Security architect jobs in Hemet, CA

Required Skills & Experience: Bachelor's degree in a related field preferred but not required. 5+ years of experience in a SOC or similar security environment. Expertise with SIEM, EDR, CSPM tools; strong skills in SQL/KQL/Cypher for data analysis. Proven ability to lead complex investigations and coordinate across technical and business stakeholders. Solid understanding of cybersecurity frameworks (MITRE ATT&CK, NIST CSF, NIST SP800-61r3). Experience with log aggregation technologies and SIEM tuning processes. Job Description: A large financial services customer based in Irvine, CA is seeking a Cyber Security Operations Analyst, focused on Incident Response. This individual will lead Incident Response, and act as a technical expert within the SOC. This team protects the organization from cyber threats. This role requires strong analytical skills, leadership in high-severity incidents, and deep knowledge of security tools and frameworks. Pay: 50-65/hr

Property: 101 INNOVATION (0008) Division: Innovation Technology (IT) The Principal Cloud Security Architect is responsible for developing and leading the secure cloud computing strategy for Irvine Company. This includes working with Infrastructure and Development groups to understand their Cloud Platform adoption plans, hosted application designs, and cloud management and monitoring methods. The principal cloud security architect will define architecture patterns and standards based on industry best practices and insights regarding application architecture and deployment in cloud environments. The Principal Cloud Security Architect will work collaboratively with domain architects and lead security engineers to build security controls and solutions compliant with approved architecture frameworks and standards. This role also applies their cloud security, network architecture, hardening, and logging enforcement skills to lead all technical operation teams with containment and remediation workstreams related to security incidents. Job Duties: * Leads the overall cloud security architecture strategy and technical framework including standards/guidelines/procedures/requirements for infrastructure and software development. * Enable the business through technical leadership to influence peers across Innovation Technology and Business Leadership to design and implement cybersecurity technology, and assist application and infrastructure teams secure implementation of technology. * Lead security assessments, identify gaps in existing security architecture, and recommend changes or improvement. * Lead assessment of appropriate vendor relationships related to information security tools, technology and cloud services; manage proof-of-concepts that enable the business while reducing risk; maintain currency with emerging technology; maintain security roadmap. Develop and maintain enterprise security requirements and controls that drive the selection of security tools as well as assist Business Units and IT in selecting solutions to meet their needs. * Create solutions that align enterprise security architecture frameworks and standards (e.g. SABSA, NIST 800-53, ISO 27002) with overall business and security strategy. * Participate as the primary security subject matter expert in the Information Technology Architecture Committee (ITAC) by reviewing risks of new technology, ensuring secure integration of technology and driving a secure architecture roadmap. * Maintain a leadership role in the Architecture Review Committee through extensive experience in security technology and cloud architecture to drive a balanced approach to Irvine Company's overall technical architecture. This responsibility also requires mentorship of domain architects to mature their techniques and to think beyond their specific area of responsibility. * Establish and manage the threat management/intelligence program (including threat modeling, assessment, hunting) to support the Security Operations Center (SOC) and integrate with the risk management functions. * Assist Security Operations to assess and investigate security incidents, and work with application and operations teams throughout the investigation cycle to ensure remediation, eradication and lessons learned are rolled back into daily operations. * Build and maintain the Secure Software Development Lifecycle (SSDLC) including the development of secure coding standards, testing services, testing infrastructure, and compliance processes. * Manage the development and maintenance of the data protection program including discovery, data-flow/mapping and Data Loss Prevention (DLP). * Help identify new exploits, threats, and mitigations for detection engineering and define and maintain domain and enterprise level threat modeling. * Mentor junior cybersecurity staff in cybersecurity technology, architectural methods and technical process development. Minimum Qualifications / Other Expectations: Education & Experience: * Bachelor's degree in computer science, engineering or related field. * 15+ years in information risk management and information security technology, including 5+ years in security architecture and 5+ years in a cloud environment. * Strong written and verbal communications skills with the ability to create and present technical recommendations to executive management as well as influence and persuade peers and others. * Demonstrate a deep understanding of cloud concepts and architectures with a focus for how security controls are applied to cloud-based technologies. Example cloud concepts include, but are not limited to: * Architecture & Networking * Identity & Access Management * Securing the CI/CD Pipeline * Secrets and Data Protection * Logging, Detection, and Response * Security Controls for Containers (e.g., Docker, Kubernetes) * Experience managing cloud projects. * Deep understanding and implementation of industry-leading practices for cloud security risks using frameworks and standards such as CIS Benchmarks, Cloud Security Alliance, NIST SP 800-144, 800-145, 800-291, and 800-322. * Experience advising business and technical leadership on cloud architecture and design concepts based on compliance and regulatory standards (e.g., PII, PCI-DSS, PHI, GDPR, HIPAA). * Demonstrated experience in designing security architectures to mitigate threats including Zero Trust, cloud environments, applications, network infrastructure and data integration/management. * Experience in identifying gaps in existing architectures. * Demonstrated experience in architecting and implementing large complex security solutions and programs (i.e. SOC, Identity Management, SSDLC, DLP). * Experience in architecting security for cloud environments (IaaS, PaaS, SaaS) as well as leveraging cloud based security solutions. * Hands on experience with leading strategic security technology solutions to enable business flexibility including SD-WAN, Wireless networks and IoT. * Experience managing multiple projects of diverse scope and effectively collaborating in a cross-functional team environment. * Demonstrated knowledge on how business enabling technology (e.g. IoT, A.I.) increases the threat landscape, while understanding how to apply technology and process to mitigate cyber risk. * Knowledge of risk management processes and experience in conducting risk assessments. * Demonstrated ability to develop and implement the overall cybersecurity architecture in alignment with the risk posture of the organization. * Ability to automate common tasks in programming/scripting language and strong knowledge of application programming interface (API) interaction methods. * Experience being a part of a highly technical team, including Incident Response, Security Engineering, or Forensics teams. * Experience as an engineer in incident response efforts. This should include hands on experience completing tasks such as malware detection and analysis, memory analysis, and disk forensics. Certifications: * IT security certifications (CISSP, CISM, GIAC, CEH, GCIH, GCFE, GXPN, CISSP-ISSAP, SABSA or similar) preferred. Compensation: Base Pay Range: $197,400.00 - $235,100.00 Actual placement within this range may vary based upon, but not limited to, relevant experience, time in role, base salary of internal peers, prior performance, business sector, and geographic location. The Company also offers competitive benefits for full time employees including paid time off, matching 401(k), and health benefits. About Us: Irvine Company is a privately held real estate investment company and master-planner committed to creating and sustaining communities that thrive for generations. Irvine Company is respected for its master planning and environmental stewardship of the Irvine Ranch in Orange County, including diversified operations throughout coastal California. Irvine Company brings to life neighborhoods and sustainable communities with a full range of housing, jobs, retail centers, schools, parks and open space. We take as much pride in our employee community as we do the communities we create. It's an environment populated with talented and experienced people, a collaborative spirit and abundant opportunities. Apply today to join our employee community, and learn more about Irvine Company, our legacy and our guiding principles. Irvine Company is committed to providing equal opportunity in all of our employment practices, including selection, hiring, promotion, transfer, compensation, termination, and training, without regard to race, religion, color, sex, sexual orientation, gender, gender identity, national origin, ancestry, citizenship status, marital status, pregnancy, age, medical condition, genetic information, military and veteran status, disability, or any other basis protected by federal, state, and local law. Reasonable accommodation is available for qualified individuals with disabilities, upon request. #LI-Onsite Nearest Major Market: Irvine California Nearest Secondary Market: Los Angeles Job Segment: Real Estate, Engineer, Architecture, Sales, Engineering APPLY NOW "

