Security architect jobs in Hamburg, NY - 1,187 jobs

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you'd like, where you'll be supported and inspired bya collaborative community of colleagues around the world, and where you'll be able to reimagine what's possible. Join us and help the world's leading organizationsunlock the value of technology and build a more sustainable, more inclusive world. The Senior Security Analyst supports the governance of service provider activities in the enterprise security program, monitoring and escalating problems and providing information on security issues. Undertakes security assurance and audit activities to ensure compliance and to identify risks and opportunities. Provides information to senior managers and executives to ensure that they are aware of any security-related risks or opportunities. Provides subject matter expertise, consultancy and training in security-related matters. Must be able to function in a fast-paced, multi-vendor outsourced environment, facilitating conference calls among other subject matter experts and the client. Responsibilities Handles monthly reporting duties for the Information Risk Management team. Facilitates audit planning and audit remediation activities of the service providers, leading calls and documenting and reporting progress. Has familiarity with security technologies and controls; expertise not required, but the ability to escalate to more senior subject matter experts is important. Develops work plans to structure solutions and communications. Involves client and vendor staff appropriately in resolving security problems. Participates effectively within the business' security governance framework. Tracks the corrective and preventive actions being taken to improve security to closure. Possesses strong communication skills to communicate technical and security risk information to management. Experience Ability to self-manage with little interaction from other management staff. Flexible and able to adapt to manage a fast‑changing environment. Ability to solve complex issues and provide recommendations and advice regarding remediations. Experience with security architecture, security software, or security policy. Ability to organize agendas, lead conference calls, and track action items to completion. Security and Audit certifications such as SSCP, CISSP, CISA, CISM, CGEIT, CRISC, Security+ are preferred. Job Description - Grade Specific The base compensation range for this role in the posted location is: $65,586-121,980. Capgemini provides compensation range information in accordance with applicable national, state, provincial, and local pay transparency laws. The base compensation range listed for this position reflects the minimum and maximum target compensation Capgemini, in good faith, believes it may pay for the role at the time of this posting. This range may be subject to change as permitted by law. The actual compensation offered to any candidate may fall outside of the posted range and will be determined based on multiple factors legally permitted in the applicable jurisdiction. These may include, but are not limited to: Geographic location, Education and qualifications, Certifications and licenses, Relevant experience and skills, Seniority and performance, Market and business consideration, Internal pay equity. It is not typical for candidates to be hired at or near the top of the posted compensation range. In addition to base salary, this role may be eligible for additional compensation such as variable incentives, bonuses, or commissions, depending on the position and applicable laws. Capgemini offers a comprehensive, non‑negotiable benefits package to all regular, full‑time employees. In the U.S. and Canada, available benefits are determined by local policy and eligibility and may include: Paid time off based on employee grade (A-F), defined by policy: Vacation: 12‑25 days, depending on grade, Company paid holidays, Personal Days, Sick Leave Medical, dental, and vision coverage (or provincial healthcare coordination in Canada) Retirement savings plans (e.g., 401(k) in the U.S., RRSP in Canada) Life and disability insurance Employee assistance programs Other benefits as provided by local policy and eligibility Important Notice: Compensation (including bonuses, commissions, or other forms of incentive pay) is not considered earned, vested, or payable until it becomes due under the terms of applicable plans or agreements and is subject to Capgemini's discretion, consistent with applicable laws. The Company reserves the right to amend or withdraw compensation programs at any time, within the limits of applicable legislation. Disclaimers Capgemini is an Equal Opportunity Employer encouraging inclusion in the workplace. Capgemini also participates in the Partnership Accreditation in Indigenous Relations (PAIR) program which supports meaningful engagement with Indigenous communities across Canada by promoting fairness, accessibility, inclusion and respect. We value the rich cultural heritage and contributions of Indigenous Peoples and actively work to create a welcoming and respectful environment. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodation does not pose an undue hardship. Capgemini is committed to providing reasonable accommodation during our recruitment process. If you need assistance or accommodation, please reach out to your recruiting contact. Ref. code 385096-en_US Posted on 05 Jan 2026 Contract type Permanent Location Atlanta, Austin, Bellevue, Berwyn, Bridgewater, Brooklyn, Burlington, Chicago, Columbia, Dallas, Dayton - Sogeti US, Guaynabo, Houston, Irving, Mclean, Nashville, New York, San Francisco, Santa Clara, Seattle, Southfield, Tampa, Westerville #J-18808-Ljbffr

A leading crypto platform is seeking a Senior IAM Security Engineer to secure identity and access management systems. The role involves developing IAM services, collaborating with engineering teams, and ensuring secure authentication patterns. Candidates should have solid software development skills in Python or Go, experience with PKI and secrets management, and a strong understanding of identity protocols. This position offers a competitive salary and a hybrid work approach, with office presence required twice a week in San Francisco or New York City. #J-18808-Ljbffr

A fast-paced MCA company is seeking an AI & Automation Developer to enhance the underwriting process through innovative automation solutions. This role involves building systems to streamline data capture and analysis. The ideal candidate will have strong technical skills, experience in automation, and the ability to create efficient workflows. A detail-oriented approach and problem-solving mindset are essential. The role offers a competitive salary of $150k/year and an opportunity to work on impactful projects that improve operational efficiency. #J-18808-Ljbffr

12+ years of experience working with the ServiceNow platform in multiple roles (Architect / Developer / Business Analyst etc.) Proven track record in independently managing end-to-end ServiceNow implementations for at least two application suites (ITSM / ITOM / SecOps etc.) Proven track record as a platform owner / lead for mid/large ServiceNow deployments for global organizations Minimum 5 years of experience in supporting ServiceNow sales; with hands on experience in with solution design, pricing, effort estimation, solution defense and drafting Statement of work. Strong understanding of ServiceNow versions, features and licensing models. Must have good communication and articulation skills with experience interacting with C-Suite stakeholders Experienced working in an onsite - offshore model; managing offshore teams remotely. Must have experience in independently driving discovery, design and ‘art of possible' workshops with customers and can identify and map business requirements against platform capabilities. Strong domain expertise in two or more of the following areas: IT Service Management Customer Service Management Security Operations Governance, Risk and Compliance Strong working knowledge of some or all of the below ServiceNow application suites: ITSM ITOM IRM SecOps ITAM Must be ServiceNow certified

Define Martech architecture AEM Marketo Target Analytics CDP and integration patterns Orchestrate personalization marketing automation and measurement frameworks Partner with business marketing to translate use cases into scalable designs and roadmaps Guide implementation teams establish standards for quality security and performance Support presales POVs evangelize best practices across stakeholders

