clear communications, timely follow-up, and closure of corrective actions. + Track cultural and operational readiness indicators (e.g., onboarding rates, reporting engagement, post-incident improvements) to measure program maturity and continuous improvement. Qualifications + 5+ Years of experience in Information Security, Information Technology or a related field + 5+ Years of experience in an organization directly involved in movie, television and/or other entertainment production, or equivalent educational experience. + Bachelor's degree preferred + Strong understanding of the technologies, tools and processes used in production of movies and/or television. + Knowledge of Information Security frameworks, standards and best practices and their relevance to business success + Specific knowledge of processes, tools and practices used to maintain confidentiality in the context of movie and television productions. + Ability to develop and maintain meaningful metrics to track program and process effectiveness. + Strong planning and analytical skills + Strong communications skills Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. To request an accommodation for purposes of participating in the hiring process, you may contact us at SPE_Accommodation_Assistance@spe.sony.com.

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: * Secure the Magic by protecting information systems and platforms. * Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. * Strengthen the business through optimizing execution, application, and technology used to protect the Company. * Innovate by investing in core capabilities to enhance operational efficiency. Team Description: Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. What You'll Do: * Independent audit support for: * SOX 404 ITGCs * PII * PCI * ISPS * Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. * Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. * Develop and lead the Control Assurance Programs (ISPS and SOX). * Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. * Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. * This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. * Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. * Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) * Ensure for timely management response of audit findings into our corporate SOCD/SAD. * Oversee ISPS Management Audit coordination and open action plans. * Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. * Management of GRC workflows around coordination of certifications and attestations. * Partner with leadership to support the PCI-DSS compliance program. * Develop training materials, coordinate training sessions, and monitor compliance with training requirements. * Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. * Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. * Provide executive level updates on Compliance programs Must Haves (Years of Experience, languages, programs, tools, etc.): * Minimum of 8 years of related work experience, with 3 in management roles * IT SOX experience and proven experience in supporting IT audit/compliance functions * Experience in managing people * Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives * Interpersonal skills with the ability to work with teams cross-functionally * Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators * Detail-oriented but able to understand the big picture. Highly organized and efficient * Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments * Experience with cloud-based services, specifically AWS Nice To Haves (see above): * Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR * Experience working with companies that have a heavy microservice architecture Education: Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. About The Walt Disney Company (Corporate): At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe. About The Walt Disney Company: The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate). Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information or disability, or any other basis prohibited by federal, state or local law. Disney champions a business environment where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a constantly evolving world. Apply Now Apply Later Current Employees Apply via My Disney Career Explore Location

Job DescriptionDescription: Aspire General Insurance Company and its affiliated general agent, Aspire General Insurance Services, are on a mission to deliver affordable specialty auto coverage to drivers without compromising outstanding service. Our company values can best be described with ABLE: to always do the right thing, be yourself, learn and evolve, and execute. Join our team where every individual takes pride in driving their role for shared success. JOB SUMMARY: Aspire General Insurance, a leader in non-standard auto insurance, is seeking a hands-on and strategic Director of Information Security to develop, implement, and maintain the company's information security program. This role is responsible for protecting sensitive customer data, ensuring compliance with regulatory standards, and strengthening our overall cyber risk posture in a cloud-native, AI-enabled environment. Key Responsibilities: Develop and lead the enterprise-wide information security strategy, including governance, risk management, threat detection, and incident response. Manage and mature security operations, vulnerability management, and access controls. Own compliance with regulatory frameworks (e.g., NAIC Model Law, GLBA, PCI-DSS, SOC 2) relevant to the insurance industry. Collaborate with IT, legal, and claims teams to embed security into infrastructure, applications, and third-party vendor relationships. Oversee risk assessments, penetration testing, and security audits; prioritize and remediate findings. Lead response to security incidents, including detection, containment, communication, and recovery. Evaluate and implement modern security technologies, particularly in cloud environments (e.g., Azure security tools). Educate employees on security awareness and develop policies for secure use of systems and data. Supervise and grow a small but high-performing InfoSec team and contractors. Requirements: Qualifications: 8+ years in information security roles, with at least 3 years in a leadership capacity. Deep knowledge of