Security architect jobs in Pompano Beach, FL

GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: * Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Build-time controls: Managing applications/products security controls and activities during development. * Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities * Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. * Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Support or develop components of the security analytics platform. * Contribute to investigations, threat hunting, and incident response activities in a supporting role. * Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. * Support the security operations team with the vulnerability management lifecycle for products and services under your purview. * Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities * Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. * Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. * Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. * Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). * Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. * Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. * Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. * Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. * Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. * Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. * Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. * Experience engaging with vendors in design partnerships. * Experience overseeing vulnerability and threat management at the platform and application levels. * Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. * Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. $146,000 - $170,000 a year In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

ISSO Employment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: * Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. * Maintain responsibility for managing cybersecurity risk from an organizational perspective. * Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. * Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. * Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). * Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. * Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. * Provide subject matter expertise for cyber security and trusted system technology. * Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. * Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. * Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. * Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: * Bachelor's Degree. * A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. * eMASS experience. * Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. * Strong desktop publishing skills using Microsoft Word and Excel. * Experience with industry writing styles such as grammar, sentence form, and structure. * Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: * CISSP, CASP, or a similar certificate is preferred. * Master's Degree in Cybersecurity or related field. * Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. * Demonstrated ability to work well independently and as a part of a team. * Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: ************************************* For more information about CGS please visit: ************************** or contact: Email: [email protected] #CJ $92,213.33 - $125,146.66 a year We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Job Description Octagon Talent Solutions is a South Florida-based, full-service technology recruitment and staffing firm dedicated to connecting top talent with the right opportunities. We take a human-centered approach to technical recruitment, prioritizing candidates' long-term career goals while carefully evaluating cultural fit. By fostering meaningful, lasting relationships, we deliver placements built to last. Job Overview: We are seeking a seasoned Concierge Security Engineer (CSE) to join our team in Fort Lauderdale, FL. The Concierge Security Engineer will build and maintain strong partnerships with customers while delivering customized security solutions. Core duties include investigating security incidents, configuring and troubleshooting data sources, and ensuring smooth service delivery. Respond promptly to customer requests for guidance, information, or support promptly, coordinating with other teams when needed. Foster proactive communication and collaboration with internal and external stakeholders. The Concierge Security Engineer (CSE) role combines the expertise of an IT Security Analyst, Security Architect, and Incident Response Consultant. Success requires both strong technical capabilities and the ability to communicate complex security concepts clearly and effectively to a non-technical audience. RESPONSIBILITIES: Build and nurture exceptional relationships with customers, ensuring a strong and lasting partnership. Deliver security solutions directly to customers, including, configuring, troubleshooting, and verifying data sources. Respond promptly to customers requests for guidance, information, or support, escalating issues as necessary and coordinating with other teams to ensure resolution. Proactively engage and communicate with both internal and external stakeholders to foster collaboration and transparency. Serve in a multifaceted role that blends responsibilities of an IT Security Analyst, Security Architect, and Incident Response Consultant. REQUIREMENTS: Bachelor's degree in Computer Science, Information Security, or related discipline. Strong understanding of IT security principles, standards, and best practices. Experience with security information and event management (SIEM) platforms Excellent communication skills with ability to convey complex technical concepts to non-technical audiences Knowledge with leading security frameworks such as NIST, ISO 27001, CIS. Proficiency with security tools, threat detection techniques, and incident response procedures Strong analytical skills, a problem-solving mindset, and a commitment to delivering excellent customer services.

13804 - Sr Cloud Security Analyst (onsite) - Doral, FL Work Setting: Hybrid Required: • Availability to work at the Client's site in Doral, FL (required); • Experience with O365, AD, MS, Linux Access management (5+ years); • Experience with Cloud Security (5+ years); • Experience with Azure administration and configure access controls; • Experience with AWS security administration and configure access controls; • Experience with GCP; • Experience with GDPR, PCI, NIST; • Experience with Vendor technology legacy; • Experience with SailPoint IAM solution; • Experience with Active Directory; • Experience with Windows workstations and server operating systems; • Experience with managing security for AWS cloud environment tenants; • Security background; • High School Diploma or GED in Computer Science or other technical degree or equivalent experience; • Certifications: Microsoft 365 Messaging and or Security Administrator, CompTIA Cloud+. Preferred: • Scripting experience (PowerShell, Python etc.); • Experience with Qualys; • Experience with Orca Security; • Bachelor's Degree. Responsibilities: • Management, evaluation, maintenance, and enhancement of the cloud security posture; • Operation of identity and access processes and controls for SailPoint, Active Directory, Email, and Collaboration Platforms and cloud-based solution; • Continuous improvement of the brand vulnerability management people, process, and technology analyzing cloud environment reporting, prioritizing, and working with brand IT to make Cloud Security Management data actionable and understandable; • Evaluation and providing directives and guidance regarding our SIEM integrations, identifying potential blind spots, and assisting with configuration validations; • Augment and assist GISCS Security Operations, monitoring and triaging brand security events (Security Operations); • Creates visual information in the form of dashboard(s) and reports for executives and business stakeholders on a regular basis that communicates Cybersecurity risks and KRIs; • Assisting with security architecture reviews for new and proposed integrated solutions. Why apply? • Work with one of the largest global vacation and cruise providers and a recognizable brand; • Be a part of a diverse multicultural team and thrive in a fun and inclusive work environment dedicated to providing memorable and affordable vacations; • Work with the leader in cutting-edge technology and programming; • Be certain in your future as our Client is a stable and growing company with increasing revenue; • Receive plenty of coaching and support from the team and current Vitaver consultants. Enjoy a comprehensive employee benefits program: • Get paid on a bi-weekly basis; • During the 1st year of employment - prorated amount of PTO and Sick Time. After - 14 days of PTO annually and 10 days of sick time annually; • Eight paid holidays annually; • Available health, dental, vision plans; • Flexible spending account; • 401K retirement savings plan; • Employee Stock Purchase plan; • Short and long-term disability plan; • Cruise benefits; • Discount and complimentary memberships (various complimentary memberships, discount cards and passes: theme parks, various restaurants, wholesale clubs, car rental agencies and cell phone providers to name a few). Onsite perks: • Fitness center; • Child Development Center; • Café and coffee shop; • Learning Resource Center (LRC); • Discounted dry-cleaning service; • Fuel service & car wash.