Sr. Cloud Security Architect - (250000OA) Description Who We AreThrough our service brands Hyundai Motor Finance, Genesis Finance, and Kia Finance, Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai, Genesis, and Kia customers and dealerships. We provide vehicle financing, leasing, subscription, and insurance solutions to over 2 million consumers and businesses. Embodying our commitment to grow, innovate, and diversify, we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a values-driven company dedicated to supporting both internal and external communities through volunteering, philanthropy, and the empowerment of our Employee Resource Groups. Together, we strive to be the leader in financing freedom of movement. We Take Care of Our PeopleAlong with competitive pay, as an employee of HCA, you are eligible for the following benefits:· Medical, Dental and Vision plans that include no-cost and low-cost plan options· Immediate 401(k) matching and vesting· Vehicle purchase and lease discounts plus monthly vehicle allowances· Paid Volunteer Time Off with company donation to a charity of your choice· Tuition reimbursement What to ExpectThe Sr. Cloud Security Architect is a strategic technical leader responsible for designing and implementing secure cloud architecture across multiple platforms and service models. This role ensures that enterprise cloud environments-including SaaS, PaaS, and IaaS-are resilient, compliant, and aligned with cybersecurity standards. The architect will work closely with the IT Infrastructure Platform team to integrate security into infrastructure services and cloud-native platforms, including securing the Microsoft 365 (M365) ecosystem. This role will champion the adoption of Zero Trust principles and industry best practices, working cross-functionally to elevate the organization's cloud security posture. What You Will Do1. Cloud Security Architecture & Design:· Design Secure Cloud Infrastructure Environments: design and implement secure cloud architecture across AWS, OCI, GCP and other platforms. · Assess and Secure IaaS, PaaS, SaaS solutions: Identify cybersecurity risk and remediation activities to ensure our SaaS solutions such a Salesforce, M365, and other solutions are aligned with industry's best practices to ensure the security of our data stored and processed within these services. · Secure AI Utilization: design and implement security controls for AI/ML workloads in cloud environments, including securing model training pipelines, protecting sensitive data, and mitigating risks associated with adversarial AI, model drift, and generative AI misuse. · Develop reference architectures and security patterns that align with Zero Trust principles. · Lead threat modeling and risk assessments for cloud and hybrid workloads. 2. Cloud Security Engineering, Implementation and Operations Support:· Cloud Security Solution Management: manage and monitor our cloud native security solutions and monitoring tools to ensure optimal performance and visibility. · Provide Support and Guidance for Security Operations: Provide technical leadership and guidance to our Security ops teams and lead incident responses related to Cloud security events. · Review, monitor and Optimize: review current Cloud solution implementations, optimize cloud security utilization and improve efficiency and integration when possible. Create continuous monitoring of Cloud Security Compliance. · Collaborate with infrastructure and DevOps teams to implement security controls including IAM, encryption, segmentation, and monitoring. · Integrate cloud security tools (CSPM, CWPP, CIEM) into CI/CD pipelines and runtime environments. · Drive automation and infrastructure-as-code (IaC) practices using tools. · Define cloud security monitoring requirements and integrate with SIEM and SOAR platforms. · Support incident response and forensic investigations related to cloud and hybrid environments. · Conduct root cause analysis and recommend architectural improvements to prevent recurrence. 3. Collaboration and Innovation:· Cross-Functional Collaboration: Partner with IT Infrastructure and IT Application teams, DevOps, IAM, DLP, Security Operations, Information Protection Governance and business units to integrate security into digital transformation initiatives, such as cloud migrations, fintech innovations, and core banking systems. · Technology Evaluation: Research and evaluate emerging cybersecurity technologies (e. g. , AI-driven threat detection, PasswordLess authentication) to enhance architectural resilience and efficiency. · Automation and Orchestration: Design automated security workflows using tools like SOAR platforms (e. g. , Splunk SOAR, Palo Alto Cortex) to improve incident response and operational efficiency. · Knowledge Sharing: Mentor junior architects and engineers, sharing best practices and fostering a culture of security awareness across the organization. · Act as a subject matter expert (SME) for cloud and hybrid security across the enterprise. · Influence strategic decisions around cloud adoption, migration, and modernization with a security-first mindset. 4. Compliance and Regulatory Alignment:· Regulatory Compliance: Ensure cloud security architecture meets financial regulations (e. g. , PCI DSS, GDPR, Korean SOX, FFIEC, NYDFS) through secure design, documentation, and audit-ready configurations. · Policy Development: Contribute to the development of cybersecurity policies and standards, ensuring architectural designs align with regulatory and organizational requirements. · Vendor Evaluation: Assess third-party vendors and Managed Security Service Providers (MSSPs) for compatibility with architectural designs and compliance needs· Promote and enforce industry best practices for cloud security architecture, operations, and governance. 5. Documentation and Reporting:· Architecture Documentation: Create and maintain detailed architectural diagrams, design documents, standards and runbooks to support implementation, audits, and incident response. · Executive Communication: Present architectural designs, risk assessments, and recommendations to the Director of Cybersecurity, CISO, and senior leadership, articulating business impacts. · Metrics and Validation: Develop metrics to validate architectural effectiveness (e. g. , threat detection coverage, compliance adherence) and drive continuous improvement. Qualifications What You Will Bring· Minimum 8 years progressive experience in cybersecurity with proven knowledge in cloud security architecture or engineering role designing secure cloud native systems. · 3+ years of experience in financial services, with a strong understanding of financial threats (e. g. , fraud, data breaches) and regulations (e. g. , PCI DSS, Korean SOX, GDPR). · Hands-on experience architecting secure network, cloud, and SaaS environments in complex, regulated industries. · Bachelor's degree in computer science, Information Security, or related field; Master's degree preferred· At least one of the following: CISSP, CCSP, CISM, TOGAF, or equivalent. · Hands-on security testing experience in cloud platforms, especially AWS and M365. · Cloud security certifications such as:o AWS Certified Security - Specialtyo Microsoft Azure Security Engineero Microsoft 365 Securityo Google Professional Cloud Security Engineero Other comparable certifications. Technical Skills:· Technical expert with deep experience in financial services, a strategic mindset, and the ability to align cybersecurity architecture with business objectives. · Expertise in network security (e. g. , NGFW, IDS/IPS, VPNs) and cloud security (AWS, Azure, Google Cloud, Oracle Cloud)· Proficiency in Microsoft 365 Security Tools: Microsoft Defender, Intune, Azure AD (Entra), ADFS· Knowledge of security frameworks such as NIST, ISO 27001, and COBIT. · Strong knowledge of Cloud Native Security solutions and monitoring technology - (AWS CloudTrail, SecurityHub, GuardDuty)· Experience with secure software development lifecycles (SDLC) and DevSecOps practices. · Familiarity with automation and scripting (e. g. , Python, PowerShell, Terraform) for infrastructure-as-code and security orchestration. · Hands-on experience with cloud security posture management (CSPM) and workload protection platforms. · Proficiency in IAM frameworks (RBAC, MFA, PAM) and DLP technologies (data classification, policy enforcement). · Strong knowledge of SIEM (e. g. , Splunk), SOAR, and threat intelligence platforms for architectural integration. · Deep experience in the design and implementation of robust security architectures for SaaS platforms, ensuring secure integration, data protection, and compliance with industry standards such as SOC 2, ISO 27001, and others. · Experience designing and implementing security controls for AI/ML workloads in cloud environments. · Knowledge of financial systems (e. g. , core banking platforms, payment gateways) and their security requirements. Soft Skills:· Strong problem-solving skills to address complex architectural challenges. · Excellent communication skills to articulate technical concepts to technical and non-technical stakeholders. · Strategic thinker with the ability to align cybersecurity architectures with business and regulatory goals. Preferred· Experience with AI-driven cybersecurity tools (e. g. , ReliaQuest GreyMatter, Rapid7, etc. ) for threat detection and response. · Familiarity with zero-trust architectures and emerging technologies, such as SASE or decentralized identity. · Knowledge of data encryption, tokenization, and secure API design for financial applications. · Experience working with MSSPs to integrate external security services. · Understanding of threat modeling frameworks. Work EnvironmentEmployees in this class are subject to extended periods of sitting, standing, and walking, vision to monitor and moderate noise levels. Work is performed in an at home and office environment. The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location, and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range. California Privacy NoticeThis notice only applies to our applicants who reside in the State of California. The latest version of our Privacy Policy can be found here. This Privacy Policy provides you with notice, at or before the point of collection, about the categories of personal information to be collected from you, the purposes for which your personal information is collected or used, and whether that information is sold or shared, so that you can exercise meaningful control over our use of your personal information. We are providing this notice to comply with the California Consumer Privacy Act of 2018, as amended as amended by the California Privacy Rights Act of 2020 (“CCPA”). If you have any questions about CCPA regarding California residents or HCA team members, please contact the Privacy Team at Privacy2@hcs. com. Primary Location: United States-California-IrvineWork Locations: Headquarters 1 3161 Michelson Dr. Ste 1900 Irvine 92612Job: IT ApplicationJob Type: RegularOvertime Status: ExemptSchedule: Full-time Minimum Salary: $132,000. 00Maximum Salary: $204,600. 00Job Posting: Dec 1, 2025