cybersecurity principles, risk frameworks, and regulatory requirements. Experience with cloud security (AWS or Azure), identity and access management (IAM), SIEM tools, endpoint protection, and zero trust architectures. Track record of managing security programs in regulated industries such as financial services or insurance. Familiarity with third-party risk management and secure SDLC practices. Excellent communication and incident-handling skills. Knowledge of SOC 2, ISO 27001, and/or NIST frameworks. Bachelor's degree in Information Security, Computer Science, or related field (CISSP, CISM, or similar certification strongly preferred). Preferred Experience: Experience working with or securing AI/ML platforms and data pipelines. Experience with security considerations in insurance claims and policy systems (e.g., PII, policy documents). Benefits: Medical, Dental, Vision, HSA*, PTO, 401k, Company Observed Holidays Individuals seeking employment at Aspire General Insurance Services LLC are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation in accordance with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements. *Dependent on plan selected

Are you a hands-on security leader ready to make a measurable impact in a mission-driven organization? We're looking for a Director of Information Security to lead and scale our security operations, incident response, and engineering efforts. In this role, you'll oversee our security ecosystem - from real-time monitoring to proactive threat hunting - and help shape the future of enterprise security at a growing company. This is a highly collaborative position where you'll work cross-functionally with teams across the business to protect our information assets, infrastructure, and services - especially within a SaaS and life sciences environment. What will you do? Shape and drive the enterprise security operations strategy in alignment with broader company goals. Serve as a trusted advisor to senior leadership on all things security. Manage our Security Operations Center (SOC), ensuring rapid incident detection, triage, and response. Oversee threat intelligence, vulnerability management, and operational risk mitigation initiatives. Partner with IT and engineering teams to deploy, tune, and optimize tools like SIEM, SOAR, EDR, and DLP. Implement automation and integrations that improve speed and efficiency. Lead cyber incident response efforts and continuously test and improve our disaster recovery and response plans. Coordinate cross-functional teams (e.g., Legal, HR, Communications) during major security events. Lead, mentor, and grow a high-performing team of security and infrastructure professionals. Support the development of a resilient, inclusive, and learning-driven culture across the department. Align programs with regulatory standards (HIPAA, SOX, GDPR, PCI-DSS) and frameworks (NIST, MITRE ATT&CK). Support audits and ensure documentation is ready and accurate. How will you get there? Bachelor's degree in Computer Science, Information Security, or related field (Master's a plus). 12+ years of relevant experience, including 4+ years leading teams in complex enterprise environments. Hands-on expertise in SOC management, incident response, and threat intelligence. Experience in the Medical Device, Life Sciences, or highly regulated industries preferred. Professional certifications such as CISSP, CISM, GIAC, or CEH. Proficiency with security tools including SIEM, EDR, SOAR, IDS/IPS, and vulnerability management platforms. Strong knowledge of cloud (AWS, Azure, GCP), Windows/Linux systems, and network protocols. Familiarity with security frameworks and standards (NIST, MITRE, ISO 27001). Proven ability to build, lead, and retain high-performing technical teams. A proactive, solutions-oriented mindset with excellent communication and collaboration skills. #GKOSUS

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: Secure the Magic by protecting information systems and platforms. Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. Strengthen the business through optimizing execution, application, and technology used to protect the Company. Innovate by investing in core capabilities to enhance operational efficiency. Team Description: Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. What You'll Do: Independent audit support for: SOX 404 ITGCs PII PCI ISPS Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. Develop and lead the Control Assurance Programs (ISPS and SOX). Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) Ensure for timely management response of audit findings into our corporate SOCD/SAD. Oversee ISPS Management Audit coordination and open action plans. Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. Management of GRC workflows around coordination of certifications and attestations. Partner with leadership to support the PCI-DSS compliance program. Develop training materials, coordinate training sessions, and monitor compliance with training requirements. Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. Provide executive level updates on Compliance programs Must Haves (Years of Experience, languages, programs, tools, etc.): Minimum of 8 years of related work experience, with 3 in management roles IT SOX experience and proven experience in supporting IT audit/compliance functions Experience in managing people Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives Interpersonal skills with the ability to work with teams cross-functionally Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators Detail-oriented but able to understand the big picture. Highly organized and efficient Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments Experience with cloud-based services, specifically AWS Nice To Haves (see above): Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR Experience working with companies that have a heavy microservice architecture Education: Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. Job Posting Segment: Enterprise Technology Job Posting Primary Business: Corporate Global Information Security Primary Job Posting Category: Security Governance Employment Type: Full time Primary City, State, Region, Postal Code: Glendale, CA, USA Alternate City, State, Region, Postal Code: USA - CA - 2450 Broadway, USA - NY - 7 Hudson Square Date Posted: 2025-11-21