Our Company: At red violet, we build proprietary technologies and apply analytical capabilities to deliver identity intelligence. Our technology powers critical solutions, which empower organizations to operate with confidence. Our solutions enable the real-time identification and location of people, businesses, assets and their interrelationships. These solutions are used for purposes including identity verification, risk mitigation, due diligence, fraud detection and prevention, regulatory compliance, and customer acquisition. Our intelligent platform, CORE™, is purpose-built for the enterprise, yet flexible enough for organizations of all sizes, bringing clarity to massive datasets by transforming data into intelligence. Our solutions are used today to enable frictionless commerce, to ensure safety, and to reduce fraud and the concomitant expense borne by society. The Role: Cloud Security Engineer is responsible for ensuring information systems data availability, integrity, authentication, confidentiality, and non-repudiation within the cloud environments. In collaboration with other information security staff and technical teams, this position develops and implements security measures and controls for information systems and networks. The Cloud Security Engineer advises management that systems adhere to established cloud security standards and regulatory requirements. What You Will Do: Advise, design, implement, and maintain security controls and solutions for cloud-based infrastructure and applications. Protects systems by defining and maintaining logical access privileges, access control structures, and processes. Conduct regular security assessments and audits of cloud environments to identify and address vulnerabilities and threats. Collaborate with cross-functional teams to integrate security best practices into cloud architecture and development processes. Provide detailed documentation of all work. Recognizes information security-related problems by identifying abnormalities and reporting violations/exceptions to the appropriate stakeholder(s). Implements cloud security improvements by assessing current situations; evaluating trends; anticipating future requirements. Support the team during security incidents and investigations and work with broad teams to advance the security posture of the company. Assist the stakeholders in identifying and evaluating technical and operational security risks, threats, weaknesses, and vulnerabilities. Identify, advise, and implement new security technologies, including AI, and best practices into the company's cloud infrastructure. Stay up-to-date on emerging threats, vulnerabilities, and security technologies in the cloud space. Cloud & AI Security Design: Design, implement, and maintain security controls for cloud-native and AI-based systems, including ML pipelines, AI APIs, and LLM-integrated services. What You Bring: 2+ years of experience in cloud security engineering. 5+ years of hands-on experience in IT Security or related areas. Experience working with cloud security tools such as Firewall, anti-virus, WAF, SIEM, log management, and system monitoring. Bachelor of Science in Computer Science, Information Technology, Information Security, or related field. Strong communication and collaboration skills with the ability to work effectively with cross-functional teams. Experience with scripting and automation tools (e.g., Python, PowerShell) for security tasks preferred. Deep understanding of cloud computing technologies (e.g., AWS, Azure, Google Cloud) and associated security controls. Strong knowledge of security principles, standards, and best practices (e.g., NIST, ISO 27001, PCI, SOC). Able to use sound judgment; work independently, with minimal supervision Applicants must have permanent work authorization in the U.S.; we are not sponsoring visas for this role. What We Offer: red violet offers excellent benefits including opportunity for stock (RSU) grants, a 401K and generous company match, flexible PTO policy, medical, dental and vision coverage, commuter benefits, in-office healthy snacks, team events and more. red violet is proud to be an Equal Opportunity Employer.