Job DescriptionDescription: Aspire General Insurance Company and its affiliated general agent, Aspire General Insurance Services, are on a mission to deliver affordable specialty auto coverage to drivers without compromising outstanding service. Our company values can best be described with ABLE: to always do the right thing, be yourself, learn and evolve, and execute. Join our team where every individual takes pride in driving their role for shared success. JOB SUMMARY: Aspire General Insurance, a leader in non-standard auto insurance, is seeking a hands-on and strategic Director of Information Security to develop, implement, and maintain the company's information security program. This role is responsible for protecting sensitive customer data, ensuring compliance with regulatory standards, and strengthening our overall cyber risk posture in a cloud-native, AI-enabled environment. Key Responsibilities: Develop and lead the enterprise-wide information security strategy, including governance, risk management, threat detection, and incident response. Manage and mature security operations, vulnerability management, and access controls. Own compliance with regulatory frameworks (e.g., NAIC Model Law, GLBA, PCI-DSS, SOC 2) relevant to the insurance industry. Collaborate with IT, legal, and claims teams to embed security into infrastructure, applications, and third-party vendor relationships. Oversee risk assessments, penetration testing, and security audits; prioritize and remediate findings. Lead response to security incidents, including detection, containment, communication, and recovery. Evaluate and implement modern security technologies, particularly in cloud environments (e.g., Azure security tools). Educate employees on security awareness and develop policies for secure use of systems and data. Supervise and grow a small but high-performing InfoSec team and contractors. Requirements: Qualifications: 8+ years in information security roles, with at least 3 years in a leadership capacity. Deep knowledge of cybersecurity principles, risk frameworks, and regulatory requirements. Experience with cloud security (AWS or Azure), identity and access management (IAM), SIEM tools, endpoint protection, and zero trust architectures. Track record of managing security programs in regulated industries such as financial services or insurance. Familiarity with third-party risk management and secure SDLC practices. Excellent communication and incident-handling skills. Knowledge of SOC 2, ISO 27001, and/or NIST frameworks. Bachelor's degree in Information Security, Computer Science, or related field (CISSP, CISM, or similar certification strongly preferred). Preferred Experience: Experience working with or securing AI/ML platforms and data pipelines. Experience with security considerations in insurance claims and policy systems (e.g., PII, policy documents). Benefits: Medical, Dental, Vision, HSA*, PTO, 401k, Company Observed Holidays Individuals seeking employment at Aspire General Insurance Services LLC are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation in accordance with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements. *Dependent on plan selected

Headquartered in the United States, TP-Link Systems Inc. is a leading global provider of networking devices and smart home products. Consistently ranked as the world's top provider of Wi-Fi devices, TP-Link is dedicated to delivering innovative solutions that improve people's lives by offering faster, more reliable connectivity. Serving customers in over 170 countries, we are committed to expanding our global footprint. At TP-Link Systems Inc., we believe that technology has the power to transform the world for the better. Our mission is to design reliable, high-performance products that connect users worldwide to the limitless possibilities of technology. We are driven by our core values of professionalism, innovation, excellence, and simplicity. Our goal is to help clients achieve outstanding global performance and to provide consumers with a seamless, effortless technology experience. TP-Link Systems Inc. is seeking a skilled and proactive Sr. Security Compliance Analyst who will be responsible for developing and overseeing TP-Link's enterprise security governance framework, ensuring compliance with regulatory requirements, industry standards, and internal policies. This individual will collaborate with cross-functional teams to embed security into business operations, manage risk, and enhance security resilience across TP-Link's enterprise ecosystem. Key Responsibilities: Security Governance & Policy Development * Develop, implement, and maintain security policies, standards, and guidelines aligned with industry best practices (e.g., NIST, ISO 27001, CIS). * Establish and lead a security governance framework to ensure consistent application of security controls across the enterprise. Risk Management & Compliance * Identify, assess, and mitigate security risks across TP-Link's global operations. * Ensure compliance with regulatory requirements such as GDPR, CCPA, NIST CSF, and other applicable cybersecurity frameworks. * Oversee security audits, risk assessments, and third-party security evaluations. * Partner with legal, IT, and business leaders to address security compliance gaps. Third-Party & Supply Chain Security * Develop and enforce security requirements for vendors, suppliers, and third-party partners. * Conduct security assessments of supply chain partners to identify and mitigate potential risks. Security Awareness & Training * Develop and lead security awareness programs to educate employees on cybersecurity risks and best practices. * Foster a security-first culture across all levels of the organization. * Provide guidance and training on security governance processes for internal stakeholders. Incident Response & Continuous Improvement * Support security incident response efforts by ensuring governance processes facilitate rapid detection and response. * Lead post-incident analysis to refine security policies and controls. * Monitor emerging threats, regulatory changes, and industry trends to evolve TP-Link's security governance strategies.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.