Loyola Marymount University (LMU) is seeking an experienced leader to serve as Director of Information Security & Compliance within our Information Technology Services (ITS) team. This role offers a strategic opportunity to shape and safeguard the university's digital environment, drive proactive risk management, and embed a culture of security across the organization. Reporting directly to the CIO/VP of IT, the Director will architect and manage a best-in-class information security and compliance program that supports LMU's mission of learning, holistic education, service, and justice. Under the general direction of the CIO/Vice President for Information Technology, the Director of Information Security and Compliance will serve as the University's Cybersecurity leader. The Director will create a modern and effective Information Security and Compliance Program that will drive the university's efforts to protect its information assets and ensure compliance with relevant regulations and standards. This role is pivotal in creating a secure and compliant digital environment that supports LMU's mission, values, and goals. The Director will leverage partnerships and collaboration to lead initiatives that result in measurable improvements in information security and compliance, fostering a culture of security awareness and proactive risk management. The Director will serve as the process owner of the appropriate second-line assurance activities not only related to confidentiality, integrity and availability, but also to the safety, privacy and recovery of information owned or processed by LMU in compliance with regulatory and university requirements. The Director will oversee the university's compliance with applicable laws, regulations, and policies related to information security and privacy. Position Specific Responsibilities/Accountabilities * Enhance Security Posture: Develop and implement a comprehensive cybersecurity program that significantly reduces risks and vulnerabilities across the university's digital landscape. * Ensure Regulatory Compliance: Achieve and maintain compliance with relevant regulations and standards, ensuring that LMU meets all legal and regulatory requirements. * Collaborative Protection: Work closely with various campus partners, external stakeholders, and community partners to ensure that information assets and associated technologies are protected, resulting in a cohesive, unified, and well understood approach to information security and compliance. * Risk Management: Conduct thorough risk assessments and implement effective mitigation strategies, leading to a demonstrable reduction in potential threats. * Incident Response: Oversee and improve incident response and recovery efforts, ensuring swift and effective investigation and resolution of security incidents. * Policy Development: Create and enforce robust policies and procedures that safeguard information assets, leading to a well-documented and easily accessible framework for cybersecurity. * Training and Awareness: Provide comprehensive training and guidance to staff on cybersecurity best practices, resulting in a well-informed and vigilant workforce. * Monitoring and Reporting: Continuously monitor and report on the effectiveness of the cybersecurity program, providing clear metrics and insights that demonstrate progress and areas for improvement. * Leadership and Strategy: Plan and manage the strategy, people, processes, tools, services, and resources necessary to effectively support the program and meet strategic goals. * Business Continuity and Disaster Recovery: Orchestrate a secure, robust, and highly reliable approach to providing ITS services, during and after a disaster or disruption, to minimize negative impacts to business operations and maintain essential services. * Data Governance: Oversee the university's data governance efforts, ensuring that data is managed securely and in compliance with university policies and legal requirements. * Perform other related duties. Loyola Marymount University Expectations Exhibit behavior that supports the mission, vision, and values of the university. Communicate and employ interpersonal actions that model high standards of professional, responsible, accountable, and ethical conduct. Demonstrate a commitment to outstanding customer service. Requisite Qualifications * Typically a Bachelor's Degree from an accredited four-year institution in Computer Science, Information Technology, or Cybersecurity. * Seven years of experience in information security, with at least three years in a management role. * Experience in developing and implementing technology policy, especially in a University environment is desirable. * Professional certifications such as CISSP, CISM, or CISA are highly desirable. * Experience in developing and implementing technology policy, preferably in a University environment.\ * Strong knowledge of frameworks, standards, and best practices relating to Information Security, Privacy, Data Governance, and Business Continuity and Disaster Recovery Experience with regulatory compliance requirements (e.g., i.e. FERPA, HIPAA, GDPR, CCPA, and PCI-DSS). * Demonstrated excellent verbal and written communication skills, as well as presentation skills. Writing samples may be required. * Excellent analytical, problem-solving, and decision-making skills. * Strong communication and interpersonal skills, with the ability to effectively collaborate with diverse stakeholders. * Demonstrated ability to lead and manage a team of security professionals. The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of this position. #HERC# #HEJ# Staff Regular Salary range $146,800.00 - $205,500.00 Salary commensurate with education and experience. Please note that this position is not eligible for visa sponsorship now or in the future. Loyola Marymount University, a Carnegie classified R2 institution in the mainstream of American Catholic higher education, seeks outstanding applicants who value its mission and share its commitment to inclusive excellence, the education of the whole person, and the building of a just society. LMU is an equal opportunity employer committed to providing an environment free from discrimination and harassment as defined by federal, state and local law. We invite all persons in the full diversity of their being, life experience, and beliefs to apply. (Visit *********** for more information.)