At ITRADE STEM, we are shaping the future by fostering job creation and advancing key industries such as space, technology, energy, and manufacturing. Through innovative programs, we equip individuals with career opportunities that enhance essential skills and promote sustainable growth. Join us in our mission to redefine the possibilities of STEM! Job Overview: We are seeking a seasoned Concierge Security Engineer (CSE) to join our team in Fort Lauderdale, FL. The Concierge Security Engineer will build and maintain strong partnerships with customers while delivering customized security solutions. Core duties include investigating security incidents, configuring and troubleshooting data sources, and ensuring smooth service delivery. Respond promptly to customer requests for guidance, information, or support promptly, coordinating with other teams when needed. Foster proactive communication and collaboration with internal and external stakeholders. The Concierge Security Engineer (CSE) role combines the expertise of an IT Security Analyst, Security Architect, and Incident Response Consultant. Success requires both strong technical capabilities and the ability to communicate complex security concepts clearly and effectively to a non-technical audience. RESPONSIBILITIES: Build and nurture exceptional relationships with customers, ensuring a strong and lasting partnership. Deliver security solutions directly to customers, including, configuring, troubleshooting, and verifying data sources. Respond promptly to customers requests for guidance, information, or support, escalating issues as necessary and coordinating with other teams to ensure resolution. Proactively engage and communicate with both internal and external stakeholders to foster collaboration and transparency. Serve in a multifaceted role that blends responsibilities of an IT Security Analyst, Security Architect, and Incident Response Consultant. REQUIREMENTS: Bachelor's degree in Computer Science, Information Security, or related discipline. Strong understanding of IT security principles, standards, and best practices. Experience with security information and event management (SIEM) platforms Excellent communication skills with ability to convey complex technical concepts to non-technical audiences Knowledge with leading security frameworks such as NIST, ISO 27001, CIS. Proficiency with security tools, threat detection techniques, and incident response procedures Strong analytical skills, a problem-solving mindset, and a commitment to delivering excellent customer services.

Job Description Hire Via is looking for a highly skilled IT Security Engineer to join our dynamic team within the computer software industry. In this critical role, you will be responsible for safeguarding our organization's information systems and ensuring that our network remains secure from internal and external threats. As an IT Security Engineer, you will design and implement robust security architectures, conduct vulnerability assessments, and develop comprehensive security policies that mitigate risks. Your expertise will help us maintain compliance with various regulatory requirements and industry standards, fostering an environment where innovation and security go hand-in-hand. You will collaborate closely with cross-functional teams to implement best practices in security and provide training and guidance on security awareness across the organization. This is an exciting opportunity for individuals who are passionate about cybersecurity and are eager to make a significant impact on our organization's security posture. If you thrive in a fast-paced and challenging environment, and have a strong desire to stay ahead of the evolving cybersecurity landscape, we encourage you to apply and join us in our mission to protect our digital assets and maintain the trust of our clients. Responsibilities Design and implement security measures to protect the organization's information systems. Conduct regular security assessments and audits to identify vulnerabilities and risks. Develop and update security policies and procedures based on best practices and regulatory requirements. Monitor network traffic for unusual activity and respond to security incidents as they arise. Collaborate with IT teams to ensure secure software development practices are followed. Provide security awareness training to employees and stakeholders. Stay up-to-date with the latest security trends, threats, and technologies. Requirements Bachelor's degree in Computer Science, Information Technology, or a related field. Proven experience in IT security or a related role, preferably in the software industry. Strong understanding of security protocols, cryptography, and authentication systems. Experience with firewalls, intrusion detection systems, and other security technologies. Familiarity with regulatory requirements such as GDPR, HIPAA, or PCI-DSS. Certifications such as CISSP, CISM, or CEH are preferred. Excellent problem-solving skills and attention to detail. Benefits sssadasadadddddddddddddddddddddhhbhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh

Support / Security Engineer Location: Hybrid We are seeking a highly skilled Full Stack .NET Software Engineer to join our team. The ideal candidate will have experience in developing web applications using .NET technologies and will be responsible for designing, developing, and maintaining software applications. Responsibilities: Design, develop, and maintain software applications using .NET technologies Collaborate with cross-functional teams to identify and prioritize software features Write clean, efficient, and well-documented code Participate in code reviews and provide constructive feedback to other team members Stay up-to-date with emerging trends and technologies in software development Requirements: Bachelor's degree in Computer Science or related field 3+ years of experience in developing web applications using .NET technologies Strong knowledge of C#, ASP.NET, MVC, and SQL Server Experience with front-end technologies such as HTML, CSS, JavaScript, and jQuery Experience with Agile development methodologies Excellent problem-solving and analytical skills Experience with Vulnerability Tool, example rapid 7 Experience with Incident response Management Experience with ISO, SOC2 and NIST frameworks Experience with configuring, supporting and monitoring Azure Cloud Security Infrastructure, example WAF, Firewalls Strong communication and collaboration skills