General information Requisition # R64222 Posting Date 11/14/2025 Security Clearance Required TS/SCI Remote Type Onsite Time Type Full time Description & Requirements Shape the future of defense with MANTECH! Join a team dedicated to safeguarding our nation through advanced tech and innovative solutions. Since 1968, we've been a trusted partner to the Department of Defense, delivering cutting-edge projects that make a real impact. Dive into exciting opportunities in Cybersecurity, IT, Data Analytics and more. Propel your career forward and be part of something extraordinary. Your journey starts now-protect and innovate with MANTECH! MANTECH seeks a motivated, career and customer-oriented Information Systems Security Officer with strengths in Information Systems Security to join our team at Marine Corps Base Camp Pendleton California. This position will assist Marine Corps Warfighting Laboratory (MCWL) prepare for and maintain the IT infrastructure, IT capabilities and Audio-Visual capabilities to support emerging ICD 705 Sensitive Compartmentalized Information Facilities (SCIFs) and Special Access Control Facilities (SAPFs) through planning, activation and operations. Responsibilities include but are not limited to: * Experience in network design, network monitoring, systems development, and knowledge of Information Assurance (IA) policies, directives, and best practices across DoD and Marine Corps. * Knowledge and experience with organizations within the Marine Corps responsible for facilitating network approvals and connections. * Work with various Marine Corps, Navy, Joint, and other services to coordinate installs supporting Initial Operating Capability (IOC) and Final Operating Capability (FOC). * Ability to communicate and provide effective staff coordination across government, Marine Corps, and contractor organizations. * Support the facility Site Security Manager (SSM)/Special Security Representative (SSR) and Information Systems Security Manager (ISSM) to oversee the secure installations and operations of systems across multiple security domains and in accordance with policies, directives, and best practices. * Establishes and satisfies complex system-wide information security requirements based upon the analysis of user, policy, regulatory, and resource demands. Supports Marine Corps and other customers at the highest levels in the development and implementation of doctrine and policies. Minimum Qualifications: * Bachelor's degree and at least 10 years' experience planning and/or operating IT infrastructure within ICD 705 facilities. * Experience with network security aspects of installations and operations. Preferred Qualifications: * Experience with MS Word, MS Power Point Clearance Requirements: * Candidate must have a current/active Top Secret clearance with the ability to obtain and maintain a TS/SCI clearance prior to starting this position. Physical Requirements: * Ability to maintain construction security oversight in outdoor environment; walk (with personal protective equipment) to inspect and document delivery of components and assembly/construction of structure. The projected compensation range for this position is $112,400.00-$186,500.00. There are differentiating factors that can impact a final salary/hourly rate, including, but not limited to, Contract Wage Determination, relevant work experience, skills and competencies that align to the specified role, geographic location (For Remote Opportunities), education and certifications as well as Federal Government Contract Labor categories. In addition, MANTECH invests in its employees beyond just compensation. MANTECH's benefits offerings include, dependent upon position, Health Insurance, Life Insurance, Paid Time Off, Holiday Pay, short-term and long-term Disability, Retirement and Savings, Learning and Development opportunities, wellness programs as well as other optional benefit elections. MANTECH International Corporation considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation. If you need a reasonable accommodation to apply for a position with MANTECH, please email us at ******************* and provide your name and contact information.

Momenti is a dynamic and immersive content company that revolutionizestraditional media by bringing visceral experiences to all forms of content. Wespecialize in interactive video that breaks the 4th wall, creating deeperconnections and emotions with our audience. Join us in transforming the waypeople engage with content and bring moments to life. Momenti is at theforefront of the content revolution, and we want you to be part of it. Job Summary:We are seeking a talented and experienced Security Engineer to join Momentias our first security hire and report directly to our Engineering Director. In thisrole, you will be responsible for ensuring the security and integrity of oursystems, applications, and data. You will work closely with cross-functionalteams to identify potential vulnerabilities, develop and implement securitymeasures, and provide ongoing support to maintain a secure environment. Thisis a unique opportunity to make a significant impact and shape the securitylandscape at Momenti. Key Responsibilities:• Develop and implement effective security strategies, policies, and proceduresto protect Momenti's systems, applications, and data.• Conduct regular security assessments, vulnerability testing, and risk analysisto identify and address potential security weaknesses.• Collaborate with software engineers and other stakeholders to design andimplement secure coding practices and ensure secure applicationdevelopment.• Monitor and respond to security incidents, including investigating andresolving security breaches, intrusions, and unauthorized access attempts.• Stay up-to-date with the latest security technologies, trends, and bestpractices, and provide recommendations for enhancements to our securityposture.• Educate and train employees on security awareness and best practices topromote a culture of security throughout the organization.Preferred Qualifications:• Solid experience in a security engineering or related role, with a focus onapplication and system security.• Strong understanding of web application security, network security principles,and secure coding practices.• Familiarity with security frameworks such as OWASP, NIST, and CISbenchmarks.• Knowledge of cloud security principles and experience securing cloud-basedenvironments (e.g., GCP, AWS, Azure).• Experience with security assessment tools and techniques, such asvulnerability scanners, penetration testing, and log analysis.Basic Qualifications:• Proven experience in implementing and managing security controls in aproduction environment.• Familiarity with compliance standards and regulations (e.g., GDPR, HIPAA,PCI DSS).• Strong problem-solving and analytical skills, with the ability to assess risksand develop effective mitigation strategies.• Excellent communication and collaboration skills, with the ability to workeffectively in cross-functional teams.

It's fun to work in a company where people truly BELIEVE in what they're doing! We're committed to bringing passion and customer focus to the business. The Information Security Engineer is responsible for contributing to the corporate Information Security program by assisting in the identification, recommendation and implementation of industry leading application security tools and techniques. The incumbent will also maintain and update application security processes and procedures and train team members on any relevant updates. This position is remote, but local to the Temecula, CA office. Essential Functions Assist with the development, implementation, and administration of information security policies, standards, and procedures, adhering to industry best practices Assist in integrating regulatory compliance requirements (e.g., PCI, GLBA) into the organizational security roadmap Assist in ensuring that the corporate IT environment is secure and complies with all external audit requirements and federal standards Coordinate with IT Operations to ensure endpoints and network devices conform to security standards, and that security devices and controls are working as designed Assist in the identification, evaluation and implementation of industry leading application security tools and techniques Plan, coordinate, and implement security measures to regulate access to computer data files and prevent unauthorized modification, destruction, or disclosure of information Perform risk assessments and execute system tests to ensure proper functioning of data processing activities and security measures Identify potential security risks, and define and document remediation options or mitigating controls Perform security incident investigations including: chain of custody, containment measures, root cause analysis, and identification of preventive measures Define and assist in the management of an Incident Response Team that addresses potential or in-progress security events, establishing and adhering to escalation procedures and response times Perform information systems evidence gathering, to support e-discovery requests and messaging searches Perform security reviews on requests for new commercial software or material configuration changes to existing software Perform periodic internal IT security audit functions on IT operational controls, to include system access controls, firewall rule reviews, etc. Participate in on-call rotation Perform related duties as requested Essential Knowledge, Skills, & Abilities Excellent written and verbal communication skills required Solid presentation skills Significant knowledge of security-oriented regulatory requirements and compliance Excellent familiarity with IT security principles and practices including firewalling, hardening, data loss prevention, threat prevention, and identity management. Ability to provide technical guidance to less experienced team members Knowledge of the mortgage industry is helpful, but not required Commitment and ability to cultivate a diverse and inclusive work environment. Education Bachelor's degree in computer science, Engineering, Information Systems Security or a related field is required. Security class certifications strongly preferred Azure certifications preferred CISSP license preferred Experience 5+ years of related IT experience required 2+ years in an Information Security engineering role 3+ years of experience in a regulated IT environment including some combination of SOX, HIPAA, GLBA, PCI preferred Compensation and Benefits Covius offers an extensive benefits package for all employees, including medical, dental, vision and 401(k)! Compensation: $96,000 to $120,000 annually with a 10% AIP opportunity Application Guidelines: For best consideration, please submit your resume and application materials as soon as possible. Review of applications will begin immediately. Working Conditions Work is performed in a climate controlled indoor administrative office setting. The noise level in the work environment is usually quiet to moderate, depending upon the office or meeting location. Physical Demands and Activities While performing the duties of this job, the employee is frequently required to communicate. The employee frequently is required to remain stationary. The employee is frequently required to move about the office, operate a computer and other office machinery, such as calculator, copy machine, and computer printer; rarely position self to maintain files; rarely moves boxes weighing up to 10 lbs. Close and distance observation required with the ability to observe objects at close range in presence of glare or bright lighting (e.g., computer screen). Must possess the ability to communicate information and ideas so others will understand and have the ability to interact with external and internal stakeholders. Covius is committed to equal opportunity in all employment practices to all qualified applicants and employees without regard to race, color, religion, gender, gender identity, age, national origin, pregnancy, disability, genetics, marital status, military or veteran status or any other protected category as established by local, state, and federal law. This policy applies to all aspects of the employment relationship including recruitment and hiring, placement, promotion, transfer, compensation, disciplinary action, layoff, leaves of absence, training, and termination. All such employment decisions will be made without unlawful discrimination based on any prohibited basis. The essential functions, working conditions and physical demands described above are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position. Please note that all s are not intended to be all-inclusive. This job description is not designed to cover all activities, duties or responsibilities that are required of the employee for this job. Employees may be required to perform other duties at any time with or without notice to meet the ongoing needs of the organization. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