The System Security Engineer Level II is required to be a highly skilled and hands-on security engineer, and will be responsible for helping to maintain and expand the infrastructure of the entire Cambro network, ensuring that they are protected from cyber threats and attacks, ensuring compliance, and responding to incidents. In this role, the responsibility is to manage, monitor, and maintain our Network IT infrastructure from CVEs, cyber threats, manage and implement device firmware and software updates. Also, the role is required to assist in projects and initiatives to support, upgrade, and maintain our technical environment to improve network security. The role requirement is to be proficient with cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. The role requires to have a multi-disciplined background including experience with Cybersecurity Operations, firewalls, IDS/IPS, switches, VLANs, routing protocols, IPsec, VPN tunnels, multi factor authentication and e-mail security. In addition, they must have a solid understanding of virtualized servers, Windows workstations and services. This role is required to have the network monitoring skills and technologies for detecting unusual activity, investigate security breaches and lead incidence response. ESSENTIAL JOB FUNCTIONS • Monitor network traffic for anomalies, investigate alerts and respond to security incidents. • Conduct regular vulnerability scans, risk assessments, patch management and mitigation across network devices. • Ensure adherence to cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. • Able to proactively scan servers and network devices for vulnerable ports and protocols and rogue devices. • Manage our firewall environment with the ability to create route policies and apply cybersecurity recommendations • Install and configure Network Equipment (Switches, Firewalls, and other networking hardware) • Perform (Layer 2) switch administration and configuration on Cisco/Ruckus switches. Including configuring LAGs, interfaces, creating trunks, creating, and managing segmented VLANs. • Possess a solid understanding of Windows Server services and roles including installation and configuration • Create certificates for network devices and servers that have a web management capability • A strong understanding of Windows Active Directory and can design, implement, and configure and troubleshoot Active Directory issues • Create, Manage and Deploy Group Policy Objects (GPO's) to deploy applications and implement security including windows firewalls • Effectively use PowerShell to automate and standardize administrative tasks • Capable of installing a Linux VM and execute basic Linux commands and managing Linux appliances • Manage our virtualized server environment managing, creating VM's and patching the VMware environment. • Strong understanding of Virtual Switches, Port Groups (Distributed and Standard) • Manage the Active Backup for Business on Synology and other advanced Synology administration features • Maintain and monitor Backup solutions. • Manage our users email accounts using the cloud service M365 from Microsoft • Responsible for creating and maintaining server and network documentation to include tasks and procedures • Proactively monitor our network using a variety of tools to help identify potential network and server issues • Assist in patching our entire infrastructure when needed using a variety of tools • Maintains strong technical abilities, knowledge of new and changing technologies • Prepare for emergencies by creating and/or updating action plans • Jumping into time-sensitive projects wherever needed • Showing flexibility and a willingness to learn • Maintain healthy communication with IT Staff, IT Customers and Vendors • Actively participate in IT Infrastructure and Operations projects, managing, completing, communicating, and fully documenting assigned tasks and deliverables. • Maintain reliable and consistent attendance, including being punctual, and dependable in order to meet the needs of the department and the organization. • Execute each essential duty satisfactorily to perform job successfully. • Follows all safety procedures required in work area, wears PPE as needed, attends all safety meetings, and reports safety issues regarding equipment or unsafe/hazardous conditions. • Performs effectively as a team member, able to work well with others, open to receiving and give feedback, and treats everyone with respect. • Takes ownership of own work and behavior, accepts accountability for own actions, encourages solutions, and communicates status of work/projects. • Follow all department quality standards/criteria. Raise concerns and issues to immediate manager. • Able to understand and demonstrate Cambro company culture, display company core values (Safety, Quality, Respect, and Service). • Understands department's key performance indicators and contributes to achieve these goals both individually and as a team. • Maintains reliable and consistent attendance, including being punctual, dependable, and flexible to potential schedule changes to meet the needs of the department and the organization. • Executes each essential duty satisfactorily to perform job successfully. • Follows all safety procedures required in work area, wears PPE as needed, attends all safety meetings, and reports safety issues regarding equipment or unsafe/hazardous conditions. • Performs effectively as a team member, able to work well with others, open to receive and give feedback, and treats everyone with respect. • Takes ownership of own work and behavior, accepts accountability for own actions, encourages solutions, and communicates status of work/projects. • Follows all department quality standards/criteria. Raises concerns and issues to management. • Understands department's key performance indicators (KPIs) and contributes to achieve these goals both individually and as a team. • Other duties as needed or required. ADDITIONAL RESPONSIBILITIES • Ability to be on call 24 hours a day, 7 days a week for global operations, by periodically providing off-hours, evening, and weekend support to accommodate maintenance windows and issue resolution • Occasional travel to various Cambro locations domestically and internationally as required (15%) • May occasionally guide less experienced associates to help with technical projects • Some travel may be required. REQUIRED QUALIFICATIONS The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. • Bachelor's degree (B.A.) from a four-year accredited college or university. • 5-10 years of experience in IT security, network, administration, and support roles. • Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form. • Ability to adapt and adjust plans to meet changing needs. • Proficient in Microsoft Office Suite • Experience with Fortinet solutions, EDR, email security solutions • Solid knowledge of cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. • Solid working knowledge of Layer 2 (VLANs, Inter-VLANs, VTP Domains, bridge groups, MVRP, ACL's) technologies and network segmentation. • Strong knowledge of DNS records including reverse zones and maintaining DNS records • Strong DHCP Knowledge to include DHCP Fail over and able to configure DCHP relay on Switches • Solid understanding of routing protocols, static routes and ARP cache • Proficient in creating and implementing certificates on layer 2 devices (Switches, Firewalls, Linux Appliances) • Strong troubleshooting skills and possess the ability to find security and network issues in a timely manner • Strong Windows administration skills including Active Directory/GPO's and security policies • Solid working knowledge of Virtualization, such as VMware ESXi servers and vCenter 7.x • Solid working knowledge of Veeam/Bacula/Exagrid backup software to manage backup and restore procedures • Must be able to follow instructions and procedures and ask questions if something is unclear • Excellent documentation skills including ability to create network drawings • Self-motivated and energetic with the ability to manage time efficiently