About Company:: Bristlecone is a supply chain and business analytics advisor, serving customers across a wide range of industries. Rated by Gartner as among the top ten system integrators in the supply chain space, we are uniquely positioned to solve contemporary business problems, with supply chain and analytics focus as our advantage. We have been a trusted partner and advisor to many leading, globally recognized companies such as Applied Materials, Exxon Mobil, Flextronics, LSI Logic, Mahindra, Motorola, Nestle, Palm, Qatar Petroleum, Ranbaxy, Unilever and Whirlpool and many others. Role Overview: The SAP IBP IO Architect is responsible for designing, implementing, and optimizing SAP Integrated Business Planning (IBP) solutions with a strong focus on the Inventory Optimization (IO) with knowledge of R&S module. This role combines deep technical expertise with strong business process knowledge to deliver advanced supply chain planning capabilities that drive inventory efficiency, service level improvements, and cost reduction. The ideal candidate will have extensive hands on experience in SAP IBP architecture, configuration, integration with S/4HANA or ECC, and strong knowledge of supply chain planning processes (inventory, demand, supply, and S&OP). Key Responsibilities: Lead the design and architecture of SAP IBP-IO solutions aligned with business objectives. Determine success criteria Define and maintain the solution architecture, data flows, and integration points with SAP ECC/S4HANA, APO, or non-SAP systems. Configure and implement SAP IBP Inventory Optimization models (e.g., safety stock calculation, multi-echelon inventory optimization). Set up key figures, planning areas, master data, and planning operators relevant to IO. Optimize algorithms and parameters to balance inventory levels, service targets, and cost objectives. Collaborate with business stakeholders, process owners, and IT teams to translate business requirements into functional and technical designs. Conduct workshops and training sessions for key users and planners. Travel to various client slides to work with planners . Required Qualifications: Bachelor's degree in Supply Chain Management, Information Systems, Engineering, or related field. 12- 15 years years of experience in SAP Supply Chain Planning solutions. 5+ years of hands-on experience with SAP IBP, with at least 2 Implementations focused on Inventory Optimization (IO). Experience integrating SAP IBP with S/4HANA, ECC, or non-SAP ERP systems using CPI-DS or other middleware tools. Familiarity with SAP Best Practices for IBP and Supply Chain Planning KPIs. Strong analytical and problem-solving skills with attention to detail. Excellent communication and stakeholder management abilities.

Are you an experienced, passionate pioneer in technology who wants to work in a collaborative environment? As an experienced Security Architect you will have the ability to share new ideas and collaborate on projects as a consultant without the extensive demands of travel. If so, consider an opportunity with Deloitte under our Project Delivery Talent Model. Project Delivery Model (PDM) is a talent model that is tailored specifically for long-term, onsite client service delivery. Recruiting for this role ends on 03/13/2026 Work you'll do/Responsibilities + Responsible for supporting the team with secure network designs and regulatory requirements. + Translate business objectives and risk management strategies into practical, secure technological solutions. + Ensure security principles are infused at every level of the enterprise. + Communicate regularly with Engagement Managers (Directors), project team members, and representatives from various functional and / or technical teams, including escalating any matters that require additional attention and consideration from engagement management + Independently and collaboratively lead client engagement workstreams focused on improvement, optimization, and transformation of processes including implementing leading practice workflows, addressing deficits in quality, and driving operational outcomes The Team Our Cyber Operate offering develops and transforms cyber programs in line with a client's strategic objectives, regulatory requirements, and risk appetite. It keeps the enterprise a step ahead of the evolving threat landscape and gives stakeholders confidence in the organization's cyber posture. Includes design of the cyber organization, governance, and risk assessments. Qualifications Required + Bachelor's degree, preferably in Computer Science, Information Technology, Computer Engineering, or related IT discipline; or equivalent experience + 5+ years of proven experience as a Security Architect + Experience with information security engineering + Experience with security compliance (NIST Cybersecurity Framework) + Strong understanding of secure architecture methodologies. + Experience with incidence response + Limited immigration sponsorship may be available + Ability to travel 10%, on average, based on the work you do and the clients and industries/sectors you serve Preferred + Experience with Security Operations The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $90,000 to $150,000. You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. Additional Requirements Information for applicants with a need for accommodation: ************************************************************************************************************ All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Provide proven expertise and knowledge in Governance, Risk and Compliance (GRC), internal and external audit and assessment support and Information Security assurance initiatives. A firm knowledge of security compliance controls i.e NIST 800-53r4, HIPAA, HITECH, ISO27001 and other security standard frameworks is an absolute requirement. Gather and analyze metrics, key risk indicators and maintain scorecards defined within the area of information security to ensure the information security program is meeting governance expectations and maturity. This candidate must be familiar with general security risk management principals, healthcare and government-designed security control standards and best practices for security and privacy. Candidate should be familiar with documented security plans, procedures, supporting evidence and risk rating standards based on NIST and other risk management frameworks. Assist with evaluation and testing as well as work with the applicable teams to track, address, and remediate audit and assessment findings to closure. Candidate must be familiar with threats and vulnerabilities, latest trends and risks and be able to understand the technical remediation action steps or plans and communicate them effectively to teams within the organization. Manage policy exceptions with requestors and coordinate the annual exception review process. Requires working directly with various teams to document exceptions, identify compensating controls, and remediation action plans accordingly. Provide process improvement suggestions for more effective management and review of exceptions. Support and help mature the overall security management program. Should be familiar with general governance, risk and compliance (GRC) programs with specific knowledge of government practices, and security risk and policy management. Provide support for ongoing BAA, third party risk reviews, including initial inherent risk, ongoing residual risk, and attestation campaigns. Support and help maintain risk appetite frameworks focused on security and business continuity risks. Additionally, support and maintain other general regulatory risk assurance program functions. Support and address regular IT general controls (ITGC) activity reviews and be able to rate and score maturity and compliance to standard control objectives. A knowledge of security architectures including SDLC, cloud or multi-tenant infrastructure and environments and network/boundary architectures. Should be familiar with SIEM, DLP, and other reporting and protection capabilities. Qualifications This position requires: BS or BA degree in a related field or equivalent work experience. Minimum 5 years in information security, Risk Management, IT compliance, or security/IT risk related field. Strong oral and written communication, as well as good interpersonal skills. Knowledge and experience in standard security and regulatory frameworks including HIPAA, HITECH, NIST 800-53, other NIST standards, ISO 27001/31000, FFIEC and PCI. Possess the ability to solve a wide range of complex problems, requiring ingenuity and innovation. Preferred/Nice-to-haves: Experience using GRC platforms or rating scorecards to show compliance levels and maturity. Experience with SharePoint administration, including workflow and process design. Current Certified Information Systems Security Professional CISSP certification (or similar security profession certificate). Current Certified Information Systems Auditor CISA certification (or similar). Additional Information PlanIT Group, LLC is an Equal Opportunity/Affirmative Action (M/F/D/V) Employer. All your information will be kept confidential according to EEO guidelines.