The Sr. Security Engineer is part of the Global IT, Security & Compliance (CISO) team, supporting security across IT, OT, and cloud environments. This role involves managing internal security platforms, partnering with our 24/7 MDR provider, responding to incidents, and integrating security into company-wide initiatives. The Senior SOC Engineer drives threat detection engineering, response automation, and security visibility across endpoints, networks, and cloud infrastructure. They are responsible for the technical leadership of SOC activities, mentoring junior engineers, optimizing integrations (Zscaler, Sentinel, Vulnerability management tools), and contributing to the global security roadmap and incident response program. What you will do * Lead and support internal incident management, including triage, containment, remediation, and post-incident reviews. * Act as the primary interface with our external MDR team for alerts, investigations, and incident handling. * Onboard and integrate new log/data sources into security monitoring. * Monitor vulnerabilities and support patch management coordination. * Design, manage, maintain, and optimize internal security applications such as EDR/XDR, SIEM, SOAR, IAM, PAM, vulnerability management, and DLP. * Develop and automate operational processes, playbooks, and response workflows. * Partner with IT, OT, and business teams to embed security into projects (cloud, infrastructure, workplace, OT). * Support OT security initiatives, including securing industrial control systems, legacy systems, and production environments. * Contribute to security architecture and roadmap initiatives. * Act as a security advocate to promote best practices and raise awareness across teams. * Design modern, user-friendly security solutions that balance usability, compliance, and risk reduction. Qualifications * Bachelor's degree in information security, computer science, or engineering * Master's degree in information security, computer science, or engineering (preferred) * 5 years' experience working in or with a SOC or MDR environment * Strong understanding of incident response processes and digital forensics basics * Knowledge of security frameworks and standards (ISO 27001, NIST, CIS, MITRE ATT&CK) * Ability to design and implement modern, user-friendly security solutions that drive adoption across business and IT/OT stakeholders * Excellent communication skills to collaborate with IT, OT, and business stakeholders * Analytical mindset with problem-solving ability * Relevant certifications are a plus (e.g., GCIA, GCIH, GCED, Azure Security Engineer, CISSP, Security+) * EDR/XDR and endpoint security (Microsoft Defender) * SIEM/SOAR administration and tuning (Microsoft Sentinel) * Understanding of Identity and Access Management (IAM, PAM, MFA) * Vulnerability management tools and remediation workflows * Cloud security (Azure, AWS, GCP) * Scripting/automation * OT security (ICS/SCADA, IIoT, legacy systems) desirable Base salary range: $112,640 - $154,880 Placement of new hires in this wage range is based on several factors including education, skill sets, experience, and training. Total Rewards We offer all Team Members a total rewards package including competitive pay, annual performance bonus, a generous benefit package with comprehensive Medical/Dental/Vision coverage, 401(k) plan with employer contribution, and paid vacation, personal and sick days. Corporate Social Responsibility Bachem takes responsibility for future generations by a careful handling of resources and avoiding environmental risks. We continually improve our ecological performance and develop and implement new approaches for enhancing employees' environmental awareness. EcoVadis has awarded Bachem Gold Medal status in their assessment of Bachem. Bachem Americas is an Equal Opportunity Employer As an equal opportunity employer, we celebrate the diversity of our team and are committed to building an inclusive workplace where individuals are hired and advanced based on merit, skills, and qualifications. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or other legally protected status. Please note: unsolicited resumes from recruitment agencies will not be considered. Share this job posting by email

AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life - such as energy, infrastructure, chemicals and minerals - safely, efficiently and more sustainably. We're the first software business in the world to have our sustainability targets validated by the SBTi, and we've been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We've also recently been named as one of the world's most innovative companies. If you're a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers. For more information about our privacy policy and how to manage cookies, visit our Privacy Policy. Position: Principal Security Engineer - Application Security & Incident Response Location: Calgary Canada/ Lake Forest, CA Type: Full time- Hybrid Path: Individual Contributor Salary Range: $123,500.00 - $205,900.00 About the Role: We're looking for a Principal Security Engineer to lead our application security efforts and help protect our global technology environment. This is a hands-on, high-impact role for someone with deep expertise in application security, a strong development background, and real-world breach response experience. You'll work across engineering and product teams to identify vulnerabilities, guide secure development, and respond to security incidents. As part of our global 24×7 security team, you'll help ensure continuous coverage and rapid response to emerging threats. Key Responsibilities: * Lead application security practices across development and deployment workflows. * Identify and remediate vulnerabilities in collaboration with engineering teams. * Monitor for threats and respond to security incidents across global environments. * Apply breach response experience to strengthen threat modeling and security controls. * Stay ahead of emerging threats and translate insights into actionable improvements. * Develop secure coding standards and mentor teams on best practices. * Work as part of a global 24×7 team to ensure consistent security coverage. Required Qualifications: * Strong development background with experience in secure coding and software engineering. * Proven experience in application security and incident response. * Proven experience securing cloud applications (e.g., Azure, AWS, GCP). * At least two years operating at Principal level or in a senior technical leadership role. * Strong understanding of secure development practices and threat modeling. * Experience with cloud-native environments, CI/CD pipelines, and containerized applications. * Excellent communication and stakeholder engagement skills. Preferred Qualifications: * Certifications like CSSLP, OSWE, or GWAPT. * Experience with automated security tools and analysis platforms. * Familiarity with compliance frameworks (e.g., GDPR, PCI-DSS, ISO 27001). * Understanding of the NIS Directive and its impact on security operations. R&D at AVEVA Our global team of 2000+ developers work on an incredibly diverse portfolio of over 75 industrial automation and engineering products, which cover everything from data management to 3D design. AI and cloud are at the centre of our strategy, and we have over 150 patents to our name. Our track record of innovation is no fluke - it's the result of a structured and deliberate focus on learning, collaboration and inclusivity. If you want to build applications that solve big problems, join us. AVEVA requires all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria. AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business. Come and join AVEVA to create the transformative technology that enables our customers to engineer a better world.

**AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life - such as energy, infrastructure, chemicals and minerals - safely, efficiently and more sustainably.** **We're the first software business in the world to have our sustainability targets validated by the SBTi, and we've been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We've also recently been named as one of the world's most innovative companies.** **If you're a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers (**************************************** .** **For more information about our privacy policy and how to manage cookies, visit our** **Privacy Policy (**************************************************************************************************************************** **.** **Position:** Principal Security Engineer - Application Security & Incident Response **Location:** Calgary Canada/ Lake Forest, CA **Type:** Full time- Hybrid **Path:** Individual Contributor **Salary Range:** $123,500.00 - $205,900.00 **About the Role:** We're looking for a **Principal Security Engineer** to lead our application security efforts and help protect our global technology environment. This is a hands-on, high-impact role for someone with deep expertise in application security, a strong development background, and real-world breach response experience. You'll work across engineering and product teams to identify vulnerabilities, guide secure development, and respond to security incidents. As part of our global 24×7 security team, you'll help ensure continuous coverage and rapid response to emerging threats. **Key Responsibilities:** + Lead application security practices across development and deployment workflows. + Identify and remediate vulnerabilities in collaboration with engineering teams. + Monitor for threats and respond to security incidents across global environments. + Apply breach response experience to strengthen threat modeling and security controls. + Stay ahead of emerging threats and translate insights into actionable improvements. + Develop secure coding standards and mentor teams on best practices. + Work as part of a global 24×7 team to ensure consistent security coverage. **Required Qualifications:** + Strong development background with experience in secure coding and software engineering. + Proven experience in application security and incident response. + Proven experience securing cloud applications (e.g., Azure, AWS, GCP). + At least **two years operating at Principal level** or in a senior technical leadership role. + Strong understanding of secure development practices and threat modeling. + Experience with cloud-native environments, CI/CD pipelines, and containerized applications. + Excellent communication and stakeholder engagement skills. **Preferred Qualifications:** + Certifications like CSSLP, OSWE, or GWAPT. + Experience with automated security tools and analysis platforms. + Familiarity with compliance frameworks (e.g., GDPR, PCI-DSS, ISO 27001). + Understanding of the NIS Directive and its impact on security operations. **R&D at AVEVA** Our global team of 2000+ developers work on an incredibly diverse portfolio of over 75 industrial automation and engineering products, which cover everything from data management to 3D design. AI and cloud are at the centre of our strategy, and we have over 150 patents to our name. Our track record of innovation is no fluke - it's the result of a structured and deliberate focus on learning, collaboration and inclusivity. If you want to build applications that solve big problems, join us. **AVEVA requires all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria.** **AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.** **Come and join AVEVA to create the transformative technology that enables our customers to engineer a better world.** Empowering you with pioneering tech AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life - such as energy, infrastructure, chemicals and minerals - safely, efficiently and more sustainably. We're the first software business in the world to have our sustainability targets validated by the SBTi, and we've been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We've also recently been named as one of the world's most innovative companies. If you're a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers (**************************************** . For more information about our privacy policy and how to manage cookies, visit our Privacy Policy (*********************************************************************************************************************** .

For More Open Positions Visit us at: ********************************** Our Mission WOONGJIN, Inc. is a rapidly growing team who provides a range of unique, exceptional, and enhanced services to our clients. We have a strong moral code that includes the service of goodness without expectations of reward. We are motivated by the sense of responsibility and servant leadership. Benefits Medical Insurance Vision Insurance Dental Insurance 401(k) Paid Sick hours Job Description The IT Security Engineer is responsible for supporting the planning, implementation, and management of the organization's IT security infrastructure and policies. This role assists in identifying security risks, responding to incidents, and ensuring compliance with internal standards and external regulations. Responsibilities Assist in developing, implementing, and maintaining IT security policies, standards, and procedures Monitor and analyze security events, logs, and alerts using tools like Splunk of Sentinel to detect and respond to threats Collaborate with internal IT teams and external vendors to improve overall security posture Manage user access controls and identity management systems Monitor and audit for potential security breaches, abnormal behavior, and unauthorized access Verify that applied security policies are properly configured and effectively enforced Monitor network, system, and application security to detect and respond to potential threats and vulnerabilities Participate in incident response processes, including investigation, containment, recovery, and documentation Assist in audits and ensure compliance with regulatory requirements Support security awareness training and compliance initiatives for employees and third parties Maintain up-to-date knowledge of cybersecurity trends, threats, and best practices Document security configurations, procedures, and technical findings Conduct vulnerability assessments Salary: $80,000 - $95,000 per year (D.O.E) Qualifications Skills 3 - 5 years of experience in IT security or related IT roles required Knowledge of security technologies such as firewalls, IDS/IPS, antivirus, SIEM, and endpoint protection required Security certifications preferred (e.g., CISSP, CISM, CompTIA Security+, CEH) preferred Strong problem-solving, analytical, and communication skills required Education & Experience Bachelors Degree Required Computer Science, Information Security, or a related field required 6 - 9 Years of Direct Experience Required 7 - 11 Years of Direct Experience Required 1 - 3 Years of Supervisory Experience Required 3-5 years of experience in IT Security or related IT roles required Physical Requirements Ability to sit in front of a desk and/or in front of the computer for long periods Repetitive use of hand/grasping product, writing, and typing Lift up to 10lbs Carry up to 10lbs Stand/walk Additional Information All your information will be kept confidential according to EEO guidelines. *** NO C2C ***

For More Open Positions Visit us at: ********************************** Our Mission WOONGJIN, Inc. is a rapidly growing team who provides a range of unique, exceptional, and enhanced services to our clients. We have a strong moral code that includes the service of goodness without expectations of reward. We are motivated by the sense of responsibility and servant leadership. Benefits Medical Insurance Vision Insurance Dental Insurance 401(k) Paid Sick hours Job Description The IT Security Engineer is responsible for supporting the planning, implementation, and management of the organization's IT security infrastructure and policies. This role assists in identifying security risks, responding to incidents, and ensuring compliance with internal standards and external regulations. Responsibilities Assist in developing, implementing, and maintaining IT security policies, standards, and procedures Monitor and analyze security events, logs, and alerts using tools like Splunk of Sentinel to detect and respond to threats Collaborate with internal IT teams and external vendors to improve overall security posture Manage user access controls and identity management systems Monitor and audit for potential security breaches, abnormal behavior, and unauthorized access Verify that applied security policies are properly configured and effectively enforced Monitor network, system, and application security to detect and respond to potential threats and vulnerabilities Participate in incident response processes, including investigation, containment, recovery, and documentation Assist in audits and ensure compliance with regulatory requirements Support security awareness training and compliance initiatives for employees and third parties Maintain up-to-date knowledge of cybersecurity trends, threats, and best practices Document security configurations, procedures, and technical findings Conduct vulnerability assessments Salary: $80,000 - $95,000 per year (D.O.E) Qualifications Skills 3 - 5 years of experience in IT security or related IT roles required Knowledge of security technologies such as firewalls, IDS/IPS, antivirus, SIEM, and endpoint protection required Security certifications preferred (e.g., CISSP, CISM, CompTIA Security+, CEH) preferred Strong problem-solving, analytical, and communication skills required Education & Experience Bachelors Degree Required Computer Science, Information Security, or a related field required 6 - 9 Years of Direct Experience Required 7 - 11 Years of Direct Experience Required 1 - 3 Years of Supervisory Experience Required 3-5 years of experience in IT Security or related IT roles required Physical Requirements Ability to sit in front of a desk and/or in front of the computer for long periods Repetitive use of hand/grasping product, writing, and typing Lift up to 10lbs Carry up to 10lbs Stand/walk Additional Information All your information will be kept confidential according to EEO guidelines. *** NO C2C ***