We are seeking a skilled and motivated Web Application Security Engineer to join our team. As a Web Application Security Engineer, your primary focus will be on managing, monitoring, and responding to security alerts generated by the security tools, while also possessing a solid understanding of various aspects of web application security. You will work closely with development teams to ensure the continuous effectiveness of security measures, identify vulnerabilities, and implement appropriate controls. The ideal candidate will have a strong technical background, a good understanding of web application security principles, and the ability to excel in managing, monitoring, and responding to security alerts. Responsibilities Assist in determining needs and implementing configurations of various tools based on incoming requests. Assist in the testing and validation of security controls to ensure their effectiveness and compliance with industry standards. Manage, monitor, and respond to security alerts generated by the security tools specific to our web application environment. Investigate and triage security alerts, taking appropriate actions and escalations as necessary. Assist in security assessments and penetration testing to identify potential vulnerabilities and recommend suitable solutions. Monitor security logs, alerts, and events to proactively identify potential security incidents. Create and maintain metrics to track the performance and efficacy of security tools, programs, and controls. Contribute to compliance efforts by ensuring adherence to relevant security standards, regulations, and policies. Stay updated with the latest web application security trends, emerging threats, and industry best practices to enhance security measures. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 3-5 years of relevant experience in web application security, with proficiency in programming languages (HTML, CSS, JavaScript, ASP.NET, PHP, Java, etc.). At least one industry standard certification such as Certified Ethical Hacker (CEH), GIAC Certified Web Application Defender (GWEB), Certified Information Systems Security Professional (CISSP), Certified Application Security Engineer (CASE) or other security vendor certification. Understanding of web application security fundamentals, secure coding practices, and common vulnerabilities (such as SQL injections, cross-site scripting). Demonstrated experience in managing, monitoring, and responding to security alerts generated by security tools and programs specific to web application security. Experience with managing and maintaining Content Delivery Networks (CDNs) and their configurations, preferably Cloudflare. Familiarity with security testing and assessment tools (such as Burp Suite, OWASP ZAP, Nikto, Nessus, Nmap) and their application in vulnerability identification and mitigation. Knowledge of secure software development lifecycle (SDLC) methodologies and ability to apply security principles throughout the development process. Familiarity with security standards and frameworks (OWASP, NIST, PCI DSS, ISO 27001) and their practical application in securing web applications. Excellent communication and collaboration skills with the ability to work effectively with technical and nontechnical stakeholders. Strong analytical mindset and problem-solving abilities to identify and address security risks and vulnerabilities. Self-motivated with a passion for continuous learning and professional development in the field of web application security. Native American Preference Policy: The Tribal Council gives preference in all of its employment practices to Native Americans. First preference in hiring, training, promoting and in all other aspects of employment is given to members of the Seminole Tribe who meet the job requirements. Second preference is given to members of other federally recognized Native American Tribes who meet the job requirements. We can recommend jobs specifically for you! Click here to get started.

Loyola Marymount University (LMU) is seeking an experienced leader to serve as Director of Information Security & Compliance within our Information Technology Services (ITS) team. This role offers a strategic opportunity to shape and safeguard the university's digital environment, drive proactive risk management, and embed a culture of security across the organization. Reporting directly to the CIO/VP of IT, the Director will architect and manage a best-in-class information security and compliance program that supports LMU's mission of learning, holistic education, service, and justice. Under the general direction of the CIO/Vice President for Information Technology, the Director of Information Security and Compliance will serve as the University's Cybersecurity leader. The Director will create a modern and effective Information Security and Compliance Program that will drive the university's efforts to protect its information assets and ensure compliance with relevant regulations and standards. This role is pivotal in creating a secure and compliant digital environment that supports LMU's mission, values, and goals. The Director will leverage partnerships and collaboration to lead initiatives that result in measurable improvements in information security and compliance, fostering a culture of security awareness and proactive risk management. The Director will serve as the process owner of the appropriate second-line assurance activities not only related to confidentiality, integrity and availability, but also to the safety, privacy and recovery of information owned or processed by LMU in compliance with regulatory and university requirements. The Director will oversee the university's compliance with applicable laws, regulations, and policies related to information security and privacy. Position Specific Responsibilities/Accountabilities Enhance Security Posture: Develop and implement a comprehensive cybersecurity program that significantly reduces risks and vulnerabilities across the university's digital landscape. Ensure Regulatory Compliance: Achieve and maintain compliance with relevant regulations and standards, ensuring that LMU meets all legal and regulatory requirements. Collaborative Protection: Work closely with various campus partners, external stakeholders, and community partners to ensure that information assets and associated technologies are protected, resulting in a cohesive, unified, and well understood approach to information security and compliance. Risk Management: Conduct thorough risk assessments and implement effective mitigation strategies, leading to a demonstrable reduction in potential threats. Incident Response: Oversee and improve incident response and recovery efforts, ensuring swift and effective investigation and resolution of security incidents. Policy Development: Create and enforce robust policies and procedures that safeguard information assets, leading to a well-documented and easily accessible framework for cybersecurity. Training and Awareness: Provide comprehensive training and guidance to staff on cybersecurity best practices, resulting in a well-informed and vigilant workforce. Monitoring and Reporting: Continuously monitor and report on the effectiveness of the cybersecurity program, providing clear metrics and insights that demonstrate progress and areas for improvement. Leadership and Strategy: Plan and manage the strategy, people, processes, tools, services, and resources necessary to effectively support the program and meet strategic goals. Business Continuity and Disaster Recovery: Orchestrate a secure, robust, and highly reliable approach to providing ITS services, during and after a disaster or disruption, to minimize negative impacts to business operations and maintain essential services. Data Governance: Oversee the university's data governance efforts, ensuring that data is managed securely and in compliance with university policies and legal requirements. Perform other related duties. Loyola Marymount University Expectations Exhibit behavior that supports the mission, vision, and values of the university. Communicate and employ interpersonal actions that model high standards of professional, responsible, accountable, and ethical conduct. Demonstrate a commitment to outstanding customer service. Requisite Qualifications Typically a Bachelor's Degree from an accredited four-year institution in Computer Science, Information Technology, or Cybersecurity. Seven years of experience in information security, with at least three years in a management role. Experience in developing and implementing technology policy, especially in a University environment is desirable. Professional certifications such as CISSP, CISM, or CISA are highly desirable. Experience in developing and implementing technology policy, preferably in a University environment.\ Strong knowledge of frameworks, standards, and best practices relating to Information Security, Privacy, Data Governance, and Business Continuity and Disaster Recovery Experience with regulatory compliance requirements (e.g., i.e. FERPA, HIPAA, GDPR, CCPA, and PCI-DSS). Demonstrated excellent verbal and written communication skills, as well as presentation skills. Writing samples may be required. Excellent analytical, problem-solving, and decision-making skills. Strong communication and interpersonal skills, with the ability to effectively collaborate with diverse stakeholders. Demonstrated ability to lead and manage a team of security professionals. The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of this position. #HERC# #HEJ# Staff Regular Salary range $146,800.00 - $205,500.00 Salary commensurate with education and experience. Please note that this position is not eligible for visa sponsorship now or in the future. Loyola Marymount University, a Carnegie classified R2 institution in the mainstream of American Catholic higher education, seeks outstanding applicants who value its mission and share its commitment to inclusive excellence, the education of the whole person, and the building of a just society. LMU is an equal opportunity employer committed to providing an environment free from discrimination and harassment as defined by federal, state and local law. We invite all persons in the full diversity of their being, life experience, and beliefs to apply. (Visit *********** for more information.)

