Security architect jobs in Portland, ME

Immediate need for a talented Cloud Security Engineer. This is a 12 months contract opportunity with long-term potential and is located in Westlake, TX/ Merrimack, NH(Onsite). Please review the job description below and contact me ASAP if you are interested. Job Diva ID: 25-95092 Pay Range: $70 - $75 /hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Designing, scaling, and deploying various cloud security controls and services Building processes and workflows along with a consolidated and collaborative integration of IaaS, SaaS, and PaaS cloud services Ensuring seamless user experience with advanced security and compliance of our cloud infrastructure Maintaining and containing business risk as it pertains to the Azure cloud infrastructure Working across teams and Business Units to define requirements and deliver solutions Building comprehensive security controls to enforce policy Supporting business unit technologists deploying to the public cloud Key Requirements and Technology Experience: Key skills; Azure Policy Exp Azure Security Services - Security Center, Key Vault, Log Analytics Identity and Access Management Exp Prior Software Engineering background, any language is fine but someone coming from a Sys Admin/Devops background won't be the right fit here. 6-9 years of experience in IT infrastructure, security, compliance A strong understanding of Azure services and security capabilities Solid hands-on experience with at least two of the following: Engineering/operational support of cloud account configuration in AWS or Azure Software Development, Linux Systems Administration, Data Networking Hands-on configuration of CI/CD pipelines for cloud-native deployments Very strong with scripting languages, including integration with CSP APIs; python preferred Azure Networking Identity and Access Management - RBAC Azure Policies Azure Security Services - Security Center, Key Vault, Log Analytics Azure ARM/PowerShell Ability to work with application and security teams to promote a secure posture in the cloud You can mentor and train other team members to work effectively in the cloud You are a self-starter who can independently by reading technical documentation Advanced Azure Certifications Our client is a leading financial Industry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. By applying to our jobs, you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

The Performance Architect will analyze system performance metrics and identify bottlenecks, providing recommendations for optimization and improvement. They will collaborate with development and operations teams to integrate performance considerations into the software development lifecycle, ensuring performance is a key focus from the outset. This role will develop and maintain performance testing frameworks and tools, ensuring they are up-to-date with the latest technologies and best practices. Essential Functions/Responsibilities Troubleshoots, isolates and resolves applications code issues and other technical problems (hardware, software, Infra and network). Implement and recommend performance improvements on cloud (GCP/Azure) and on-prem for tiered environments. Establish and enable golden signal for Application Health, build dashboards, identifying and establishing SLA's, set up alerting, logging and tracing as required. Use network profiling using tools like WireShark, Fiddler as necessary to troubleshoot issues Perform root cause analysis of Production performance issues and recommend fixes to developers on corrective actions. Work with other performance engineers on implementing a Continuous Performance program to support long-term application reliability and growth. Should be able to set up and run automated performance tests using Docker image to spin up, build and destroy load test infrastructure. Design, script, configure and run performance tests to validate system performance and stability. Conduct performance analysis, benchmarking, and modeling to identify performance bottlenecks, optimize system parameters, and guide architectural enhancements. Actively monitors the systems in PROD/non-prod environments and alerts the core group to prevent issues from happening. Creation, maintain Performance Test Strategy and roadmap for the org, Automated Test data creation strategy & Reporting strategy etc. Should be able to research on latest industry trends and enhancements to keep our tech stack latest and up to mark. Minimum requirements: Bachelor's Degree in Computer or software engineering 10 years Performance / Software Engineering Experience in working with enterprise level large systems tuning & troubleshooting. 3+ years of experience in Performance Monitoring tool like Dynatrace , App Dynamics or New Relic. 7+ years of experience in load testing tools like Load Runner , JMeter or Neoload. 1+ years of experience in log monitoring tools like ELK , Splunk , ServiceNow 2+ years of experience working on tools like Jenkins , Github Actions etc. Preferred qualifications: Master's Degree in Computer or software engineering 3+ year of experience working database tuning like MongoDB or Oracle or SQL. 2+ years of experience analyzing top running queries in DB & tuning indexes. 1+ years of working experience in application memory management & tuning etc

Our client, a leader in their industry, has an excellent opportunity for a Privileged Access Management (PAM) Architect to work on a 12-month+ contract position in Boston, MA. This position is hybrid onsite two weeks a month and candidates must be local to the metro area or willing to relocate. Due to client requirement, applicants must be willing and able to work on a w2 basis. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance. Rate: $100/hour - $110/hour w-2 Responsibilities: • Develop a comprehensive PAM architecture strategy aligned with organizational goals and regulatory standards. • Design and deploy PAM solutions with an emphasis on workload access controls and secrets management. • Implement and manage secrets management platforms, ensuring secure handling of privileged credentials. • Utilize frameworks like SPIFFE and SPIRE for secure, standardized workload identities. • Leverage tools such as Cyberark, Delinea, HashiCorp Vault, and Microsoft Entra ID to optimize access controls. Requirements: • 20+ year of IT experience with10+ years of experience delivering cybersecurity architecture within regulated industries. • Bachelor's degree in Information Security, Computer Science, or related field (Master's preferred). • Expertise in PAM solution architecture, including secrets management using HashiCorp Vault. • Strong understanding of identity and access management, PAM security controls, and regulatory frameworks (e.g., PCI DSS, HIPAA, GDPR). • Exceptional leadership, communication, and stakeholder engagement skills. Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range. W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality. Please be advised- If anyone reaches out to you about an open position connected with Eliassen Group, please confirm that they have an Eliassen.com email address and never provide personal or financial information to anyone who is not clearly associated with Eliassen Group. If you have any indication of fraudulent activity, please contact ********************. Job ID: JN -112025-104408