without supervision and to work effectively under pressure • Strong customer service and communication skills • Excellent organizational skills and strong sense of urgency • Familiarity with various network types including LANs, WANs, SDWAN, WLANs, SANs, and VoIP networks • Great accuracy and attention to detail PREFERRED QUALIFICATIONS • Experience in Business Continuity and disaster recovery is a plus • Knowledge of Ruckus Access Points and Switches • Knowledge of IBMi PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Sitting, walking, standing, bending at the neck, bending at the waist, squatting, climbing, kneeling, crawling, twisting at the neck and waist, repetitive use of hands, simple grasping, power grasping, fine manipulation, pushing and pulling, reaching above and below the shoulder, carrying/lifting up to 50 lbs. Driving cars and other IT equipment Working around equipment and machinery Exposure to excessive noise Exposure to dust, gas, fumes or chemicals Working at heights Use of special visual or auditory protective equipment Walking on uneven ground PPE Requirements Safety glasses Steel-toe slip-resistant shoes - When in production area Hearing protection (e.g. ear plugs, ear muffs) - When in production area Face covering (mask) in accordance with company policy. Hardhat/bump camp IT Application COMPENSATION RANGE: $97,000- $120,000 Salary may vary based on experience. CAMBRO is proud to be an equal-opportunity workplace. All qualified applicants will receive consideration for employment without regard to and will not be discriminated against based upon race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic information, military or veteran status, or other characteristics protected by law.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Raytheon is seeking a well-qualified Systems Security Engineer II (P2) to join our Systems Security Engineering (SSE) team in developing solutions to protect the Warfighter's technology advantage. Systems Security Engineering creates holistic security solutions leveraging Cyber Security, Software Assurance and Supply Chain Risk Management to support Program Protection Implementation on embedded weapons systems. Join our highly visible team and perform technically challenging assignments, which will directly contribute to protecting our nation and our Warfighters. This is an onsite position at Raytheon in Fullerton, CA. What You Will Do * Lead the patch team, ensuring on-time delivery of patches to our customer * Perform analysis on cybersecurity collected data and test results * Validate secure configuration of routers, switches, firewalls, servers, operating systems, applications, and other assets, using DoD approved scanning and assessment tools such as Nessus, STIG, Evaluate STIG, and/or RADIX * Create and maintain Linux Bash and Python scripts * Create patch artifacts such as patch media and information assurance posture reports Qualifications You Must Have * Typically requires a Bachelor's Degree in Science, Technology, Engineering or Mathematics (STEM) and 2 years of prior relevant experience * Active and transferable U.S. government issued DoD Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance * Experience in System Security Engineering, computer technology reverse engineering, cybersecurity or embedded security Qualifications We Prefer * Experience with scrum planning and scrum tools such as Jira * Experience in the SSE implementation throughout the entire life cycle * Experience contributing to a team environment for the purpose of developing creative solutions to technical problems * Cyber Certifications in accordance with DoDD 8570/DoDD 8140 such as CISSP, GSLC, CEH * Experience supporting the development of Risk Management Framework (RMF) documents and controls validation testing for Authority to Operate (ATO) accreditations * Candidate must exhibit an exceptional degree of ingenuity, creativity and resourcefulness * Excellent communication, technical writing, oral presentation and interpersonal skills What We Offer * Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation * Relocation Eligible - Relocation assistance is available As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

What you do Be responsible for Pre Sales Support & End User Support for, but not limited to the design, configuration, and operation of complete building low voltage systems, including fire, security, and other low voltage control sub-systems (i.e. lighting, nurse call, data networks, etc.) to meet the intent of the project requirements. Accountable to field teams for quality, timeliness and efficiency of designs. Develops complex software programs, commissions and troubleshooting to ensure proper operations of the building control system. Provides detailed information and submittals to communicate design and operation to customers, consultants, Johnson Controls field installation team and subcontractors. How will you do it - Sales Support and End User Support · Possible job walks with the Sales Team on the initial design phase · Designs and configures are technically complex building control systems as defined by the contract documents. · Creates flow diagrams, sequence of operations, bill of material, network layouts and electrical schematics as required. · Develop and tests software programs necessary to operate the system per the project requirements' intent. · Coordinates the creation of necessary drawings and equipment schedules for submittals and installation. · Assists in the loading and commissioning of all system and network-level controllers as required. · Assists in validation of complete system functionality and troubleshoots problems with subcontractors and other trades to ensure proper operation. · Provides field change information to the project team for the creation of as-built drawings and software. · Keeps management and JCI contractor or customer informed of job progress and issues. · Assists in performing site-specific training for owner/operator on the total building control system. · Participates in release meeting with the project field team. · Performs value engineering to provide cost effective results while maintaining customer satisfaction. · Adheres to safety standards. · High degree of employee and subcontractor safety. What we look for Required Qualifications · Minimum of seven years of experience, or an associate degree in a related technical field with seven years of relevant work experience required. · Demonstrated knowledge of the construction, mechanical, electrical, or HVAC service industry. · Demonstrated knowledge of mechanical drawings, electrical wiring diagrams, control theory, automatic temperature controls, building automation systems and other building subsystems. · Demonstrated experience in the integration of low voltage building sub-systems using various industry protocols (i.e. LON, BACnet, etc.). · Ability to relate technical knowledge to a non-technical audience. · Demonstrated advanced computer skills required, particularly computer-related drafting tools, such as Visio. Preferred Qualifications · Bachelor's degree in engineering with a minimum of five years of experience, or an associate degree in a related technical field with seven years of relevant work experience required. · Understanding of IP networking for building automation systems. · Understanding of Tridium/Niagara Framework HIRING SALARY RANGE: $100K to $125K (Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, location and alignment with market data.) This role offers a competitive Bonus plan that will take into account individual, group, and corporate performance. This position includes a competitive benefits package. For details, please visit the About Us tab on the Johnson Controls Careers site at ***************************************** Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability or any other characteristic protected by law. To view more information about your equal opportunity and non-discrimination rights as a candidate, visit EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit here.