Outcomes. Delivered. Voyatek, formerly GCOM Software and OnCore Consulting, delivers outcome-driven technology solutions to public sector agencies and higher education institutions nationwide. For example, our technology: Facilitates access to nutritious food for children of mothers participating in the WIC program Supports first responders in reducing opioid overdoses within their communities Empowers colleges and universities to identify and thwart financial aid fraud Equips teachers with valuable insights to identify students requiring additional support Enhances efficiency for state tax agencies, leading to 99% faster return processing and quicker refunds for taxpayers With a focus on Tax & Revenue, Health & Human Services, and Justice & Public Safety, Voyatek combines the scale to support large complex projects with the agility and accessibility of a boutique solutions provider. Together, Voyatek and its customers work to improve population wellbeing, create safer communities, and foster a thriving economy. We're more than a technology company -- we're an outcomes company. We encourage our employees to think differently, ask tough questions, and relentlessly pursue what's best for our customers and the residents they serve. We believe that the value of technology is defined by its human impact. If you agree, you've come to the right place. Voyatek is seeking applicants to occupy the position of SAP Security Analyst within our team. Client Details: The New York Power Authority (NYPA) is the largest state public power organization in the United States, renowned for its role in providing clean, affordable, and reliable energy. NYPA's mission is to power New York with clean energy while driving economic growth and sustainability. It focuses on reducing greenhouse gas emissions, modernizing the state's energy infrastructure, and promoting energy efficiency and innovation across sectors. New York Power Authority's (“NYPA”) current on-premise Enterprise Resource Planning (“ERP”) system, SAP ECC 6.0, is almost 20 years old and is approaching technological obsolescence. Systems Application and Products (“SAP”) has already released its statement of intent to end new development on that platform and is planning on removing it from standard support on December 31, 2027. Project Luminate is a program to replace NYPA's current on-premise ERP system with a cloud-based system to ensure an adaptable environment able to meet NYPA's needs. In 2023, NYPA awarded a contract to Gartner Inc. to perform a detailed readiness assessment to define key requirements that the new system has to meet and to identify current business process improvements that are critical to be addressed as a precursor to the transition to a cloud-based platform. Key Responsibilities: Participate in SAP GRC project, enhancement and support and other relevant assignments (as needed) and provisioning across various ERP application environments following the organizational guideline and procedure and perform the below activities. Configure and maintain SAP GRC tools, including Access Control, Risk Management, and Process Control and IAG. Provision and manage user accounts and access to SAP systems, ensuring that all access is granted in accordance with established policies. Design, configure, and maintain roles, authorizations, and user access within S/4HANA, ensuring appropriate access levels for users. Generate reports and conduct audits to monitor SAP security & ITGC controls and ensure compliance including SOD management and configuration. Investigate and resolve GRC-related issues, providing timely support to users and other IT teams. Maintain comprehensive documentation of security policies, procedures, and role designs. Work with cross-functional teams, including IT, business users, and auditors, to ensure alignment of security requirements and best practices. Qualifications: SAP ERP (S/4 Hana is added plus), Workday, Active Directory group, GRC AC 10.1 and above, Microsoft Azure, success factor, applicable functional knowledge for SAP security in the area like Finance, MM, ISU billing etc., SAP audit & compliance. Bachelor's degree in engineering, IT, or related field. 7-10 years of hands-on industry experience in SAP GRC AC and PC implementation and administration. Familiarity with SAP S/4HANA system landscapes, including Fiori authorizations in cloud-based environment (SAP RISE). Proficiency in using SAP security tools and configurations. Ability to identify, analyze, and resolve complex security and compliance issues. Strong interpersonal and communication skills, with the ability to effectively collaborate with diverse teams. The wage range for this role reflects the wide array of factors considered in compensation decisions. These factors include, but are not limited to, skill sets, experience, training, licensure and certifications, and geographic location. Compensation decisions are based on the unique facts and circumstances of each case. A reasonable estimate of the hourly range is $74.00 - $84.00. At Voyatek, we believe in supporting our employees with a comprehensive benefits package designed to enhance their well-being and professional growth. Please note that eligibility for certain benefits may vary based on your role and employment status. Health, Dental, and Vision Insurance Medical, Limited, & Dependent Flexible Spending Accounts (FSA) Health Savings Account (HSA) with Employer Contributions Company-Paid and Voluntary Life Insurance Long and Short-Term Disability Insurance Accident, Critical Illness, & Hospital Indemnity Insurance 401(k) Retirement Plan with Company Match and Immediate Vesting Wellhub Fitness and Wellness Platform Pet Insurance Training Opportunities Employee Referral Bonus Program We are committed to fostering a workplace that supports both your personal and professional aspirations. As part of our commitment to maintaining a compliant workplace, all final candidates will undergo and must pass a comprehensive background screening prior to starting work. This screening may include, but is not limited to, verification of employment history, education, criminal records, and other relevant checks. For certain positions, additional client-specific background screenings may be required in the future, in accordance with client requirements. Voyatek does significant work with Federal and State tax and revenue authorities. If applicable to this role, all hires will be required to obtain a Federal Public Trust Clearance (Moderate Background Investigation). This clearance process may start upon offer acceptance; and must be cleared prior to working on these projects. If you think you are a good fit for us, we encourage you to apply. Check out our career website for all open positions! Voyatek provides equal employment opportunities to all employees and applicants for employment. Voyatek will make employment decisions without regard to race, color, creed, ancestry, national origin, citizenship, sex or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status or domestic violence victim status, religion, age, disability, genetic information, service in the military, or any other characteristic protected by applicable federal, state, or local laws and ordinances. Employment decisions include all terms and conditions of employment, including recruitment and hiring, job assignment/placement, promotion, upgrading, demotion, termination, layoff, recall, transfer, leave of absence, rates of pay or other compensation, internship, and training.