The Company Privately held company headquartered Northern Massachusetts (Rt 495) the company operates an integrated light manufacturing and distribution center, with two third-party overflow warehouses in the U.S. With approximately $150 million in annual revenue, over 450 employees. The Position The company is seeking a Director of Information Technology & Security to be responsible for leading the company's technology foundation across IT operations, infrastructure, cybersecurity, and software engineering. This senior leader will oversee the day-to-day performance, reliability, security, and efficiency of all IT systems and services, while ensuring the successful delivery of custom software solutions that support manufacturing and broader business operations. Reporting to the Chief Technology Officer, this role will also serve as a member of company's Senior Leadership Team. The Director will partner closely with the Director of Digital Transformation and the Director of the Project Management Office (PMO) to drive innovation and digital transformation initiatives, ensuring that technical execution aligns with business goals. As a senior technology leader, this individual will provide leadership continuity and support executive decision-making when needed, helping to keep operations and strategic initiatives on track. The Director of Information Technology & Security will provide strategic and operational leadership across IT infrastructure, cybersecurity, and software engineering to ensure reliable, secure, and high-performing technology services. This individual will guide the evolution of Company's technology environment, strengthen system reliability and security, and enable scalable digital capabilities that support the needs of a growing manufacturing organization. The Director will also provide strategic guidance to the CTO on operational and technical matters, contributing to long-term IT strategy, technology roadmaps, and budget planning, while championing continuous improvement through analysis of incident trends and service performance. Through cross-functional collaboration and forward-looking leadership, the Director will help ensure Company's technology ecosystem remains robust, efficient, and positioned for long-term success. Principal Responsibilities & Duties: Lead IT operations, including infrastructure, networking, system administration, and the Help Desk, ensuring high availability, performance, security, and timely issue resolution while managing IT assets across their lifecycle. Expand and mature IT service management (ITSM) processes and enforce SLAs/OLAs, driving accountability, continuous improvement, capacity planning, availability management, and disaster recovery aligned with business continuity goals. Serve as the senior cybersecurity leader, overseeing policies, controls, incident response, and compliance to protect company systems and data. Provide strategic direction and leadership for software engineering, managing development projects, automation, systems integration, and the Software Development Manager while fostering a high-performance, collaborative culture. Partner with the Directors of Digital Transformation and PMO to align IT operations and development with innovation priorities, including AI adoption, factory floor automation, advanced analytics, process optimization, and timely project delivery The Candidate The company is seeking an experienced and strategic Director of Information Technology & Security to lead and evolve their technology foundation in support of our growing manufacturing organization. The ideal candidate will be an experienced and strategic technology leader with a strong background in IT operations, cybersecurity, infrastructure management, and software engineering. The company seeks a collaborative, proactive, and adaptable leader who can drive operational excellence while fostering innovation and cross-functional alignment. This individual will have a proven track record of leading high-performing IT teams, navigating both operational and project-based work, and influencing stakeholders across departments to deliver measurable results. This role requires a hands-on, customer-focused, and risk-conscious leader with excellent communication and collaboration skills. A successful candidate will bring strong problem-solving abilities, curiosity, accountability, and a stakeholder-centric mindset, while integrating IT operations with digital transformation initiatives, manufacturing systems, and ERP platforms. This is a flexible hybrid role, with an expectation of at least three days per week in office. During the initial six months, on-site presence will be required four to five days per week to support onboarding and integration. Summary of Requirements: Bachelor's degree in Information Technology, Computer Science, or a related field; advanced or security-related certifications (CISSP, CISM, CSSM, CompTIA Security+, ITIL Foundation or higher) a plus. 15+ years of progressive IT operations leadership experience, including infrastructure, cybersecurity, and software engineering. Proven ability to expand and optimize ITIL-based processes and leverage ITSM platforms to drive process maturity and operational excellence. Strong understanding of manufacturing systems, ERP platforms, and IT/OT integration. Hands-on experience leading software engineering teams, managing development projects, automation, and systems integration initiatives. Skilled in capacity planning, disaster recovery, and business continuity aligned with organizational growth. Experience managing IT assets, Help Desk operations, and SLAs/OLAs to ensure high availability, performance, and service reliability. Hybrid role but must be in office at HQ three days per week and four-to-five during first six months of employment.

We are seeking a Guidewire Solutions Architect to lead the design and delivery of Guidewire InsuranceSuite solutions (PolicyCenter, BillingCenter, ClaimCenter). The candidate will define technical architecture, guide development teams, and ensure alignment with business, functional, and integration requirements. Responsibilities: Architect end-to-end Guidewire solutions aligned with business needs. Lead design of configurations, customizations, integrations, and data models. Apply Guidewire best practices, including SBT and cloud-ready patterns. Collaborate with business and technical teams to refine requirements. Oversee integration with external systems using REST/SOAP, messaging, and event frameworks. Review technical designs, code, and ensure quality delivery. Support release planning, upgrades, and cloud implementations. Required Skills: 8+ years IT experience; 5+ years on Guidewire (PC/CC/BC). Strong knowledge of Gosu, PCF, data model, rating, and integrations. Experience with Guidewire Cloud and SBT. Strong understanding of P&C insurance processes. Excellent communication and technical leadership skills. About ValueMomentum: ValueMomentum is a leading solutions provider for the global property and casualty insurance industry, supported by deep domain and technology capabilities. We help insurers stay ahead with sustained growth and high performance for enhancing stakeholder value and fostering resilient societies. Trusted by over 100 insurers, ValueMomentum is one of the largest services providers exclusively focused on property and casualty. ValueMomentum is headquartered in Piscataway, NJ, with state-of-the-art delivery centers in Piscataway, NJ; Hyderabad, Pune, and Coimbatore in India; Toronto in Canada; and London in the United Kingdom.