Job Description We are seeking a skilled and motivated Web Application Security Engineer to join our team. As a Web Application Security Engineer, your primary focus will be on managing, monitoring, and responding to security alerts generated by the security tools, while also possessing a solid understanding of various aspects of web application security. You will work closely with development teams to ensure the continuous effectiveness of security measures, identify vulnerabilities, and implement appropriate controls. The ideal candidate will have a strong technical background, a good understanding of web application security principles, and the ability to excel in managing, monitoring, and responding to security alerts. Responsibilities Assist in determining needs and implementing configurations of various tools based on incoming requests. Assist in the testing and validation of security controls to ensure their effectiveness and compliance with industry standards. Manage, monitor, and respond to security alerts generated by the security tools specific to our web application environment. Investigate and triage security alerts, taking appropriate actions and escalations as necessary. Assist in security assessments and penetration testing to identify potential vulnerabilities and recommend suitable solutions. Monitor security logs, alerts, and events to proactively identify potential security incidents. Create and maintain metrics to track the performance and efficacy of security tools, programs, and controls. Contribute to compliance efforts by ensuring adherence to relevant security standards, regulations, and policies. Stay updated with the latest web application security trends, emerging threats, and industry best practices to enhance security measures. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 3-5 years of relevant experience in web application security, with proficiency in programming languages (HTML, CSS, JavaScript, ASP.NET, PHP, Java, etc.). At least one industry standard certification such as Certified Ethical Hacker (CEH), GIAC Certified Web Application Defender (GWEB), Certified Information Systems Security Professional (CISSP), Certified Application Security Engineer (CASE) or other security vendor certification. Understanding of web application security fundamentals, secure coding practices, and common vulnerabilities (such as SQL injections, cross-site scripting). Demonstrated experience in managing, monitoring, and responding to security alerts generated by security tools and programs specific to web application security. Experience with managing and maintaining Content Delivery Networks (CDNs) and their configurations, preferably Cloudflare. Familiarity with security testing and assessment tools (such as Burp Suite, OWASP ZAP, Nikto, Nessus, Nmap) and their application in vulnerability identification and mitigation. Knowledge of secure software development lifecycle (SDLC) methodologies and ability to apply security principles throughout the development process. Familiarity with security standards and frameworks (OWASP, NIST, PCI DSS, ISO 27001) and their practical application in securing web applications. Excellent communication and collaboration skills with the ability to work effectively with technical and nontechnical stakeholders. Strong analytical mindset and problem-solving abilities to identify and address security risks and vulnerabilities. Self-motivated with a passion for continuous learning and professional development in the field of web application security. Native American Preference Policy: The Tribal Council gives preference in all of its employment practices to Native Americans. First preference in hiring, training, promoting and in all other aspects of employment is given to members of the Seminole Tribe who meet the job requirements. Second preference is given to members of other federally recognized Native American Tribes who meet the job requirements.