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: * Secure the Magic by protecting information systems and platforms. * Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. * Strengthen the business through optimizing execution, application, and technology used to protect the Company. * Innovate by investing in core capabilities to enhance operational efficiency. Team Description: Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. What You'll Do: * Independent audit support for: * SOX 404 ITGCs * PII * PCI * ISPS * Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. * Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. * Develop and lead the Control Assurance Programs (ISPS and SOX). * Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. * Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. * This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. * Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. * Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) * Ensure for timely management response of audit findings into our corporate SOCD/SAD. * Oversee ISPS Management Audit coordination and open action plans. * Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. * Management of GRC workflows around coordination of certifications and attestations. * Partner with leadership to support the PCI-DSS compliance program. * Develop training materials, coordinate training sessions, and monitor compliance with training requirements. * Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. * Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. * Provide executive level updates on Compliance programs Must Haves (Years of Experience, languages, programs, tools, etc.): * Minimum of 8 years of related work experience, with 3 in management roles * IT SOX experience and proven experience in supporting IT audit/compliance functions * Experience in managing people * Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives * Interpersonal skills with the ability to work with teams cross-functionally * Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators * Detail-oriented but able to understand the big picture. Highly organized and efficient * Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments * Experience with cloud-based services, specifically AWS Nice To Haves (see above): * Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR * Experience working with companies that have a heavy microservice architecture Education: Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. About The Walt Disney Company (Corporate): At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe. About The Walt Disney Company: The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate). Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information or disability, or any other basis prohibited by federal, state or local law. Disney champions a business environment where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a constantly evolving world. Apply Now Apply Later Current Employees Apply via My Disney Career Explore Location

The Director of Information Security & Assurance (ISA) is responsible for establishing and maintaining an enterprise-wide information security program to support the confidentiality, integrity and availability of Seneca Gaming Corporation's information assets. The Director of ISA collaborates and consults with IT management and business units to develop appropriate security controls. The Director leads the development of information security policies, procedures, and best practices and works with internal and external teams to implement and promote compliance with those procedures, best practices and/or regulatory compliance requirements. The Director of ISA is responsible for the development of an information security & assurance strategy within the context of a risk-based approach. This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements. This position requires a visionary leader with strong leadership skills, business acumen and technology. The Director of ISA will work proactively with business units to implement practices that meet defined policies and standards for information security lead IT risk management activities. The Director will report directly to the CIO and provide guidance for all Information Technology Security and Assurance concerns. The Director will also have an indirect reporting relationship to the SGC Audit Committee for audit compliance services. ESSENTIAL FUNCTIONS AND RESPONSIBILITIES: 1. Works in close partnership with VP of Information Technology / CIO to ensure coordinated and effective information security operations across all systems and platforms. 2. Works closely and collaborates with Technical Services, Systems, Network, Operations, Applications and Support teams to ensure alignment between the information security and the enterprise information technology architecture, thus coordinating the strategic planning implicit in these architectures. 3. Leads and oversees the daily operations of the information security & assurance department and develops programs and best practices on information security domains such as access control, telecommunications and network security, risk analysis and security governance, security architecture, cryptography, operational security, application security, and business continuity/disaster recovery. 4. Together with the CIO, develops, implements, and monitors, a strategic, comprehensive enterprise information security and risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization. 5. Manages the enterprise's security organization, consisting of direct reports and indirect reports and leads all hiring, training, staff development, performance management and annual compensation reviews. 6. Identifies legal, regulatory, organizational and other requirements and provides recommendations for managing the risk of non-compliance. Identifies gaps between current and desired risk levels. 7. Develops and communicates organizational information security policies and standards. 8. Leads the development of and provides management oversight for the information security operating and capital budgets and monitors for variances. 9. Creates and manages information assurance and risk management awareness training programs for all employees and approved system users. 10. Acts as the liaison between Internal Audit, Legal, Human Resources and Compliance Departments providing leadership and oversight for audit and information assurance activities. 11. Works directly with the business units to analyze information security risks and recommends appropriate risk treatment options to manage risk to acceptable levels. 12. Provides subject matter expertise to executive management on a broad range of information security standards and best practices, such as CIS, NIST, NIGC MICS, PCI DSS, COBIT, ITIL. 13. Provides strategic and tactical security guidance for all IT projects, including the evaluation and recommendation of technical controls. 14. Creates and facilitates the information assurance risk assessment process, including reporting and oversight of remediation efforts to address negative findings. 15. Collaborates on the development of a secure information technology infrastructure that provides reliable, resilient, responsive and secure enterprise information technology services. 16. Manages security incidents and events to protect corporate IT assets, including intellectual property, fixed assets and the company's reputation. 17. Coordinates the use of external resources involved in the information assurance program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources. 18. Assists in the development of effective disaster recovery policies and procedures. 19. Develops business-relevant metrics to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation and increase the maturity of the security program. QUALIFICATIONS/REQUIREMENTS: Education/Experience: 1. Must be 18 years of age or older upon employment. 2. Bachelor's Degree in an Information Technology related field. 3. Minimum of ten (10) years of experience in an Information Technology management role with a combination of information technology and demonstrable information security and assurance responsibilities. 4. Minimum of five (5) years in Information Technology project management, systems design and integration and experience leading project teams using formal project management methodologies 5. A level of pertinent security/risk-focused certification, e.g. Security+, CISSP, CISM, CISA, CRISC. 6. An equivalent combination of education and/or experience may be substituted for the above requirements. 7. A deep understanding of and extensive experience with implementing network operating systems, systems design and enterprise architecture, systems development lifecycle (SDLC), project management methodology, asset management, access control systems, network communication protocols and topology, security engineering, public key infrastructure and identity and access management concepts. 8. Experience with security/risk-specific program/program component development, e.g. information security governance & continuous improvement, security awareness, vulnerability management, data protection, endpoint protection, identity & access management, cryptography & key management, business continuity/disaster recovery, incident response. 9. Direct experience with IT-based audit processes. 10. Excellent written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and nontechnical audiences. 11. Must be a critical thinker with strong problem-solving skills. 12. Knowledge of technological trends and developments in the area of information assurance and risk management. 13. Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals. 14. Knowledge of security and control frameworks, such as CIS, NIST, NIGC MICS, PCI DSS, COBIT, and ITIL. 15. Experience with contract and vendor negotiations. 16. High level of personal integrity and ethical standards and the ability to professionally handle confidential matters and exemplify the appropriate level of judgment and maturity. 17. High degree of initiative, dependability and ability to work with little supervision. 18. Must possess and maintain a valid driver's license and be able to substantiate a safe driving record within the parameters acceptable to our liability insurance carrier. Language Skills and Reasoning Ability: 1. Must possess excellent communication skills: listening, writing, speaking, and interpersonal skills. 2. Must have the ability to speak effectively to the public, employees, customers and vendors. 3. Must have the ability to deal effectively and interact well with the customers, vendors and employees. 4. Must have the ability to resolve problems/conflicts in a diplomatic and tactful manner. Physical Requirements and Work Environment: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually moderately loud. When on the casino floor, the noise levels increase to loud. Must be able to work in an environment where smoking is permitted. 1. Must be able to stand, walk, and move through all areas of the casino. 2. Maintain physical stamina and proper mental attitude to work under pressure in a fast-paced, casino environment and effectively deal with customers, management, employees, and members of the business community in all situations. Salary Starting Rate:$143,936.95 Compensation is negotiable based on experience and education. Each position has varying minimum qualifications. In the absence of fully qualified candidates, some requirements may be waived.