ABOUT OUR CLIENT Our Client is a leader in energy management and power trading, leveraging cutting-edge platforms to deliver secure and resilient operations. With a strong focus on protecting systems, data, and intellectual property, they are committed to building a world-class information security program that supports business growth while staying ahead of emerging cyber threats. ABOUT THE ROLE The Information Security Analyst and Engineer will play a key role in safeguarding mission-critical systems, ensuring compliance, and advancing the organization's security maturity. This hybrid role blends hands-on security engineering with proactive monitoring, incident response, and program improvement. The position will collaborate with consultants, managed service providers (MSPs), and internal stakeholders to realize a highly effective security strategy. Reporting directly to the Director of Information Security, the role also provides occasional support to the Infrastructure team with basic system administration and help desk duties. RESPONSIBILITIES Develop and implement processes and technologies to enhance the security program and protect business platforms Monitor security systems and analyze alerts, logs, and reports Analyze vulnerability reports and track remediation across teams and systems Provide metrics to evaluate security program effectiveness Support security training and awareness programs, including phishing campaigns and in-person sessions Research emerging IT security trends, attack techniques, and defensive measures Assist in designing secure architectures across applications and infrastructure Support internal and external risk assessments, vendor reviews, and security audits Analyze penetration test results and drive remediation Contribute to security roadmaps and maturity assessments Safeguard IT assets and intellectual property by recommending best practices and solutions Participate in incident response planning, investigations, and compliance reviews Enhance data loss prevention technologies and processes Respond rapidly to incidents, conduct root cause analysis, and recommend mitigations Support business continuity and disaster recovery planning and testing Validate MSP-delivered security solutions to ensure alignment with standards Use automation to improve efficiency and effectiveness of security processes Maintain and improve information security policies and ensure compliance QUALIFICATIONS Bachelor's degree in Computer Science, Information Security, or a related technical field 3-5 years of IT security experience, with hands-on implementation and analysis Proficiency with EDR or SIEM solutions for configuration and investigations Competency with firewalls, email gateways, internet filters, and VPNs Strong background in network security, protocols, and best practices Understanding of operating system, network, and application security concepts Familiarity with the NIST Cybersecurity Framework Working knowledge of network and data center operations Experience with hybrid, public cloud (Azure preferred), and SaaS environments Strong analytical, troubleshooting, and problem-solving skills Excellent communication skills and attention to detail Adaptability and eagerness to learn new technologies in a collaborative environment PREFERRED QUALIFICATIONS Experience in the energy or financial services industries Familiarity with regulatory compliance frameworks such as NERC CIP or SOX Relevant certifications such as CISSP, CompTIA, or GIAC Experience in Agile and DevSecOps environments Scripting knowledge in PowerShell and/or Python

Experience: 10+ years (12-15+ preferred) About the Role Maitsys Inc. is seeking a highly skilled AI Architect with strong experience in pharmaceutical manufacturing, GxP/GMP environments, and enterprise-scale AI solution design. This role will define AI architecture frameworks, lead the technical design of GenAI and intelligent automation platforms, and ensure full alignment with regulatory and compliance requirements. The AI Architect will support strategy, solutioning, and technical delivery across AI initiatives that include GenAI, agentic AI, RAG systems, manufacturing intelligence, and data-driven decision automation. This role requires deep architecture expertise, strong cross-functional collaboration, and the ability to translate complex business needs into scalable AI solutions. Key Responsibilities AI Architecture & Technical Leadership Architect end-to-end AI solutions leveraging: GenAI, LLMs, agentic AI RAG architectures and vector databases MLOps platforms and cloud AI services Develop enterprise AI blueprints, design patterns, and reusable frameworks. Ensure architecture meets GxP/GMP, ALCOA+, 21 CFR Part 11, and Annex 11 requirements. Support AI platform integration across MES, LIMS, QMS, ELN, SCADA, ERP, and manufacturing data systems. Provide architectural governance and lead technical design reviews. AI Strategy Support & Business Advisory Partner with manufacturing, QA/QC, labs, and supply chain stakeholders to identify high-value AI use cases. Translate business needs into AI-enabled workflows and automation opportunities. Support preparation of AI roadmaps, maturity models, and implementation strategies. Facilitate workshops to drive AI readiness and operational adoption. Solution Delivery & Technical Translation Convert business processes into detailed architectural and technical requirements. Guide engineers, data scientists, and platform teams throughout model development and deployment. Ensure best practices for: Model performance & reliability Explainability Validation & compliance Secure and scalable deployment Oversee implementation of AI agents, copilots, knowledge assistants, and domain-specific automation solutions. Compliance, Governance & Data Integrity Architect AI systems aligned with: GMP/GxP 21 CFR Part 11 EU Annex 11 CSV/CSA guidelines ALCOA+ principles Collaborate with QA, validation, cybersecurity, and compliance teams to ensure proper documentation and controls. Practice Enablement & Cross-functional Leadership Mentor junior architects and engineering teams. Contribute to accelerators, playbooks, reusable assets, and architectural standards. Support proposal development, pre-sales activities, and client advisory discussions. Represent Maitsys in industry forums and thought leadership initiatives. Required Qualifications: 10-15+ years of experience in Pharma, Biotech, or other regulated manufacturing environments. Strong understanding of GxP/GMP, CSV/CSA, and regulatory compliance frameworks. Deep expertise in designing enterprise AI/ML, GenAI, and agentic AI architectures. Hands-on experience with: OpenAI, Azure OpenAI, Anthropic, or similar LLM platforms RAG architectures, prompt engineering, vector databases AWS, Azure, or GCP cloud ecosystems MLOps, model governance, CI/CD, monitoring, and validation Proven ability to influence senior stakeholders and communicate with both technical and business teams. Experience leading cross-functional solution delivery teams. Preferred Qualifications: Experience with GAMP 5, AI validation frameworks, or regulated system integration. Familiarity with: MES (Werum/Siemens) LIMS (LabWare/STARLIMS) QMS (TrackWise/Veeva) Manufacturing data lakes and historian systems Background in consulting, digital transformation, or enterprise architecture. Certifications such as TOGAF, MBA, or an advanced degree in AI/ML/Data Science. Why Join Maitsys? Drive AI transformation in global pharmaceutical manufacturing. Lead enterprise-level GenAI and automation initiatives. Collaborate with a fast-growing, innovation-focused organization. Opportunity to shape and scale Maitsys's AI architecture practice. Work closely with executive leadership in a strategic role.