We are seeking a Channel Security Engineer (SE) based in Miami to partner closely with our Channel Sales team. This role is instrumental in driving technical alignment and growth across Fortinet's partner ecosystem. The SE will play a key role in pre-sales technical support, partner enablement, solution development, and driving joint strategy with our channel partners. The ideal candidate will possess a strong network security background, with additional experience in cloud security, SASE, application security, OT, and SecOps being highly desirable. Experience working with or for resellers, MSSPs, or security vendors is considered a strong asset. We are looking for: Develop and execute a joint strategy in collaboration with your aligned Channel Account Manager (CAM), aligning partner initiatives with Fortinet's overall goals. Collaborate with Fortinet field teams (sales, SEs, marketing, overlays) and partner stakeholders (sales, technical, professional services, managed services) to build and launch joint go-to-market solutions. Drive sales growth in core network security while expanding partner capabilities across the broader Fortinet portfolio. Consult on the development of managed service offerings with key partners to address evolving customer and market demands. Act as the primary technical contact for assigned partners, working closely with the aligned CAM(s) to support and advance the partnership. Maintain a deep technical understanding of Fortinet products, the competitive landscape, and the latest security trends to articulate Fortinet's value and differentiation. Confidently present Fortinet solutions through whiteboarding, demonstrations, technical planning, and collaborative customer discussions…both remotely and in person. Manage multiple deals and initiatives simultaneously while ensuring a positive and professional experience for partners and customers. Deliver weekly updates to leadership on progress, partner engagement, and strategic initiatives. Host and participate in technical webinars, hands-on demos, and other partner-facing enablement activities. Support partner technical training events, including Fast Tracks and workshops, for SEs, Solutions Architects, and Professional Services engineers. Travel to partner sites and attend partner events (including occasional after-hours commitments) as needed to support relationship development and technical engagement. Engage across multiple business units within the partner ecosystem, including Cloud, Security, Pre-Sales, and Managed Services, prioritizing efforts based on mutual objectives. Candidates experience: 5-8 years of experience in technical pre-sales roles such as Pre-Sales Engineer, Solutions Architect, or Security Specialist. A proven ability to think strategically and act independently to drive sales opportunities to technical closure. A background in managing end-to-end technical aspects of deals, including scoping, solution design, and closure. Demonstrated problem-solving skills that have directly contributed to successful outcomes and key wins. Experience in building and maintaining technical relationships with channel partners, and the ability to effectively communicate with both internal and external stakeholders. Strong public speaking, presentation, and training skills, with the ability to convey complex technical topics to diverse audiences. Excellent written and verbal communication skills. Ability to clearly explain technical solutions and architectures using whiteboarding, Visio, or similar diagramming tools. A strong foundation in networking and security protocols, including TCP/IP, IPv4/IPv6, subnetting, DNS, HTTP, SMTP, RADIUS, LDAP, Active Directory, PKI, IKE, certificates, L2TP, SSL VPN, IPSEC, 802.1Q, VLANs, LACP, MD5, SSH, SSL, SHA1/512, 3DES, AES. Hands-on experience with technical troubleshooting in complex network or security environments. Deep technical knowledge in key technologies such as encryption and authentication, Wi-Fi, load balancing, application delivery, Ethernet switching, APIs, two-factor authentication, malware sandboxing, secure email gateways, WAF, cloud platforms (AWS, Azure), SDN, NFV, virtualization, centralized management tools, and security operations platforms (SIEM, EDR, MDR, XDR, NDR). Previous experience working for a vendor or reseller is considered an asset. Fortinet NSE certifications are an asset. Why Join Us: We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being. Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.

Responsibilities: Responsible for developing cloud security strategies, monitoring and integration into Security Operations. Responsible for establishing security engineering / operations frameworks for various cloud security technologies. Experience with and responsible for developing & deploying new security cloud technologies and operationalizing: alerts, metrics, scorecards, monitoring, & maintenance. Participate in project teams providing consultation on cloud security DevOps initiatives. Work on improvements including the development of new tools, automation, and integration. Responsible for interconnecting various security event sources: server logs, network, various security devices, threat feeds, antivirus, malware, vulnerability scanners, net flow, etc. Responsible for designing and operationalizing all aspects of our security infrastructure, including cloud environments. Responsible for rolling up your sleeves and getting stuff done. This is a hands-on position. Required Skills: Strong understanding of the security / risk landscape: Layers 2 - 7. Proven track record with enterprise cloud security technologies. Strong security tooling background, DevOps experience, including automating tasks. Technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security. Knowledge of system security vulnerabilities and remediation techniques. Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) Creative, problem-solving approach to projects. Excellent written and verbal communication skills. Strong analytical capabilities and have a desire to learn new things. Experience working with complex, sophisticated environments. Resourceful and well organized. Willingness to provide feedback in challenging situations. Experience: Three years of experience working in a security operations role. Certifications like CISSP, CISM, CISA, CEH, GCIH, GCIA, etc. A bachelor's degree in computer science or equivalent work experience. Additional Information All your information will be kept confidential according to EEO guidelines.