HOURLY RANGE: $52.51 - $72.97 DISTINGUISHING FEATURES OF THE CLASS: The work involves assisting the Chief Healthcare Information Security Officer (CISO) in managing the Information Security Program at the Erie County Medical Center Corporation (ECMCC). The work involves addressing the electronic systems architecture and functionality as it affects safeguards of protected health information (PHI) and business information assets, as directed by the Healthcare Information Security Director or CISO. The incumbent monitors, assesses the IT business continuity and disaster recovery program and performs network penetration tests, application vulnerability assessment scans, and risk assessment reviews. The work is performed under the general direction of the Healthcare Information Security Director or CISO. Supervision may be exercised over lower-level technical staff. Does related work as required. TYPICAL WORK ACTIVITIES: Manages the Information Security Program procedures, technical systems and workforce training to maintain the confidentiality, integrity, and availability of data within all information systems; Coordinates resources (staff, equipment, vendors, and consultants) across projects, manages the budget for assigned projects), monitors project progress (risks & issues) and adjusts resources and priorities accordingly; Drives adoption of secure hardening and configuration practices in the systems security deployment cycle throughout central technology and line of business technical engineering teams; Performs information security awareness and training to educate workforce about information risks; Prepares and presents progress reports for management and ensure technologies are appropriately integrated to support the objectives of Cybersecurity Program; Provides subject-matter-expertise in the discipline of Core Platform security to Cybersecurity operation team and others; Provides consultancy for secure system design, development, engineering, and operation; Provides project management and operational responsibility for administrative coordination and implementation of the organization's security program; Assists in development of Security Program Policies and enforces policies and procedures; Assists with enforcement of access control needs of the organization; Identifies and helps implement continuous process enhancements/improvements to Cybersecurity Operations; Assists in managing information security directives as mandated by Federal and State regulations, including but not limited to the Health Insurance Portability and Accountability Act (HIPAA); Assists with disaster recovery, business continuity, incident response, and risk management programs; As directed by the Healthcare Information Security Director of CISO, performs or works with third-party consultants to perform information risk assessments, security audits, and accreditation surveys, ensuring that information systems are adequately protected and meet HIPAA certification requirements; Participates in accreditation surveys; Attends and participates in meetings, seminars, and training sessions. FULL PERFORMANCE KNOWLEDGE, SKILLS, ABILITIES AND PERSONAL CHARACTERISTICS: Thorough knowledge of state of the art computer security; good knowledge of project management and development; good knowledge of internal computer logic, programs and facilities; good knowledge of technical infrastructure security components and integrated computerized rules-based systems; familiarity with Federal and State privacy and security laws and regulations and industry best practices as they relates to healthcare information security; ability to enforce programs to ensure the security of health information across a widely dispersed workforce with a variety of information mediums; ability to read, interpret and apply technical information; ability to analyze and resolve security problems quickly; ability to supervise others; ability to establish and maintain effective working relationships with a diverse constituency; critical thinking skills; problem solving skills; technical skills; capable of performing the essential functions of the position with or without reasonable accommodation. MINIMUM QUALIFICATIONS: * Possession of a Master's Degree* in Health Information Systems, Computer Science/Computer Programming, or related computer technology or healthcare related field and one (1) year of experience in computer or information security which included experience with federal and state privacy and security laws, regulations and accreditation standards for maintaining information security and confidentiality; or: * Possession of a Bachelor's Degree* in Health Information Systems, Computer Science/Computer Programming, or related computer technology or healthcare related field and three (3) years of experience in computer or information security, one (1) year of which included experience with federal and state privacy and security laws, regulations and accreditation standards for maintaining information security and confidentiality; or: * An equivalent combination of training and experience as defined by the limits of (A) and (B). Information Security, for the purpose of qualifying applications, is defined as the processes designed and implemented to protect information, systems, and networks against unauthorized access, use or disruption utilizing various forms of technology. NOTE*: Your degree must have been awarded by a college or university accredited by a regional, national or specialized agency recognized as an accrediting agency by the U.S. Department of Education/U.S. Secretary of Education. If your degree was awarded by an educational institution outside the United States and its territories, you must provide independent verification of equivalency. A list of acceptable companies who provide this service can be found on the internet at ******************************************* You must pay the required evaluation fee. NOTE 2: Verifiable part-time and/or volunteer experience will be pro-rated toward meeting full-time experience requirements.