Description The Security Architect is responsible for maturing the security posture of Tyler's corporate cyberinfrastructure. They are responsible for oversight of Tyler's enterprise compliance with applicable cybersecurity laws, regulations, industry frameworks, policies and standards. This is a key role in theadministration and enforcement of Tyler's Enterprise Information Security Program, which helps to ensure the security and integrity of Tyler's critical cyber infrastructure and assets.Responsibilities Consults with business and technical leadership to ensure that data, processes and technology aredesigned for data protection and compliance Drive creation of information security policies and procedures and assist with the related securityawareness programs to both end users and technical staff Oversees the development, evaluation and implementation of governance and compliance andprocesses to mitigate cybersecurity risk and ensure protection of company assets and information Standardize and streamline annual and ad-hoc information security audits and assessments incompliance with FedRAMP, CJIS, SSAE-18 SOC 1 and SOC2 and other requirements as necessary Assist in the coordination of third parties to help complete the assessments when relevant Assist in the monitoring and enforcement of compliance to security policies Assist with contract and vendor management issues related to security requirements and projects Researches and interprets current and pending laws and regulations, industry standards and clientand vendor commitments to understand and communicate compliance requirements Monitors investigations and documentation of information security compliance issues Provide leadership and technology guidance to Tyler business units on security matters Review architecture of products and infrastructure designs Qualifications Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, MIS or equivalent or comparable experience Requires 10+ years of progressively increasing responsibility in the areas of information security architecture, information security engineering, risk management or information technology. Strong experience architecting secure distributed infrastructures for medium to large enterprises. Experience with multiple operating systems, devices and databases including Windows Server, Active Directory, virtualization technology, network routing and switching, network segmentation, and use of enterprise class security platforms (F5 Networks, Gemalto, IDS/IPS, Anti-Virus, etc.) is required. Understanding of complex local and wide-area networks that focus on the use of segmentation and protection across all layers of the OSI model. Strong analytical and problem-solving skills. Must have and maintain one or more Security Assurance certifications such as (ISC)2 CISSP, ISACA CISA, ISACA CISM or equivalent · Working knowledge of common information security and privacy frameworks, such as FedRAMP, CJIS, ISO 27001, PCI-DSS, SSAE 18 SOC 2, HIPAA, CCPA, etc. Strong understanding of information security standards, concepts, controls, testing techniques and technical risk assessment. Working knowledge of industry software security testing procedures such as the OWASP Top 10 that includes but not limited to thick client, web client, and API security testing. Experience with enterprise architecture and working as part of a cross-functional team to implement solutions. Excellent customer service, organizational, interpersonal and communication skills Ability to prioritize and complete multiple tasks in a fast-paced, technical environment Some travel (approximately 2-3 trips per year) may be required. Required to undergo and satisfactorily pass a fingerprint background check in accordance with CJIS requirements. The Security Architect must be able to: Understand information security concepts such as Security Architecture and Design, Information Security Standards and Technical Security Risk Assessment Translate security control language into natural human language to aid in speed and accuracy of implementation Provide seamless integration to department and company resources Perform process development, consolidation and optimization at an enterprise level Independently gain knowledge on new and emerging trends.

At Manulife, we are changing the way we unlock value and secure the enterprise through technology and we want you to be part of it! We are growing our cybersecurity program with the vision to deliver quality applications using AI that add value to our customers, faster and securely, at scale. The customer is at the focus of everything we do, and millions of end users rely on our products daily. We are building a state-of-the-art cybersecurity program to better protect the firm's critical assets. As a **Lead Security Architect** , you'll be responsible for designing, developing, and implementing robust security strategies and solutions to protect Manulife's digital assets from advanced cyber threats. In this **hub-and-spoke model** , you will report to the Chief Security Architect and will be the dedicated security architecture lead for a specific business unit, ensuring alignment with the global security framework while addressing the unique needs of the segment. You will play a crucial role in shaping our global security posture and ensuring security is a foundational element of our technology and business initiatives. **Office location: Toronto - Canada (ideal) or Boston - USA.** **Work arrangement: Hybrid (3 days in office, 2 days from Home); Remote working option is not available.** **Travel Flexibility:** **Willingness and ability to travel within Canada and USA to support business operations and stakeholder engagement.** **Position Responsibilities:** + **Architectural Design** : Lead the design and development of robust security frameworks, standards, and best practices for global systems, data, and networks. This includes creating reference architectures and implementation patterns for security solutions. + **Strategic Planning** : Translate business, technology, and threat drivers into practical security roadmaps. You'll ensure our security strategy is aligned with broader organizational goals. + **Financial Analysis** : Conduct financial evaluations of security technologies, including quantifying purchasing and licensing options, estimating labor costs, and calculating the total cost of ownership (TCO), return on investment (ROI), or payback period. + **Project Management** : Draft project plans for security service and technology deployments and coordinate with stakeholders across the organization to ensure successful implementation. + **Collaboration & Integration** : Work closely with various teams across Manulife's business and IT units-including enterprise architecture, development, and risk management-to seamlessly integrate security throughout the entire project lifecycle. + **Risk Management** : Conduct comprehensive risk assessments to identify vulnerabilities and define necessary controls. Partner with global information risk management teams to prioritize and mitigate risks effectively. + **Security Evaluation** : Continuously evaluate the security of new and emerging technologies and potential solutions. You will stay ahead of the curve on cybersecurity