The Company: VeSync is a portfolio company with brands that cover different categories of health & wellness products. We wouldn't be surprised if you have one of our Levoit air purifiers in your living room or a COSORI air fryer whipping up healthy and delicious meals for you every night. We're a young and energetic company, we've had tremendous success, and we are constantly growing our team. As we garner more industry attention - just check out our accomplishments and awards by CES Innovation, iF Design, IGA, and Red Dot - we also need driven and talented people to join our team. That brings us to you, and what you'll be joining. Our teams are smart and diligent and take ownership of their work - they're confident in their work but know how to collaborate with open ears and a spirit of learning. If you're down-to-earth, approachable, and easy to strike up a conversation with, this may be a great fit for you. Check out our brands:levoit.com | cosori.com | etekcity.com The Opportunity: Information Security Planning • Develop and implement comprehensive information security plans to safeguard the security of company data and assets, including on-premise and cloud environments. • Thoroughly analyze the company's business processes and data characteristics, and combine industry best practices and frameworks such as NIST Cybersecurity Framework (CSF)to create customized security plans, ensuring the confidentiality, integrity, and availability of information assets in various scenarios. Policy Development and Compliance • Create security policies and ensure that the company's operations are in strict compliance with industry standards (e.g., ISO 27001, NIST, GDPR) and regulatory requirements. • Continuously monitor industry trends and regulatory changes, and adjust security policies in a timely manner to provide a solid security and compliance framework for the company's business operations. • Experience with OneTrust, Drata or similiar tools System, Network and Cloud Security • Maintain and enhance security measures for systems, networks , and public cloud platforms (e.g., AWS, Azure, GCP) to prevent potential threats. • Utilize advanced technical means and tools to conduct real - time monitoring and risk early warning of systems, networks, and cloud environments, promptly detect and block various attack behaviors, and ensure the stable and secure operation of IT infrastructure. • Familiar with AWS security suites • Familiar with security scorecards, SIEM tools and dashboards (Splunk, QRadar, Rapid7, Wazhu) Security Monitoring and Incident Response • Monitor security events in real - time, respond promptly to emergencies, and effectively mitigate risks. • Build an efficient security monitoring platform, use intelligent analysis technology to promptly capture abnormal behaviors, activate emergency response plans, and minimize the impact of security incidents. • Conduct re/blue team exercise Security Awareness and Training • Develop and deliver security training programs to enhance employees' security awareness and encourage their adherence to best practices. • Design targeted training courses according to the needs of different positions and use diverse training methods to ensure that employees have a deep understanding of and implement security requirements. Access Control and Identity Management • Oversee user access controls, regularly review permissions, and ensure secure identity management. • Implement a strict access control mechanism, Conduct regular audits of user permissions, and use reliable identity management systems to prevent unauthorized access and ensure the security of company resources. Risk Assessment and Management • Conduct comprehensive risk assessments, identify vulnerabilities, and implement effective mitigation strategies. • Use scientific risk assessment methods and frameworks such as NIST CSF to evaluate potential threats and vulnerabilities, formulate corresponding mitigation measures based on the assessment results, and continuously improve the company's security defense capabilities. • Develop KPIs and metrics Documentation and Mentorship • Document Cyber Security controls, detection rules and playbooks • Mentoring team members What you bring to the role: Bachelor's degree in Information Security, Computer Science, or a related field. 8+ years of experience in information security, with a strong background in security event analysis, incident response, vulnerability management, and risk assessment. Hands-on experience with public cloud security (e.g., AWS, Azure, GCP), including cloud-native security tools and best practices. Familiarity with security regulatory compliance standards and frameworks such as NIST CSF, ISO 27001, and CIS. Knowledge of network security principles, intrusion detection/prevention systems (IDS/IPS), firewalls, and endpoint protection. Understanding these aspects is essential for ensuring the company's security compliance and building a robust security defense system. Strong analytical and problem - solving skills, with the ability to quickly identify and mitigate security threats. Relevant security certifications such as CISSP, CISM, CEH are a plus. Location: This is an on-site, office-based role in Tustin, CA. Salary: Starting at $125K Perks and Benefits: 100% covered Medical/Dental/Vision insurance for employee AND spouse + dependents! 401K with 4% employer match (eligible after 90 days of employment) and immediate 100% vesting Generous PTO policy + paid holidays Life Insurance Voluntary Life Insurance Disability Insurance Critical Illness Coverage Accident Insurance Healthcare FSA Dependent Care FSA Travel Assistance Program Employee Assistance Program (EAP) Fully stocked kitchen