This role is located in New York City and will require a hybrid work schedule of at least 2 days in office per week. This role is for Vice President level candidates. About the Bank: Sumitomo Mitsui Trust Bank, Limited was established through the merger of The Sumitomo Trust and Banking Co., Ltd with Chuo Mitsui Trust and Banking, Ltd. on April 1, 2012. We are one of the largest asset managers in Asia and number one among Japanese financial institutions by AUM, with approximately $850 Billion USD in AUM. The Bank provides an assortment of financial solutions and manages a broad spectrum of financial products across its global branches. Department Overview: The Americas Division (“AD”) was established in the Sumitomo Mitsui Trust Bank, Limited, New York Branch) (“SMTBNY”) to perform corporate functions and supervise U.S. entities. Established under the AD are the “Global Banking Unit (“GBU”), Americas Division” and “Global Markets Unit (“GMU”), Americas Division” which performs business functions. Information Risk Governance (“IRG”) provides oversight to information and cyber security risk by maintaining and improving branch wide framework that is in-line with the Head Office and regulatory requirements and addresses Confidentiality, Integrity, and Availability for information assets. IRG establishes appropriate policies, procedures, measurement, and monitoring processes to proactively assess and evaluate cyber security and information security risks inherent in the Branch Operations. IRG is directly involved in all information and cyber security related projects, matters, and issues. Your Role Overview: To assist the Head of the Department with the day-to-day management and operation of the department. To assume the role of Information Security Officer and take the lead on overseeing the timely completion of the department's critical risk management projects. To provide direct assistance to the Head of the Department with regards to accomplishing the department's goals and objectives. To manage, guide and mentor other staff members with the preparation and completion of their assigned tasks. To contribute significantly to the overall success of the department in all key risk management and cyber security areas. Directly oversee completion of all critical projects, assist the HOD with implementing desired operational strategies and procedures. Recommend ways to improve efficiency, effectiveness, and productivity. Focus on proactive day-to-day operations. As ISO, assist with overseeing all information and cyber security matters. Your Duties and Responsibilities: Maintain and improve the information risk framework with guidance from HOD, address regulatory requirements, residual information risks specific to NY Branch Operations. Provide Information Security subject-matter-expertise to senior management. Work with IRT and coordinate incident responses to cyber security events. Keep abreast of industry wide information risk issues that could potentially have an impact on Branch Operations. Establish processes for communicating data classification guidelines and its governance. Oversee employee information security awareness training. Assesses and evaluates critical risk management projects: Annual Risk Assessment. Semi-annual Vulnerability Assessments. Special Risk Assessments done for a Particular Purpose Trend analysis of key risk management concepts and principles Attend the ISSRM and Branch Risk Management related meetings. Performs key information risk governance related tasks as described below: Provides User Access Control Governance. Monitors, analyzes and follows-up on Information Risk events/issues. Reviews information risk and proactively advises as necessary on: IT Projects/Issues Management process, Change Management Process, significant changes to IT procedures, IT Asset Management Report, key IT Vendor Contracts, IT Disaster Recovery Plan/Process, Record Retention Process, any related audit findings, etc. Establish and maintain Information Risk Key Risk Indicators (KRI). Periodically updates IT resources on Information risk related practices. Manages all information and cyber security policy and procedures manuals. Assist with the management of all matters related to Information Security and Information Risk Management, including directing appropriate Information/Applications Risk Assessments. Your Qualifications: Certification in Information Security (CISSP) required. 8+ years of Information Security related experience, IT Audit experience, preferred. Knowledge of Information Security principles, terminologies, and technologies required. Knowledge of Information Risk Management framework and principles required. Ability to analyze and design information security monitoring procedures and activities preferred. Detailed Knowledge and expertise in Technology Risk Assessments and Risk Analysis required. Excellent written and verbal communication skills, required. Good computer skills in Microsoft Office Excel and Word required. Strong project management and people management skills. preferred Why you should join SuMi Trust: SuMi Trust embraces flexible ways of working when the business and role permits. We provide employees with a hybrid working model, allowing for in-office work and work from home. Our diverse and inclusive environment along with our global presence enables us to collaborate and communicate to meet our business needs. We believe that efficient teams need truth, loyalty, and a strong sense of purpose to balance risk and their targets. We make sustainable business decisions to improve our society and the world. We believe that each person brings a unique value that drives the business though their creativity and passion. The Employee Benefits package includes: Paid Time Off, medical, HSA, vision, dental, FSA, 401(k), profit sharing, legal plan, cancer indemnity plan, disability insurance, life insurance, employee assistance program, commuter benefits, business travel accident, paid volunteer day, paid memberships, paid seminars, and tuition assistance. We offer many socialization opportunities for wellness, financial wellbeing, runs/walks, team building, happy hours, and activities to support the Sustainable Developmental Goals. Check out our LinkedIn for our employee experience: *************************************** We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law. SuMi Trust provides reasonable accommodations for employees and applicants with disabilities consistent with applicable law. If you need a reasonable accommodation during the application

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

About Us: Piermont Bank is a commercial bank with a mission to serve growth companies. We are entrepreneur-led and tech-forward. We believe in being a partner for enterprising companies, acting as a catalyst for mid-market innovation and growth. Piermont's financial solutions and expertise empower our business community to thrive. At Piermont, we are purpose-driven, practical, and offer fast answers and flexible solutions, creating value for clients in today's fast-changing economy. For more information, visit ********************* The Role: The Information Security Manager is responsible for developing, implementing, and maintaining the bank's information security program to protect sensitive data, systems, and infrastructure. This role ensures compliance with regulatory requirements, manages risk, and leads initiatives to safeguard the bank against cyber threats. The Information Security Manager will collaborate with IT, risk, and business teams to promote a culture of security awareness and drive continuous improvement in security practices. Responsibilities: Design, implement, and manage information security policies, procedures, and controls. Perform initial and annual due diligence on critical vendors and BaaS Third Party vendors. Monitor and respond to security incidents, vulnerabilities, and threats. Conduct risk assessments, security audits, and compliance reviews. Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.Lead security awareness training and education programs for employees. Collaborate with IT and business units to ensure secure system architecture and data protection. Maintain up-to-date knowledge of regulatory requirements (e.g., FFIEC, GLBA) and ensure ongoing compliance. Prepare reports for senior management on security posture, incidents, and risk mitigation activities. Manage relationships with external vendors, auditors, and regulatory agencies. Qualifications: Bachelor's degree in Information Security, Computer Science, or a related field; relevant certifications (CISSP, CISM, or similar) strongly preferred. Minimum of 7 years' experience in information security, preferably within banking or financial services. Strong knowledge of security frameworks, regulatory requirements, and risk management practices. Experience with security technologies, incident response, and vulnerability management. Excellent analytical, problem-solving, and communication skills. Ability to lead cross-functional teams and manage multiple priorities. High ethical standards and commitment to confidentiality and compliance. The hiring range for this position is $140,000 to $175,000 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's job-related knowledge, skills, and experience, among other factors. A bonus and/or incentives may be provided as part of the compensation package, in addition to the full range of medical, dental, vision, 401k, and other benefits. Piermont Bank is an equal-opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based upon race, religion, color, national origin, political affiliation, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability or other applicable legally protected characteristics.