trends to recommend and implement innovative solutions. + **Mentorship & Communication** : Act as a security subject matter expert, coaching and mentoring development teams. You will also communicate complex security standards and strategies to both technical staff and senior management with clarity and influence. + **AI Security:** Design and implement security frameworks for Machine Learning (ML), Generative AI (GenAI), and Agentic AI systems. Evaluate AI-powered security tools and integrate artificial intelligence capabilities into security operations and threat detection. + **Domain-Specific Accountabilities:** + **Application Security** : Assess solution architectures for compliance with security standards, define secure service interfaces, and provide guidance to application security engineers on threat modelling and secure software development methodologies. + **Cloud Security** : Provide deep expertise in securing multi-cloud computing environments (SaaS, IaaS, PaaS), with a strong focus on platforms like **Microsoft Azure** and **AWS** . **Required Qualifications:** + To succeed in this role, a candidate must have a strong blend of technical expertise, professional experience, and interpersonal skills. + **Education & Certifications** **:** + Bachelor's or master's degree in computer science, information systems, cybersecurity, or a related field. + Relevant industry certifications such as **CISSP (Certified Information Systems Security Professional)** or **CCSP (Certified Cloud Security Professional)** are required. + **Experience** **:** + At least 10 years of experience specifically in senior information security architecture roles, with demonstrated progression in responsibility and complexity. + Proven experience in the financial services industry, with understanding of regulatory requirements, compliance frameworks, and industry-specific security challenges. + Experience in using architecture methodologies such as **SABSA, Zachman, and/or TOGAF.** + Direct, hands-on experience or strong working knowledge of managing security infrastructure-e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM, and log management technology. + Verifiable experience reviewing application code for security vulnerabilities. + Experience securing CI/CD pipelines. + Direct, hands-on experience or a strong working knowledge of vulnerability management tools. + Documented experience and a strong working knowledge of the methodologies to conduct threat-modelling exercises on new applications and services. + Experience designing the deployment of applications and infrastructure into public cloud services. + Direct experience designing IAM technologies and services, including Active Directory, Lightweight Directory Access Protocol (LDAP), and Amazon Web Service (AWS) IAM. + Extensive knowledge of full-stack IT infrastructure, including: + Applications + Databases + Operating systems-Windows, Unix, and Linux + Hypervisors + IP networks-WAN and LAN + Storage networks-Fibre Channel, iSCSI, and NAS + Backup networks and media + Containers/Kubernetes + **Soft Skills** : + **Communication** : Excellent verbal and written communication skills are crucial for articulating complex technical concepts and influencing stakeholders at all levels. You must be able to translate complex security matters into business terms that are easily understood by colleagues and senior management. + **Problem-Solving** : Strong analytical, problem-solving, and decision-making abilities. + **Collaboration** : The capacity to balance competing priorities and maintain a collaborative and positive attitude. + **Travel Flexibility:** Willingness and ability to travel within Canada and USA to support business operations and stakeholder engagement **Preferred Qualifications:** + Experience from large complex environment is highly preferred but not a must. + Experience from large financial Org's is a definite plus but not a must. **When you join our team:** + We'll empower you to learn and grow the career you want. + We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words. + As part of our global team, we'll support you in shaping the future you want to see. **Acerca de Manulife y John Hancock** Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite *********************** . **Manulife es un empleador que ofrece igualdad de oportunidades** En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente. Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a ************************ . **Referenced Salary Location** Toronto, Ontario **Modalidades de Trabajo** Híbrido **Salary range is expected to be between** $132,900.00 CAD - $182,900.00 CAD. Si se está postulando para este puesto fuera de la ubicación principal, póngase en contacto con ************************ para conocer el rango salarial de su ubicación. El salario real variará según las condiciones locales del mercado, la geografía y los factores relacionados con el trabajo pertinentes, como conocimiento, habilidades, calificaciones, experiencia y educación/capacitación. Los empleados también tienen la oportunidad de participar en programas de incentivos y obtener una compensación de incentivos vinculada al desempeño comercial e individual. Manulife ofrece a los empleados aptos una amplia variedad de beneficios personalizables, entre ellos, beneficios de salud, odontológicos, de salud mental, oftalmológicos, por discapacidad a corto y a largo plazo, cobertura de seguro de vida y por muerte accidental y desmembramiento, adopción/subrogación y bienestar, y planes de asistencia al empleado/familiar. También ofrecemos a los empleados admisibles varios planes de ahorro para la jubilación (incluidos planes de pensiones y un plan mundial de propiedad de acciones con contribuciones equivalentes del empleador) y recursos de asesoramiento y educación financiera. Nuestro generoso programa de tiempo libre remunerado en Canadá incluye feriados, vacaciones, días personales y días por enfermedad, y ofrecemos la gama completa de ausencia laboral reglamentaria. Si se está postulando para este puesto en los EE. UU., póngase en contacto con ************************ para obtener más información sobre las disposiciones relativas al tiempo libre remunerado específicas de EE. UU.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies As a Consultant or Senior Consultant, you will collaborate with cross-functional teams, including IT, security, and business units, to design and implement Google Cloud-based application innovation solutions. You will work alongside experienced cloud architects, data scientists, and other specialists, ensuring the successful delivery of scalable, cloud-native applications and AI-powered solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position the base salary pay ranges are listed below. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. East Bay, San Francisco, Silicon Valley: * Consultant: $120,000-$177,000 * Senior Consultant: $140,000-$203,000 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Consultant: $110,000-$162,000 * Senior Consultant: $130,000-$186,000 All other locations: * Consultant: $105,000-$148,000 * Senior Consultant: $115,000-$171,000 EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. We are accepting applications until 12/31.