Full-time Description The System Security Engineer's primary function is working within Special Access Programs (SAPs) supporting SMC and AFSPC acquisition programs. The position will provide "day-to-day" support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities to meet NIST Cybersecurity requirements for system assessment & authorization. Performance shall include: Perform oversight of the development, implementation and evaluation of information system security program policy; special emphasis placed upon integration with existing SAP network infrastructures Support a team of System Security Engineers and Certification and Accreditation Analysts responsible for ensuring the customers national and international security interests are protected as support equipment are designed and tested Support customer and SAP community IA working groups, participate in SSE IPT reviews Provides expert level consultation and technical services on all aspects of Information Security Review SSE related designs and provides security compliance recommendations Develop and provide IA risk management recommendations to the customer Provide SSE support for Mission and Training systems design and development Assist with development and maintenance of the Program Protection Plan & Cybersecurity Strategy Assist with site activation activities and design reviews Represent the Government Program Manager in various SSE related working groups, advisory groups, and advisory council meetings Requirements Experience: 6 years' total experience, including minimum 2 years' experience within SCI or SAR environment. Minimum 1 year of SAP relevant experience highly desired. Education: Bachelor's degree in a related discipline or equivalent additional experience (4 years) Certifications: Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level 2 and Information Assurance Manager Level 1 within 6 months of the date of hire Security Clearance: Current Top Secret Clearance with SCI Eligibility Eligibility for access to Special Access Program Information Willingness to submit to a Counterintelligence polygraph Other Requirements: Must be familiar with security policy/manuals and the appropriate ICDs/JAFANs/DOD Manuals and other guiding policy documents Familiarity with Risk Management Framework (RMF) and Joint SAP Implementation Guide (JSIG) processes for system accreditation, along with legacy (DITSCAP, DIACAP) processes Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners Working knowledge of Microsoft Office (Word, PowerPoint, and Excel) Possess a high degree of originality, creativity, initiative requiring minimal supervision Willingness to travel within the organizational Area of Responsibility (AOR) (note - could be extensive, and will include both air and ground transportation)

RELOCATION ASSISTANCE: No relocation assistance available CLEARANCE TYPE: SecretTRAVEL: Yes, 25% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Put your skills to the test by pushing the boundaries of what's possible. From global defense to sustainment and modernization to mission readiness, your experience and ability will make it a reality. Our programs are built on equal parts of curiosity and collaboration. Our combined effort means our customers can connect and defend millions of people around the world. With Northrop Grumman, you'll have the opportunity to be an essential part of projects that will define your career, now and in the future. Northrop Grumman Defense Systems is seeking an Principal or Sr. Principal Industrial Security Analyst (3/4) for our Northridge, CA location. Roles and Responsibilities: Develops and administers physical security programs and procedures for classified or proprietary materials, documents, and equipment. Studies and implements federal security regulations that apply to company operations Obtains rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies Prepares manuals outlining regulations, and establishes procedures for handling, storing, and keeping records, and for granting personnel and visitors access to restricted records and materials Conducts security education classes and security audits Ensures security compliance as a CSSO in accordance with DoDM 5205.07 Responsible for offsite and subcontractor security standups and posture ISA duties will include: CSSO for offsite and subcontractor sites associated with the program Support a fast-paced, high-profile program; creating, maintaining, and leveraging working relationships with internal and external customers Study and implement company and federal security policies, regulations, and procedures that apply to company operations Obtain rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies Manage program security compliance and operations across multiple functions, including security SCIF and/or SAPF administration, PHYSEC, COMSEC, PERSEC, OPSEC, Contract Security, Security Education, Investigations, Visitor Control, and Document Control Management Develop and implement a security education and awareness program Conduct internal security audits. Investigate security violations and prepare reports specifying preventive action to be taken Ensure adherence to contractual guidance for classified programs and cleared facilities in accordance with the Security Statements of Work, DD Form 254, DoD Contract Security Classification Specifications guidance Assist program managers and professional staff in interpreting, applying, and complying with program Security Classification Guides (SCG) Provide personnel security (PERSEC) support to include but not limited to reviewing and processing required documentation in support of SCI and SAP nomination processes; maintain PERSEC databases; prepare and administer program indoctrination and debriefings; access, review, and submit clearance and access information using the appropriate government database and other information systems Provide facility security administration, documentation, and support: implement Standard Operating Procedures (SOP); conduct SCI and SAP security program self-inspections Provide security support for Sensitive Compartmented Information Facility (SCIF) and Special Access Program Facility (SAPF) build construction projects to include obtaining customer accreditation in accordance with SCI and SAP DoD Manuals, ICD, ICS Tech Spec, and other government requirements Manage and maintain UL-2050 Compliant Intrusion Detection Systems (IDS) and automated Access Control Systems (ACS) Other duties as assigned Basic Qualifications: Principal Industrial Security Analyst (level 3) Must have a high school diploma or GED with at least 9 years of related experience; OR 5 year of experience with a bachelor's degree Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) Excellent customer service and communication skills Must have an active Secret clearance Ability to maintain flexibility to deal with changing priorities and deadlines. Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications CSSO Experience Ability to travel Basic Qualifications: Sr. Principal Industrial Security Analyst (level 4) Must have a high school diploma or GED with at least 12 years of related experience; OR 8 year of experience with a bachelor's degree Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) Excellent customer service and communication skills Must have an active Secret clearance Ability to maintain flexibility to deal with changing priorities and deadlines. Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications CSSO Experience Ability to travel Preferred Qualifications: Experience Leading Security Teams from Subcontractors and Offsite Ability to work independently and follow projects through to completion. Current Top-Secret clearance Self-starter with minimal supervision Security experience in a manufacturing environment Supply Chain Security Experience Primary Level Salary Range: $94,200.00 - $141,200.00Secondary Level Salary Range: $117,500.00 - $176,300.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: * Secure the Magic by protecting information systems and platforms. * Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. * Strengthen the business through optimizing execution, application, and technology used to protect the Company. * Innovate by investing in core capabilities to enhance operational efficiency. Team Description: Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. What You'll Do: * Independent audit support for: * SOX 404 ITGCs * PII * PCI * ISPS * Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. * Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. * Develop and lead the Control Assurance Programs (ISPS and SOX). * Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. * Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. * This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. * Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. * Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) * Ensure for timely management response of audit findings into our corporate SOCD/SAD. * Oversee ISPS Management Audit coordination and open action plans. * Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. * Management of GRC workflows around coordination of certifications and attestations. * Partner with leadership to support the PCI-DSS compliance program. * Develop training materials, coordinate training sessions, and monitor compliance with training requirements. * Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. * Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. * Provide executive level updates on Compliance programs Must Haves (Years of Experience, languages, programs, tools, etc.): * Minimum of 8 years of related work experience, with 3 in management roles * IT SOX experience and proven experience in supporting IT audit/compliance functions * Experience in managing people * Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives * Interpersonal skills with the ability to work with teams cross-functionally * Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators * Detail-oriented but able to understand the big picture. Highly organized and efficient * Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments * Experience with cloud-based services, specifically AWS Nice To Haves (see above): * Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR * Experience working with companies that have a heavy microservice architecture Education: Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. About The Walt Disney Company (Corporate): At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe. About The Walt Disney Company: The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate). Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information or disability, or any other basis prohibited by federal, state or local law. Disney champions a business environment where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a constantly evolving world. Apply Now Apply Later Current Employees Apply via My Disney Career Explore Location

The Information Security organization at Sony Pictures Entertainment is responsible for protecting our content, systems, and data from being stolen, damaged, or destroyed. To do so, we are continuously improving our tools, capabilities, and processes to stay ahead of evolving threats. The Manager, Information Security Productions is accountable for operationalizing the Information Security Productions program across all SPE U.S. productions. This includes driving consistent implementation of approved security standards, tools, and controls; ensuring data-driven visibility into production security risk; and supporting compliance and readiness reporting to leadership. Success in this role requires strong cross-functional collaboration across Information Security, IT, S3, and production teams to embed security into creative workflows without friction, while ensuring protection of SPE's most valuable assets-our stories and intellectual property. This role will also ensure program consistency with regional and global counterparts, contribute to automation and standardization of key controls, and support ongoing improvement of information security for productions practices across the production lifecycle. Key indicators of success in this role will be: Business leaders have near real-time visibility into production information security risk using meaningful, actionable metrics that drive timely and effective decision-making. Consistent application of approved tools, workflows, and controls across productions, ensuring compliance and readiness reporting aligns with studio KPIs. Production teams trust SPE to provide a secure, highly available, and easy-to-use digital production environment that safeguards our content and data. Information Security, Physical Security, and IT operate as unified partners to protect SPE productions from concept to