Miami-Dade County Public Schools (M-DCPS), an A-rated district, is the nation's third largest school system with nearly 500 schools and a diverse enrollment of more than 335,500 students from over 160 countries. Our ongoing tradition of groundbreaking achievement has earned top recognition at the national and international levels and makes M-DCPS your best choice. We encourage you to submit/upload to your applicant profile attachments section any of the following documentation: * Resume * Cover letter * Letters of recommendation * Official transcripts (high school or college) * Certificate of competency (Skilled Trades) * Valid driver's license Please upload any of the available documents to your attachments section. * Official SEALED transcripts must be submitted to M-DCPS via one of the following: * In Person U.S. Mail addressed to: Miami-Dade County Public Schools, Transcript Desk, 1450 NE 2nd Avenue, Suite 150 Miami, FL 33132 * Electronic Mail to: *************************** * You must use National Student Clearinghouse, Parchment, or eScrip-Safe to request an electronic transcript via email. Please note that not all colleges/universities participate in the electronic transcript exchange. Salary Minimum: $15.09 Job Detail: *********************************************** * We are an equal opportunity employer.

We are seeking a skilled and motivated Web Application Security Engineer to join our team. As a Web Application Security Engineer, your primary focus will be on managing, monitoring, and responding to security alerts generated by the security tools, while also possessing a solid understanding of various aspects of web application security. You will work closely with development teams to ensure the continuous effectiveness of security measures, identify vulnerabilities, and implement appropriate controls. The ideal candidate will have a strong technical background, a good understanding of web application security principles, and the ability to excel in managing, monitoring, and responding to security alerts. Responsibilities * Assist in determining needs and implementing configurations of various tools based on incoming requests. * Assist in the testing and validation of security controls to ensure their effectiveness and compliance with industry standards. * Manage, monitor, and respond to security alerts generated by the security tools specific to our web application environment. * Investigate and triage security alerts, taking appropriate actions and escalations as necessary. * Assist in security assessments and penetration testing to identify potential vulnerabilities and recommend suitable solutions. * Monitor security logs, alerts, and events to proactively identify potential security incidents. * Create and maintain metrics to track the performance and efficacy of security tools, programs, and controls. * Contribute to compliance efforts by ensuring adherence to relevant security standards, regulations, and policies. * Stay updated with the latest web application security trends, emerging threats, and industry best practices to enhance security measures. Qualifications * Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). * 3-5 years of relevant experience in web application security, with proficiency in programming languages (HTML, CSS, JavaScript, ASP.NET, PHP, Java, etc.). * At least one industry standard certification such as Certified Ethical Hacker (CEH), GIAC Certified Web Application Defender (GWEB), Certified Information Systems Security Professional (CISSP), Certified Application Security Engineer (CASE) or other security vendor certification. * Understanding of web application security fundamentals, secure coding practices, and common vulnerabilities (such as SQL injections, cross-site scripting). * Demonstrated experience in managing, monitoring, and responding to security alerts generated by security tools and programs specific to web application security. * Experience with managing and maintaining Content Delivery Networks (CDNs) and their configurations, preferably Cloudflare. * Familiarity with security testing and assessment tools (such as Burp Suite, OWASP ZAP, Nikto, Nessus, Nmap) and their application in vulnerability identification and mitigation. * Knowledge of secure software development lifecycle (SDLC) methodologies and ability to apply security principles throughout the development process. * Familiarity with security standards and frameworks (OWASP, NIST, PCI DSS, ISO 27001) and their practical application in securing web applications. * Excellent communication and collaboration skills with the ability to work effectively with technical and nontechnical stakeholders. * Strong analytical mindset and problem-solving abilities to identify and address security risks and vulnerabilities. * Self-motivated with a passion for continuous learning and professional development in the field of web application security. Native American Preference Policy: The Tribal Council gives preference in all of its employment practices to Native Americans. First preference in hiring, training, promoting and in all other aspects of employment is given to members of the Seminole Tribe who meet the job requirements. Second preference is given to members of other federally recognized Native American Tribes who meet the job requirements.

Job Description At ITRADE STEM, we are shaping the future by fostering job creation and advancing key industries such as space, technology, energy, and manufacturing. Through innovative programs, we equip individuals with career opportunities that enhance essential skills and promote sustainable growth. Join us in our mission to redefine the possibilities of STEM! Job Overview: We are seeking a seasoned Concierge Security Engineer (CSE) to join our team in Fort Lauderdale, FL. The Concierge Security Engineer will build and maintain strong partnerships with customers while delivering customized security solutions. Core duties include investigating security incidents, configuring and troubleshooting data sources, and ensuring smooth service delivery. Respond promptly to customer requests for guidance, information, or support promptly, coordinating with other teams when needed. Foster proactive communication and collaboration with internal and external stakeholders. The Concierge Security Engineer (CSE) role combines the expertise of an IT Security Analyst, Security Architect, and Incident Response Consultant. Success requires both strong technical capabilities and the ability to communicate complex security concepts clearly and effectively to a non-technical audience. RESPONSIBILITIES: Build and nurture exceptional relationships with customers, ensuring a strong and lasting partnership. Deliver security solutions directly to customers, including, configuring, troubleshooting, and verifying data sources. Respond promptly to customers requests for guidance, information, or support, escalating issues as necessary and coordinating with other teams to ensure resolution. Proactively engage and communicate with both internal and external stakeholders to foster collaboration and transparency. Serve in a multifaceted role that blends responsibilities of an IT Security Analyst, Security Architect, and Incident Response Consultant. REQUIREMENTS: Bachelor's degree in Computer Science, Information Security, or related discipline. Strong understanding of IT security principles, standards, and best practices. Experience with security information and event management (SIEM) platforms Excellent communication skills with ability to convey complex technical concepts to non-technical audiences Knowledge with leading security frameworks such as NIST, ISO 27001, CIS. Proficiency with security tools, threat detection techniques, and incident response procedures Strong analytical skills, a problem-solving mindset, and a commitment to delivering excellent customer services.

ISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.

Job Description Cloud Security Engineers are responsible for the secure operations of cloud infrastructure, platforms, and software, including the installation, maintenance, and improvement of cloud computing environments. They also help develop new designs and security strategies across cloud-based and hybrid applications, infrastructure, platforms, and SaaS. Leads the analysis, implementation, execution, and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains and reviews security systems while assessing security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration, or denial of access to information. Follows standard practices and procedures in analyzing situations or data. This position reports to the Director of Information Security. Responsibilities The primary duties and responsibilities of the Cloud Security Engineer are: Assessing Existing Infrastructure and Identifying Threats. Providing recommendations on New Infrastructure and Threat Modeling to assist in stakeholder decisions. Developing, solutioning, operating, maintaining, and supporting a secure cloud environment with technologies including but not limited to: Servers, Storage, Network services, Enterprise applications, Cloud platform support, Automation, CI/CD, Managing cryptography and encryption, IAM, Threat Detection, Logging, PKI, SaaS, and PaaS. Monitoring for and responding to incidents in cloud environments. Keeping cloud infrastructure current, making recommendations, and continually improving cloud security technologies. Analyzing, designing, and developing programs, shell scripts, tests, and infrastructure automation capabilities. Develop security standards in partnership with Engineering, Infrastructure Services, and Application Development. Representing the cloud security team in change control activities and ensure proposed changes are in alignment with security best practices. Staying abreast with security standards and emerging vulnerabilities/threats to proactively resolve/remediate/mitigate. Engage in digital forensics to investigate breaches or security incidents in the cloud. Collaborate with Disaster Recovery and Business Continuity Teams and play a pivotal role in developing, testing, and refining disaster recovery plans tailored for cloud environments. Empower the Security Compliance and Data Protection Team to audit cloud environments to ensure compliance and pinpoint areas of improvement. Using metrics and KPIs to drive and further Security Posture Initiatives. Establish and maintain a feedback mechanism where security measures are not only implemented but also refined based on feedback to enhance security protocols continuously. Performing other security team relevant duties and responsibilities as assigned. Participate in incident response activities as assigned. Preferred Experience Experience in designing, deploying and operating secure cloud solutions, including design documentation, assessment of risk, cost impact, and proposal of savings. Experience with Cloud Security Posture Management, Cloud Workload Management, SaaS Security Posture Management, Cloud Network Security, Cloud Native Application Protection and Cloud Identity Security. Deep technical knowledge of on-prem Data Center technologies as well as Cloud Service, PaaS and SaaS Providers. Has experience writing formal security assessments and ad-hoc security reports. Experience working as part of a security incident response team as needed and key escalation point for all cloud related incidents. Experience delivering security metrics and measurement capability to demonstrate operational security posture. Experience in data protection and privacy management. Skills Required Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus. Clear ability to build strong relationships and establish trust with stakeholders at all levels. Excellent verbal and written communications skills. Multiple language abilities preferred - fluency in English (written and spoken) required. Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner. Ability to solve complex problems in a timely manner by working with multiple stakeholders. Ability to manage multiple tasks and work streams effectively. Ability to follow detailed procedures and processes with a high degree of accuracy. Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product. Deep understanding of Cyber Security control environments and their relationship to zero-trust networks. Display a keen ability to adapt to new tools, technologies, and evolving threat landscapes in the realm of cloud security. Experience in 3 or more of the following: network design, mobile security, network and firewall security technologies, SaaS/PaaS Security, vulnerability management or penetration testing. Flexibility to travel as required up to 15% overnight travel. Qualifications Experience / Education / Certifications Bachelor's degree preferred in Computer Sciences, Information Technology, Information Security or other related field Three (3) years or more experience with architecting and operating solutions involving one or more cloud service providers Microsoft Azure, AWS, GCP, etc. Five (5) years of Cyber Security related work experience Practical knowledge of any combination of Payment Card Industry (PCI), GDPR, NIST standards, or ISO27000 series. At least one industry standard certification such as CCSK, CCSP, Certified Information Systems Security Professional (CISSP), or other Cloud Security certification. #IndeedSHRSS #LI-Hybrid #zipcorpor