Hours: 37.5 Line of Business: Technology Solutions Pay Details: 91,200 - 136,800 CAD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Job Description: TD Bank is seeking a strategic and technically skilled Manager to join our Information Security team, focused on strengthening our fraud detection, authentication, and CIAM (Customer Identity and Access Management) capabilities. This role will lead the expansion of our monitoring and alerting footprint across enterprise platforms, ensuring control effectiveness, regulatory alignment, and rapid incident response in a complex financial environment. Key Responsibilities * Lead the design and deployment of monitoring and alerting strategies using Splunk, Datadog, Dynatrace, and Databricks across TD's digital ecosystem * Define alert thresholds and tuning logic to minimize false positives while maintaining high sensitivity to fraud and access anomalies * Oversee triage workflows for triggered alerts, coordinating with global teams to ensure timely investigation and resolution * Develop governance frameworks for alert lifecycle management, including setup, ownership, escalation, and audit readiness * Monitor control effectiveness across CIAM, authentication, and fraud domains, driving continuous improvement * Collaborate with fraud and cybersecurity teams to support incident investigations and mitigation strategies * Analyze alert trends and performance metrics to inform strategic improvements and risk prioritization * Champion automation and workflow optimization for alert handling, reporting, and compliance documentation * Ensure alignment with TD's enterprise risk management and regulatory obligations (e.g., OSFI, OCC) * Provide mentorship and leadership within the security monitoring team, fostering a culture of accountability and innovation Required Qualifications & Expertise * 5+ years of experience in information security, CIAM/fraud detection, or observability engineering within financial services * Hands-on expertise with Splunk, Datadog, Dynatrace, and Databricks for alert creation, analytics, and dashboarding * Strong understanding of CIAM, authentication protocols, and fraud risk indicators in regulated environments * Experience designing governance frameworks and control monitoring programs aligned with financial compliance standards * Proven ability to lead cross-functional teams and drive incident response processes across geographies * Excellent communication and documentation skills, with a strategic mindset and attention to regulatory detail Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation Your accessibility is important to us. Please let us know if you'd like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process. We look forward to hearing from you! Language Requirement (Quebec only): Sans Objet

About Hofstra Hofstra University is nationally ranked and recognized as Long Island's largest private university located in Hempstead, N.Y. When you work at Hofstra, you join a team of talented professionals committed to preparing students for the challenges of tomorrow, in an environment that cultivates learning through the free and open exchange of ideas for the betterment of humankind. The work we do at Hofstra supports the education and well-being of our students, and the workforce of the future. While working towards this mission, employees can take advantage of many enriching experiences on campus. Whether it's a lunchtime lecture, a Division I NCAA athletics game, a musical concert, a theatre performance, or a visit to one of our two accredited museums, there is always something exciting to do at Hofstra. Enjoy the ease of going to the fitness center, taking a swim, or grabbing a bite to eat without having to leave our beautiful campus! Hofstra University is dedicated to recruiting and retaining a highly qualified and diverse academic community of students, faculty, staff, and administrators respectful of the contributions and dignity of each of its members. We welcome applications from individuals of all backgrounds and experiences and are committed to building a diverse and inclusive community. Position Title Director of Information Security Position Number 896570 Position Category Administration School/Division ITS Information Security (division) Department ITS Information Security Full-Time or Part-Time Full-Time Description Reporting to the Chief Information Officer (CIO), the Director of Information Security is a member of the ITS senior leadership team and works closely with the campus community, including academic and administrative departments. The Director is an advocate for the University's information security needs and is responsible for the development and delivery of a comprehensive information security strategy to optimize the information security posture of the University. The Director leads the development and implementation of a security program that leverages collaborations and campus-wide resources, facilitates information security governance, advises senior leadership on security direction and resource investments, and designs appropriate policies to manage information security risk. The complexity of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a sophisticated ability to work with other leaders to set the best balance between security strategies and other priorities at the campus level. Information Security Program Leadership * Responsible for the strategic leadership of the University's information security program. * Provide guidance and counsel to the CIO and key members of the University's leadership team, working closely with senior administration, academic leaders, and the campus community in defining objectives for information security, while building relationships and goodwill. * Manage institutional information security governance processes. * Lead information security planning to establish an inclusive and comprehensive information security program for the entire institution in support of academic, research, and administrative information systems and technology. * Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services, and create maturity models and a roadmap for continual program improvements. * Stay current with information security issues and regulatory changes affecting higher education at the state, national, and global levels. Participate in policy and practice discussions and communicate to campus on a regular basis about those topics. Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position. * Provide leadership philosophy for the ITS Information Security team (currently two staff, in addition to the director), create and maintaining strong working relationships with other teams, build respect for the contributions of all and bring groups together to share information and resources and create better decisions, policies, and practices for the University. * Provide mentorship to Information Security team members and implement professional development plans for all members of the team. * Special projects and other duties as assigned. Policy, Compliance, and Audit * Participate in the development and implementation of effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation. * Lead efforts to internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the University's information and technology systems. * Work with Internal Audit, outside auditors, and other consultants as appropriate to complete security assessments and audits. * Coordinate and track all information technology and security related audits including scope of audits, units involved, timelines, participants, and outcomes. Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the institution in its best light. Provide guidance, evaluation, and advocacy on audit responses. * Work with University leadership and relevant responsible compliance department leadership to build cohesive security and compliance programs for the University to effectively address applicable statutory and regulatory requirements. Outreach, Education, and Training * Work closely with other ITS leaders, technical experts, and academic and administrative leaders across campus on a wide variety of security issues that require an in-depth understanding of the IT environment in their units, as well as the research landscape and regulations that pertain to their unit's research areas. * Create education and awareness programs and advise academic and administrative units at on security issues, best practices, and vulnerabilities. * Work with campus groups to build awareness and a sense of common purpose around information security. * Pursue student security initiatives to address unique needs in protecting identity theft, mobile social media security, and online reputation program. Risk Management and Incident Response * Keep abreast of security incidents and act as primary control point during significant information security incidents. Convene a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidences that arise. * Develop, implement, and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk. * Provide leadership, direction, and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies. * Examine impacts of new technologies on the University's overall information security. Establish processes to review implementation of new technologies to ensure security compliance. Qualifications * Bachelor's degree required. * Minimum five years of full-time professional experience in information technology, including evidence of successful and progressively responsible roles in information security or related area (including growth in levels of responsibility, complexity of work, numbers, and sophistication of employees) related to the essential responsibilities listed. * Demonstrated fluency in written and spoken English with the sophistication necessary to effectively communicate technical details to both technical and non-technical individuals. * Demonstrated willingness and ability to carry out the essential responsibilities listed with humility, grace, and optimism. * Demonstrated understanding of, sensitivity to, and respect for the academic, cultural, and social diversity in the Hofstra University community. Preferred Qualifications * Advanced degree in computer science, computer engineering, information security, or related field strongly preferred. * One or more relevant professional certifications (e.g., CISSP, CISM/A, etc.) strongly preferred. * Experience with state and federal information security regulatory requirements (GLBA, FERPA, HIPAA, etc.) and other compliance requirements (PCI, etc.). * Knowledge of and experience applying industry-standard IT security frameworks (NIST, IHECF, etc.). * Significant experience in computing and information security, network security issues, and security incident response and recovery in a higher education environment. * Significant experience in communicating information security principles and concepts to non-technical stakeholders, and success in improving cybersecurity awareness in a higher education environment. * Working knowledge of the information security policy and regulatory environment of information security, particularly in higher education. * Demonstrated experience and success in advising and collaborating with key stakeholders relevant to the essential responsibilities listed, including senior leadership, Internal Audit, outside auditors, and consultants. * Professional experience in a leadership role in a higher education institution. Special Instructions Deadline Open Until Filled Date Posted 09/18/2023 EEO Statement Hofstra University is an equal opportunity employer and is committed to extending equal opportunity in employment to all qualified individuals without regard to race, color, religion, sex, sexual orientation, gender identity or expression, age, national or ethnic origin, physical or mental disability, marital or veteran status or any other characteristic protected by law. Salary/Salary Range $160,000 - $170,000 Additional Information Hofstra University provides the above salary* as a good faith estimate of the starting pay range which considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience and education. In addition to the salary offered, we offer a collegial and inclusive culture, and a benefits program which includes generous paid time off, paid holidays, tuition remission for employees and eligible dependents, and a retirement plan with University contributions. * Salary ranges indicated for positions covered under a Collective Bargaining Agreement are in accordance with the CBA.