At DraftKings, AI is becoming an integral part of both our present and future, powering how work gets done today, guiding smarter decisions, and sparking bold ideas. It's transforming how we enhance customer experiences, streamline operations, and unlock new possibilities. Our teams are energized by innovation and readily embrace emerging technology. We're not waiting for the future to arrive. We're shaping it, one bold step at a time. To those who see AI as a driver of progress, come build the future together. The Crown Is Yours As a Director, Information Security, you'll lead our Security Engineering and Security Operations teams to shape how we defend our platforms at scale. You'll build modern security programs grounded in automation, AI, and pragmatic risk management. You'll drive strategy, deliver key capabilities, and evolve our approach to detection, response, and resilience. This is a hands-on leadership role where you'll empower technical leaders, elevate team performance, and partner closely with Engineering, Legal, IT, and Information Security leadership. What You'll Do Lead a high-performing team of managers and senior individual contributors; foster growth through coaching, clarity, and development planning. Provide strategic direction and mentorship to the broader InfoSec team through skip levels, feedback loops, and leadership modeling. Define and communicate KPIs to drive the program, looking across operational impact as well as technical indicators of risk and drift toward failure. Partner with InfoSec leadership on roadmap planning, prioritization, risk management, and capability development across detection, response, engineering, and investigations. Advance our adoption of AI and automation to drive quantifiable impact across security functions, both in new capabilities and latency. Collaborate with Legal, Compliance, and Audit to meet regulatory and customer expectations. What You'll Bring At least 10 years of progressive experience in security, including 5+ years in leadership roles with a strong emphasis on both proactive security engineering and reactive security operations. Strong technical foundation in modern enterprise and cloud environments, including what we secure (AWS, GCP, Kubernetes, datacenters, IoT) and what we secure it with (SIEM, EDR, CSPM, SAST/DAST, IAM, forensics). Familiarity with industry-standard risk and compliance frameworks (NIST CSF, ISO 27001, SOC 2, SLSA) and how to operationalize them in modern, tech-forward environments. Experience in fast-paced, high-growth companies in enterprise tech, SaaS, gaming, or other technical consumer industries like online video gaming. Executive-level communication skills, including the ability to deliver clear, timely, and actionable updates to both technical stakeholders and executive leadership. Join Our Team We're a publicly traded (NASDAQ: DKNG) technology company headquartered in Boston. As a regulated gaming company, you may be required to obtain a gaming license issued by the appropriate state agency as a condition of employment. Don't worry, we'll guide you through the process if this is relevant to your role. The US base salary range for this full-time position is 216,000.00 USD - 270,000.00 USD, plus bonus, equity, and benefits as applicable. Our ranges are determined by role, level, and location. The compensation information displayed on each job posting reflects the range for new hire pay rates for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific pay range and how that was determined during the hiring process. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Extensive knowledge of HIPAA and HITECH. Knowledge of and experience with Information Security frameworks such as HiTRUST, NIST, or ISO 27001. Bachelor's degree in information security, information assurance, information technology, computer science, or a related discipline. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or related certification. Five (5) years in an information security operations or management role. Passion for the mission of Health Leads and strong commitment to Health Leads' core values: belief in collective strength and the power of shared work, constant and courageous learning, celebrating our victories and each other, and stepping up leaders in a common vision. Experience with information security for cloud environments and/or software-as-a-service (SaaS) platforms. Knowledge of security-related technologies and processes, including but not limited to: data loss prevention (DLP), identity and access management (IAM), endpoint security, vulnerability and configuration management, security information and event management (SIEM), incident response and digital forensics, disaster recovery/business continuity planning, network security (LAN/WAN). Ability to communicate complex ideas and information both verbally and writing, in a clear, concise, and effective manner to technical and non-technical audiences including customers and colleagues. Superior capabilities for partnering; ability to be effective as both a team member and as a leader of teams in defining objectives, staying on task and reaching consensus; soliciting participation, challenging ideas and summarizing accomplishments and planned actions. Show integrity and ethical behavior; respect confidentiality, business ethics and organizational standards. Ability to formulate the cost benefit of security initiatives in the context of overall business risk mitigation and the organization's operational objectives. Ability to compare, contrast and prioritize among alternative approaches to meet those objectives.

The base salary range for this position is dependent upon experience and location, ranging from $94,490 to $118,113 Under general direction, to support compliance with the Global Access Governance Rule, coordinating SAP security initiatives for providing security design, configuration, testing, and ad hoc/custom reporting capabilities in support of the business units. Serves as the primary contact with SAP developers, end users and process owners in specified business areas to understand ongoing security and functional requirements (changes, modifications, improvements) and ensuring overall SAP data security integrity; work with various departments in the development of information security standards and practices; make resourceful, practical decisions and address unexpected problems; and perform other security related duties as required. Key Responsibilities * Design, implement, and support SAP security roles and profiles for all SAP environments, including ERP Central Component (ECC), Customer Relationship Management (CRM), Business Warehouse (BW), Governance Risk Compliance (GRC), SAP BusinessObjects BI (BOBJ), and Solution Manager. * Develops SAP security solutions and/or configuration changes to meet ongoing end user requirements. Implements configuration changes as required and prepares specifications for approved changes. * Design, implement, and support of GRC toolset, ruleset, policy governance, Segregation of Duties (SOD) controls, and all aspects of internal/external audits. * Review existing GRC toolset and rulesets, identifying improvement opportunities, and remediating identified violations. * Analyze non-technical security and functional requirements, translate requirements into technical security and functional specifications, and appropriately design and build secure technical solutions based on functional specifications. * Provides timely and accurate solutions to the functional business areas supporting SAP Security changes requested. * Assist business and technical teams with SAP functionality development focusing on access authorization. * Develops, maintains and updates documentation including instructions, reference materials, training materials. * Change Request and Transport review and approval. * Supports on-going end user training and other end user activities as required. * Assists in the development and support of Microsoft Office based tools Required Qualifications Education & Experience Required: * Associates Degree with a minimum of 7 years relevant experience required. * Minimum 5 years of progressive SAP Security experience. * Minimum 5 years of experience with GRC Compliance Tools, preferably INFOR Approva or SAP GRC. Skills/Abilities: * Ability to communicate complex information, concepts or ideas in a confident and well-organized manner through verbal, written and/or visual means. * Ability to build effective relationships for key stakeholders locally and globally and to interact at all levels of the organization. * Ability to resolve complex problems and negotiate successful outcomes. * Ability to lead work processes and work independently. * Thorough knowledge and understanding of