archive. Within this organization, we value learning, agility, and collaboration. The Manager, Information Security Productions (CC, US) will be a key contributor to Sony Pictures Entertainment's goal of being the most trusted studio in the industry. Responsibilities Provide visibility and actionable insight into Information Security risk across active U.S. productions. Monitor, analyze, and report on production security posture and key control performance metrics for each production. Partner with global InfoSec, Risk, Threat Intelligence, Incident Response, Training, and Governance teams to align production needs with enterprise programs. Prepare and present dashboards and reports on security trends, compliance status, and improvement opportunities. Support the development of production-specific metrics and KPIs to measure control effectiveness. With IT and Physical Security, maintain security controls in place for productions to most effectively meet our business goals. Operationalize the Production Information Security Program across U.S. productions. Ensure consistent implementation of approved security tools, policies, and workflows within productions. Coordinate adoption of automated controls with productions, such as provisioning, watermarking, and access telemetry. Support the standardization and scalability of production security practices across production titles and business units. Ensure and track production security culture, awareness, and response readiness. Amplify the reach of security training and awareness initiatives by coordinating rollout to productions, ensuring consistent messaging and participation tracking. Gather feedback from productions to help refine information security for productions training and awareness efforts. Partner with Incident Response to ensure clear communications, timely follow-up, and closure of corrective actions. Track cultural and operational readiness indicators (e.g., onboarding rates, reporting engagement, post-incident improvements) to measure program maturity and continuous improvement. Qualifications 5+ Years of experience in Information Security, Information Technology or a related field 5+ Years of experience in an organization directly involved in movie, television and/or other entertainment production, or equivalent educational experience. Bachelor's degree preferred Strong understanding of the technologies, tools and processes used in production of movies and/or television. Knowledge of Information Security frameworks, standards and best practices and their relevance to business success Specific knowledge of processes, tools and practices used to maintain confidentiality in the context of movie and television productions. Ability to develop and maintain meaningful metrics to track program and process effectiveness. Strong planning and analytical skills Strong communications skills The anticipated base salary for this position is $115,000-$150,000. This role may also qualify for annual incentive and/or comprehensive benefits. The actual base salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location of the position. Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. SPE will consider qualified applicants with arrest or conviction records in accordance with applicable law. To request an accommodation for purposes of participating in the hiring process, you may contact us at SPE_Accommodation_Assistance@spe.sony.com.

**Country:** United States of America ** Onsite **U.S. Citizen, U.S. Person, or Immigration Status Requirements:** Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance **Security Clearance:** Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Raytheon is seeking a well-qualified **Systems Security Engineer II (P2)** to join our Systems Security Engineering (SSE) team in developing solutions to protect the Warfighter's technology advantage. Systems Security Engineering creates holistic security solutions leveraging Cyber Security, Software Assurance and Supply Chain Risk Management to support Program Protection Implementation on embedded weapons systems. Join our highly visible team and perform technically challenging assignments, which will directly contribute to protecting our nation and our Warfighters. This is an onsite position at Raytheon in Fullerton, CA. **What You Will Do** + Lead the patch team, ensuring on-time delivery of patches to our customer + Perform analysis on cybersecurity collected data and test results + Validate secure configuration of routers, switches, firewalls, servers, operating systems, applications, and other assets, using DoD approved scanning and assessment tools such as Nessus, STIG, Evaluate STIG, and/or RADIX + Create and maintain Linux Bash and Python scripts + Create patch artifacts such as patch media and information assurance posture reports **Qualifications You Must Have** + Typically requires a Bachelor's Degree in Science, Technology, Engineering or Mathematics (STEM) and 2 years of prior relevant experience + Active and transferable U.S. government issued DoD Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance + Experience in System Security Engineering, computer technology reverse engineering, cybersecurity or embedded security **Qualifications We Prefer** + Experience with scrum planning and scrum tools such as Jira + Experience in the SSE implementation throughout the entire life cycle + Experience contributing to a team environment for the purpose of developing creative solutions to technical problems + Cyber Certifications in accordance with DoDD 8570/DoDD 8140 such as CISSP, GSLC, CEH + Experience supporting the development of Risk Management Framework (RMF) documents and controls validation testing for Authority to Operate (ATO) accreditations + Candidate must exhibit an exceptional degree of ingenuity, creativity and resourcefulness + Excellent communication, technical writing, oral presentation and interpersonal skills **What We Offer** + Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation + Relocation Eligible - Relocation assistance is available **_As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote._** The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. _RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act._ **Privacy Policy and Terms:** Click on this link (******************************************************** to read the Policy and Terms Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.