The Systems Engineer position is responsible for providing full cycle implementation and support of customer systems, while working across multiple company departments to ensure full client satisfaction. Under the direction of a manager or dispatcher, coordinates the design and maintenance of all access control, intrusion, and video surveillance systems. Incumbent receives and evaluates work orders and requests, investigates requests and troubleshoots problems where appropriate, establishes priorities and coordinates with contractors, when required. Requirements Essential functions and responsibilities: Assists with security systems integration, mapping and software updates and helps train personnel in the use of these systems. Assists on new projects in both existing areas and new construction helping with security assessments, vendor selection, technology upgrades, product selections, testing, field verification of systems and inspection of work in progress for compliance with standards Assess work sites, conditions, and logistics for each project; Develop Method of Procedure based on pre-project assessment. Design, develop and provide documentation of systems, configurations, and other pertinent information for the customer. Communicate with clients to resolve issues in a professional and confidential manner; Develop and execute client specific solutions. Manage the allocation of project resources, including software, hardware, tools, and related items specific to each customer and/or project. Direct the work responsibilities of union labor personnel based on specific project needs. Design and oversee training programs for new and existing customers; Determine which customers receive training. Collaborate with Customer Relationship Managers on demonstrations for new and potential clients. Perform installation, configuration, programming, and final commissioning of customer systems. Work collaboratively with installation, project management and engineering teams. Perform infrastructure services, including pulling cables, installing wall, and ceiling cabling, and installing surface mounted devices, as required. Perform system wiring and terminations services, as required. Deliver on-going remote and on-site technical support for existing customers and systems. Additional responsibilities may be required as necessary, including but not limited to: Provide internal support for basic trouble shooting. Organizes and manage parts stock and tools. Perform other duties as needed. Success factors/job competencies: Effectively communicate both in writing and verbally Work independently and prioritize multiple tasks and adapt to needed change Analysis Mechanical aptitude Comprehend technical language and read and interpret blueprints, wiring diagrams, and schematics Safety orientation Customer Focus Attention to Detail Teamwork/Collaboration Stay abreast of changes in security technology Physical demands and work environment: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Individual will be required to travel to customer sites as needed. While performing the duties of this job, the employee is occasionally exposed to moving mechanical parts. The employee is occasionally exposed to outside weather conditions and risk of electrical shock. Individual will regularly be required to lift, push, pull, and carry up to 50 pounds, and occasionally up to 75 pounds. Incumbent will be required to use a computer with keyboard, telephone, or handheld mobile device for extended periods of time, and office machinery as needed. Incumbent must be able to read, see, hear, and speak. Workdays and Shifts: Position works Monday-Friday, daylight hours, and additional time as needed to complete work. Education/Certification(s)/License(s) required: Bachelor's Degree in Electronics, Information Technology or related field, or equivalent experience. May be required to participate in safety trainings and/or certifications provided by the Company or customers. Valid driver's license, as employee will be required to travel to local and overnight client sites as needed. Manufacturer specific certifications, as required. Responsible to maintain active certifications and obtain new and updated certifications as required by the Company. Experience/Other required: Position requires two (2) to three (3) years of relevant experience in the electronic services. Strong knowledge of Microsoft Office. Strong computer skills with advanced software aptitude. Security systems to include, service and maintenance across a broad spectrum of access control, intrusion and video surveillance systems such as, Genetec, Milestone, Bosch, and DMP. Applicants must be currently authorized to work in the United States on a full-time basis. Visa sponsorship is not available for this position. This is a full-time, in-person position, and candidates must be able to work from our office located in Pittsburgh, Pennsylvania.

Monitor and defend systems against unauthorized access, modification and destruction. Identify suspicious threats and activities Identify and spotlight vulnerabilities in networks, programs and applications. Correct problems and prevent security breaches. Design security elements to mitigate emerging threats Design, build, implement and support security systems Monitor network traffic for unusual activity Review, investigate and respond to real-time alerts within systems Monitor online security resources for new and emerging cyber threats Establish security requirements for networks and equipment Conduct monthly security audits and make policy recommendations Perform vulnerability and network scanning assessments Configure and support security tools such as Palo Alto firewalls, anti-virus software, patch management systems, etc. Contribute to and maintain business continuity and disaster recovery protocols Provide technical security advice and guidance based on prior experience Implement network security policies, application security, access control and corporate data safeguards Generate monthly reports and cyber security metrics dashboards Preparing the organization for security certifications Requirements A minimum of three years working as a Cyber Security Engineer Three years working experience threat hunting within a corporate environment with a global footprint Technical knowledge and experience in the installation and configuration of Palo Alto firewalls Experience setting up and configuring wireless access points, VPNs, endpoint security solutions and desktop operating systems Demonstrable experience related to IT governance and risk management Benefits Note: If interested please send your updated resume to : ***************************** and include your rate/Salary requirement along with your contact details with a suitable time when we can reach you. If you know of anyone in your sphere of contacts, who would be a perfect match for this job then, we would appreciate if you can forward this posting to them with a copy to us. We look forward to hearing from you at the earliest.