managing SAP Security within ECC, CRM, BW, and BOBJ systems * Demonstrated understanding of Segregation of Duties concepts and Sarbanes-Oxley framework. * Strong desire to build, improve and maintain a pristine SAP landscape. * Ability to communicate with business areas to ensure business needs are being addressed effectively. * Ability to travel occasionally, perform after-hours project- related work, and provide on-call support as needed. * Strong analytical, problem-solving and decision making skills. * Proficient in the use of Microsoft Office applications. Preferred Qualifications * Bachelor's Degree with a minimum of 5 years relevant experience. Competencies * Growth & Continuous Improvement * Initiative & Change * Focused on Results * Customer Centric (internal and/or external) * Communication * Collaboration * Leadership (people managers/leaders) Benefits: * Award winning student loan debt repayment program * 12% 401(k) Match * Competitive salary and performance-based bonuses * Comprehensive benefits - including medical, dental, vision and variety of well-being programs * Tuition Assistance * Opportunities for professional development, career advancement, and internal mobility * Supportive and inclusive work environment * Generous PTO policy #LI-OFFICE #LI-ER1 Company: CENTRAL MAINE POWER CO Mobility Information Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. At Avangrid we provide fair and equal employment and advancement opportunities for all employees and candidates regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status, disability, protected veteran status or any other status protected by federal, state, or local law. If you are an individual with a disability or a disabled veteran who is unable to use our online tool to search for or to apply for jobs, you may request a reasonable accommodation by contacting our People and Organization department at ********************. Avangrid employees may be assigned a system emergency role and in the event of a system emergency, may be required to work outside of their regular schedule/job duties. This is applicable to employees that will work in Connecticut, Maine, Massachusetts, and New York within Avangrid Network and Corporate functions. This does not include those that will work for Avangrid Power. Avangrid employees may also be assigned a NERC Reliability Standards compliance role supporting Critical Infrastructure Protection (CIP) and/or Operations and Planning (O&P) responsibilities. This is applicable to employees that will work in electric transmission, operations, and cyber security business areas in Connecticut, Maine, Massachusetts, and New York within Avangrid Network and Corporate business areas. NERC Reliability Standards compliance roles and responsibilities may include additional access protections, training, audit engagement, and required evidence retention, and will be communicated by the employee's management. Job Posting End Date: December-20-2025

Are you a Cybersecurity compliance expert ready to take the lead in a dynamic, high-impact role? Join a globally recognized firm where you'll play a key role in shaping and strengthening our cybersecurity strategy. This is your chance to make a difference in a fast-paced, professional environment that values innovation, collaboration, and technical excellence. Why You'll Love This Role: Drive Security Initiatives - Lead firmwide cybersecurity programs, ensuring compliance with ISO 27001 and other industry standards. Be a Decision-Maker - Approve security risks, implement best practices, and enhance policies to safeguard critical systems. Third-Party & Risk Management - Oversee vendor risk assessments, vulnerability management, and client security audits. Lead & Mentor - Supervise a Compliance Analyst and provide strategic guidance across teams. Innovate & Protect - Collaborate with IT leadership to integrate cutting-edge security solutions into firm operations. What You Bring to the Table: 5+ years of cybersecurity experience in a complex IT environment. Strong knowledge of security frameworks (ISO 27001, NIST, etc.). Hands-on experience with security tools, compliance audits, and risk assessments. Leadership experience with a passion for mentoring and developing security professionals. Bachelor's degree in Cyber Security, Computer Science, or a related field. Security certifications (CISSP, CRISC, etc.) strongly preferred. Offer includes: Competitive salary: $145,000 - $170,000 Hybrid work environment Excellent benefits package A culture of excellence, diversity, and professional growth Ready to step into a leadership role where your expertise will make a real impact? Apply today and be a key player in securing the future of a top international firm. Apply to this post or email your resume directly to Dan Gilliam, email: **************************** Tags: Cybersecurity, IT, ISO, Compliance, Security Manager

Woods Hole Oceanographic Institution is searching for a highly skilled and cleared Information System Security Officer (ISSO) / Classified Systems Information Assurance Analyst to join our team, focusing exclusively on the security of classified information systems and networks. This critical role is responsible for ensuring the confidentiality, integrity, and availability of sensitive government information in accordance with stringent U.S. government (USG) security directives. The ISSO will be instrumental in the authorization and accreditation(A&A) process, continuous monitoring, incident response, and the implementation of robust security controls for classified environments. The ideal candidate will possess a deep understanding of relevant security frameworks, policies, and a proven track record of maintaining secure classified systems. This is a regular, full-time, exempt position, and is eligible for full benefits. ESSENTIAL FUNCTIONS Authorization & Accreditation (A&A) / Risk Management Framework (RMF): Lead or support the development, review, and submission of comprehensive security authorization packages (e.g., System Security Plans (SSPs), Risk Assessment Reports, Contingency Plans, Plan of Action and Milestones (POA&Ms)) for classified systems. Ensure all classified systems maintain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC) in accordance with RMF or legacy A&A processes (e.g., DIACAP). Interpret and apply USG security policies, regulations, and guidelines, including but not limited to: NISPOM, DoD Instruction 8500.01, NIST SP 800-53, DCID 6/3, ICD 503, JSIG, and DISA STIGs. Security Control Implementation & Enforcement: Design, implement, and maintain security controls specific to classified systems, including secure configurations, access controls, auditing, media control, and classified spillage prevention/response. Configure and manage specialized security tools relevant to classified environments (e.g., Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), Data Loss Prevention (DLP) solutions). Perform rigorous hardening of operating systems (Windows, Linux), applications, and network devices based on DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs). Vulnerability Management & Continuous Monitoring: Conduct vulnerability scans, analyze results, and work with system administrators to remediate security weaknesses on classified systems. Oversee and perform continuous monitoring activities, including reviewing audit logs, security events, and system alerts for anomalous behavior. Track and ensure compliance with Information Assurance Vulnerability Management (IAVM) directives. Incident Response & Classified Spillage: Act as a primary point of contact and lead for security incidents and classified spillage events on assigned systems. Execute incident response procedures, including containment, eradication, recovery, and detailed reporting to relevant government authorities. Participate in forensic investigations as required for classified incidents. Compliance & Audit Support: Maintain meticulous documentation of all security artifacts, configurations, policies, and procedures for classified systems. Support internal and external security inspections, audits, and assessments by government agencies (e.g., DCSA, DSS, NSA). Develop and implement standard operating procedures (SOPs) for the secure operation of classified systems. User Training & Guidance: Provide guidance and training to users on proper handling, marking, and safeguarding of classified information and operation of classified systems. Ensure all personnel accessing classified systems meet training requirements (e.g., security awareness, insider threat). Configuration Management: Manage and control changes to the hardware, software, and firmware of classified systems to maintain their security posture and accreditation. MINIMUM