Headquartered in the United States, TP-Link Systems Inc. is a leading global provider of networking devices and smart home products. Consistently ranked as the world's top provider of Wi-Fi devices, TP-Link is dedicated to delivering innovative solutions that improve people's lives by offering faster, more reliable connectivity. Serving customers in over 170 countries, we are committed to expanding our global footprint. At TP-Link Systems Inc., we believe that technology has the power to transform the world for the better. Our mission is to design reliable, high-performance products that connect users worldwide to the limitless possibilities of technology. We are driven by our core values of professionalism, innovation, excellence, and simplicity. Our goal is to help clients achieve outstanding global performance and to provide consumers with a seamless, effortless technology experience. TP-Link Systems Inc. is seeking a skilled and proactive Sr. Security Compliance Analyst who will be responsible for developing and overseeing TP-Link's enterprise security governance framework, ensuring compliance with regulatory requirements, industry standards, and internal policies. This individual will collaborate with cross-functional teams to embed security into business operations, manage risk, and enhance security resilience across TP-Link's enterprise ecosystem. Key Responsibilities: Security Governance & Policy Development Develop, implement, and maintain security policies, standards, and guidelines aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Establish and lead a security governance framework to ensure consistent application of security controls across the enterprise. Risk Management & Compliance Identify, assess, and mitigate security risks across TP-Link's global operations. Ensure compliance with regulatory requirements such as GDPR, CCPA, NIST CSF, and other applicable cybersecurity frameworks. Oversee security audits, risk assessments, and third-party security evaluations. Partner with legal, IT, and business leaders to address security compliance gaps. Third-Party & Supply Chain Security Develop and enforce security requirements for vendors, suppliers, and third-party partners. Conduct security assessments of supply chain partners to identify and mitigate potential risks. Security Awareness & Training Develop and lead security awareness programs to educate employees on cybersecurity risks and best practices. Foster a security-first culture across all levels of the organization. Provide guidance and training on security governance processes for internal stakeholders. Incident Response & Continuous Improvement Support security incident response efforts by ensuring governance processes facilitate rapid detection and response. Lead post-incident analysis to refine security policies and controls. Monitor emerging threats, regulatory changes, and industry trends to evolve TP-Link's security governance strategies. Requirements Qualifications Education: Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field. Experience: 5+ years of experience in security governance, risk management, or compliance in a global technology or networking company. Proven track record in developing and implementing security governance frameworks for enterprise security. Experience managing compliance with industry standards and regulations (ISO 27001, NIST CSF, SOC 2, GDPR, CCPA, etc.). Hands-on experience with supply chain security, third-party risk management, and vendor security assessments. Skills: Deep understanding of security frameworks (ISO 27001, NIST, CIS, SOC 2) and regulatory requirements. Strong expertise in risk management methodologies, security policy development, and compliance auditing. Proficient in conducting security assessments, third-party risk evaluations, and internal security reviews. Ability to communicate complex security concepts to business and technical stakeholders effectively. Strong leadership skills with experience in cross-functional collaboration and executive reporting. Benefits Salary range: $100,000-$150,000 Free snacks and drinks, and provided lunch on Fridays Fully paid medical, dental, and vision insurance (partial coverage for dependents) Contributions to 401k funds Bi-annual reviews, and annual pay increases Health and wellness benefits, including free gym membership Quarterly team-building events At TP-Link Systems Inc., we are continually searching for ambitious individuals who are passionate about their work. We believe that diversity fuels innovation, collaboration, and drives our entrepreneurial spirit. As a global company, we highly value diverse perspectives and are committed to cultivating an environment where all voices are heard, respected, and valued. We are dedicated to providing equal employment opportunities to all employees and applicants, and we prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Beyond compliance, we strive to create a supportive and growth-oriented workplace for everyone. If you share our passion and connection to this mission, we welcome you to apply and join us in building a vibrant and inclusive team at TP-Link Systems Inc. Please, no third-party agency inquiries, and we are unable to offer visa sponsorships at this time.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Job DescriptionThe Company: VeSync is a portfolio company with brands that cover different categories of health & wellness products. We wouldn't be surprised if you have one of our Levoit air purifiers in your living room or a COSORI air fryer whipping up healthy and delicious meals for you every night. We're a young and energetic company, we've had tremendous success, and we are constantly growing our team. As we garner more industry attention - just check out our accomplishments and awards by CES Innovation, iF Design, IGA, and Red Dot - we also need driven and talented people to join our team. That brings us to you, and what you'll be joining. Our teams are smart and diligent and take ownership of their work - they're confident in their work but know how to collaborate with open ears and a spirit of learning. If you're down-to-earth, approachable, and easy to strike up a conversation with, this may be a great fit for you. Check out our brands:levoit.com \u007C cosori.com \u007C etekcity.com The Opportunity: Information Security Planning • Develop and implement comprehensive information security plans to safeguard the security of company data and assets, including on-premise and cloud environments. • Thoroughly analyze the company's business processes and data characteristics, and combine industry best practices and frameworks such as NIST Cybersecurity Framework (CSF)to create customized security plans, ensuring the confidentiality, integrity, and availability of information assets in various scenarios. Policy Development and Compliance • Create security policies and ensure that the company's operations are in strict compliance with industry standards (e.g., ISO 27001, NIST, GDPR) and regulatory requirements. • Continuously monitor industry trends and regulatory changes, and adjust security policies in a timely manner to provide a solid security and compliance framework for the company's business operations. • Experience with OneTrust, Drata or similiar tools System, Network and Cloud Security • Maintain and enhance security measures for systems, networks , and public cloud platforms (e.g., AWS, Azure, GCP) to prevent potential threats. • Utilize advanced technical means and tools to conduct real - time monitoring and risk early warning of systems, networks, and cloud environments, promptly detect and block various attack behaviors, and ensure the stable and secure operation of IT infrastructure. • Familiar with AWS security suites • Familiar with security scorecards, SIEM tools and dashboards (Splunk, QRadar, Rapid7, Wazhu) Security Monitoring and Incident Response • Monitor security events in real - time, respond promptly to emergencies, and effectively mitigate risks. • Build an efficient security monitoring platform, use intelligent analysis technology to promptly capture abnormal behaviors, activate emergency response plans, and minimize the impact of security incidents. • Conduct re/blue team exercise Security Awareness and Training • Develop and deliver security training programs to enhance employees' security awareness and encourage their adherence to best practices. • Design targeted training courses according to the needs of different positions and use diverse training methods to ensure that employees have a deep understanding of and implement security requirements. Access Control and Identity Management • Oversee user access controls, regularly review permissions, and ensure secure identity management. • Implement a strict access control mechanism, Conduct regular audits of user permissions, and use reliable identity management systems to prevent unauthorized access and ensure the security of company resources. Risk Assessment and Management • Conduct comprehensive risk assessments, identify vulnerabilities, and implement effective mitigation strategies. • Use scientific risk assessment methods and frameworks such as NIST CSF to evaluate potential threats and vulnerabilities, formulate corresponding mitigation measures based on the assessment results, and continuously improve the company's security defense capabilities. • Develop KPIs and metrics Documentation and Mentorship • Document Cyber Security controls, detection rules and playbooks • Mentoring team members What you bring to the role: Bachelor's degree in Information Security, Computer Science, or a related field. 8+ years of experience in information security, with a strong background in security event analysis, incident response, vulnerability management, and risk assessment. Hands-on experience with public cloud security (e.g., AWS, Azure, GCP), including cloud-native security tools and best practices. Familiarity with security regulatory compliance standards and frameworks such as NIST CSF, ISO 27001, and CIS. Knowledge of network security principles, intrusion detection/prevention systems (IDS/IPS), firewalls, and endpoint protection. Understanding these aspects is essential for ensuring the company's security compliance and building a robust security defense system. Strong analytical and problem - solving skills, with the ability to quickly identify and mitigate security threats. Relevant security certifications such as CISSP, CISM, CEH are a plus. Location: This is an on-site, office-based role in Tustin, CA. Salary: Starting at $125K Perks and Benefits: 100% covered Medical/Dental/Vision insurance for employee AND spouse + dependents! 401K with 4% employer match (eligible after 90 days of employment) and immediate 100% vesting Generous PTO policy + paid holidays Life Insurance Voluntary Life Insurance Disability Insurance Critical Illness Coverage Accident Insurance Healthcare FSA Dependent Care FSA Travel Assistance Program Employee Assistance Program (EAP) Fully stocked kitchen

**MANTECH** seeks a motivated, career and customer-oriented **Information Systems Security Officer** with strengths in Information Systems Security to join our team at Marine Corps Base **Camp Pendleton California.** This position will assist Marine Corps Warfighting Laboratory (MCWL) prepare for and maintain the IT infrastructure, IT capabilities and Audio-Visual capabilities to support emerging ICD 705 Sensitive Compartmentalized Information Facilities (SCIFs) and Special Access Control Facilities (SAPFs) through planning, activation and operations. **Responsibilities include but are not limited to:** + Experience in network design, network monitoring, systems development, and knowledge of Information Assurance (IA) policies, directives, and best practices across DoD and Marine Corps. + Knowledge and experience with organizations within the Marine Corps responsible for facilitating network approvals and connections. + Work with various Marine Corps, Navy, Joint, and other services to coordinate installs supporting Initial Operating Capability (IOC) and Final Operating Capability (FOC). + Ability to communicate and provide effective staff coordination across government, Marine Corps, and contractor organizations. + Support the facility Site Security Manager (SSM)/Special Security Representative (SSR) and Information Systems Security Manager (ISSM) to oversee the secure installations and operations of systems across multiple security domains and in accordance with policies, directives, and best practices. + Establishes and satisfies complex system-wide information security requirements based upon the analysis of user, policy, regulatory, and resource demands. Supports Marine Corps and other customers at the highest levels in the development and implementation of doctrine and policies. **Minimum Qualifications:** + Bachelor's degree and at least 10 years' experience planning and/or operating IT infrastructure within ICD 705 facilities. + Experience with network security aspects of installations and operations. **Preferred Qualifications:** + Experience with MS Word, MS Power Point **Clearance Requirements** **_:_** + Candidate must have a current/active Top Secret clearance with the ability to obtain and maintain a TS/SCI clearance prior to starting this position. **Physical Requirements:** + Ability to maintain construction security oversight in outdoor environment; walk (with personal protective equipment) to inspect and document delivery of components and assembly/construction of structure. MANTECH International Corporation considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation. If you need a reasonable accommodation to apply for a position with MANTECH, please email us at ******************* and provide your name and contact information.