QUALIFICATIONS Security Clearance: Active U.S. Government Security Clearance required at the SECRET level or above. Education: Bachelor's degree in Computer Science, Information Security, Cybersecurity, or equivalent experience. Experience: 5 years of dedicated experience in Information Assurance/Cybersecurity within classified government or defense environments. Demonstrable expertise in the Risk Management Framework (RMF) or equivalent A&A processes (e.g., DIACAP). Hands-on experience with security tools and technologies used in classified environments (e.g., ACAS, HBSS, SIEM, dedicated firewalls). Proven experience with DISA STIGs and their application to various operating systems and applications. Technical Skills: Strong understanding of network protocols, operating systems (Windows, Linux/Unix), and virtualized environments in a classified context. Experience with encryption technologies and COMSEC devices. Knowledge of scripting languages (e.g., PowerShell, Python, Bash) for automation and auditing is a plus. Desired Certifications: CISSP (Certified Information Systems Security Professional) DoD 8570.01-M IAT Level II (e.g., CompTIA Security+, CySA+, CCNA Security, SSCP) or higher (IAM Level I, II, or III). GIAC Certifications relevant to incident handling, forensics, or security auditing (e.g., GCIH, GCFA, GCCC, GSNA) Additional Job Requirements Salary Range: $114,000 to $148,000 USD The salary range provided for this position reflects the expected minimum and maximum base pay for new hires. Actual compensation will be determined based on factors such as relevant skills, experience, and qualifications, as well as internal equity and market conditions. In addition to base salary, eligible employees also receive a comprehensive benefits package. WHOI accepts applications on a rolling basis - applications will be reviewed as they are received, and we encourage you to submit your application as soon as possible to ensure full consideration. While we will continue to review applications until the position is filled, and early applicants may have an advantage in the selection process. EEO Statement Woods Hole Oceanographic Institution (WHOI) provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Overview Join Allied Universal Technology Services, a global leader in transforming the security industry. We integrate advanced technology - video surveillance, electronic access control, alarm monitoring and augmented solutions with physical security to help people feel safe. Whether you're an installation technician, service technician, engineer, or project manager, you'll discover rewarding opportunities to grow your career as part of a valued team. Apply today and be phenomenal-build a meaningful career while protecting what matters most through innovative security technology. Job Description Allied Universal is looking to hire a Solution Engineer. The Solution Engineer creates all post-sale security systems design, engineering, value engineering, and documentation. The position is part of the Solutions Engineering department, which is responsible for translating, expanding, finalizing, and documenting pre-sales proposals and technical designs produced by Sales and Solutions Architecture in pre-sale systems architecting and quoting. This position works closely with Sales, Solutions Architecture, Operations, and external customers as required. The primary work products for the Solution Engineer are security system and construction technical drawings, including custom installation drawings and instructions, network design diagrams, riser diagrams, typical installation diagrams, point-to-point system schedules, door hardware schedules, document redlining, functional narratives describing systems operations, and as-built documentation. RESPONSIBILITIES: Creates and updates comprehensive post-sale engineering packages illustrating device locations, IDF/MDF room layouts, SOC/GSOC layouts, console designs, installation diagrams, riser diagrams, network designs, etc. Creates and updates performance-based and product-based specifications Creates and updates pre-fabrication submittal packages as specified by architects and engineers for their approval prior to installation Develops and maintains as-built record documentation over the life cycle of various projects and follow-on MAC work Utilizes and contributes to a comprehensive library of standard post-sale engineering documents, templates, and standards, as well as project-specific and customer-specific submittals Ensures effective value engineering by assuring technical compliance while at the same time reducing Allied Universal Technology Services costs whenever possible Reviews AUTS proposals both pre-sale and post-sale to scrutinize selected products for applicability and specification compliance Collaborates with AUTS's product suppliers to ensure the desired functionality of selected products. Consistently applies AUTS's standards for installation Contributes to AUTS internal guidelines for Solutions Engineering engagement and post-sale systems engineering QUALIFICATIONS (MUST HAVES): A minimum of five (5) years of experience in electronic security systems design / engineering In-depth knowledge of security system design best practices and product applicability, including products like: Video surveillance and related technologies (Analog, IP, Codecs, VMS) Access control and related technologies (card access, biometrics, PIV, FIPS-201, HSPD-12, various processor panels, electric locking hardware, etc.) Physical intrusion detection (Bosch, DMP, etc.) Software House, Lenel, Amag, Brivo, Genetec, and Avigilon systems architectures Computer software skills to include: AutoCAD and associated rendering applications, MS Office, Acrobat Writer, and Visio Ability to read and understand complex architectural and engineering drawings Working knowledge of AC and DC circuitry, voltage drop calculations, and wire sizing Ability to collaborate with diverse teams of technical designers and engineers Ability to simultaneously work on multiple large, complex projects Good written and verbal communication skills Strong analytical decision-making capabilities Self-motivated with the ability to influence others PREFERRED QUALIFICATION (NICE TO HAVES): Manufacture certifications PMP/PSP certifications A bachelor's or associate's degree in electrical engineering or equivalent is considered a plus Ability to plan, size, and design enterprise-class IT network and storage solutions, including products like: Virtualization technologies such as VMware vSphere and View Data-center networking technologies such as Cisco Nexus Storage Area Network technologies such as NetApp or EMC Load balancing / firewalling technologies such as Cisco ACE or Cisco ASA Data-center protocols such as Fibre Channel, NFS, IP, iSCSI, DCE Physical Security Information Management (PSIM) BENEFITS: Salary: $80,000 - 115,000 / annually Medical, dental, vision, basic life, AD&D, and disability insurance Enrollment in our company's 401 (k) or Supplemental Income Plan, subject to eligibility requirements Eight paid holidays annually, five sick days, and four personal days Vacation time offered at an accrual rate of 3.08 hours biweekly. Unused vacation is only paid out where required by law. #LI-EL1 Closing Allied Universal is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race/ethnicity, age, color, religion, sex, sexual orientation, gender identity, national origin, genetic information, disability, protected veteran status or relationship/association with a protected veteran, or any other basis or characteristic protected by law. For more information: *********** If you have difficulty using the online system and require an alternate method to apply or require an accommodation, please contact our local Human Resources department. To find an office near you, please visit: ***********/offices. Requisition ID 2025-1495451

Join Allied Universal Technology Services, a global leader in transforming the security industry. We integrate advanced technology - video surveillance, electronic access control, alarm monitoring and augmented solutions with physical security to help people feel safe. Whether you're an installation technician, service technician, engineer, or project manager, you'll discover rewarding opportunities to grow your career as part of a valued team. Apply today and be phenomenal-build a meaningful career while protecting what matters most through innovative security technology. Job Description Allied Universal is looking to hire a Solution Engineer. The Solution Engineer creates all post-sale security systems design, engineering, value engineering, and documentation. The position is part of the Solutions Engineering department, which is responsible for translating, expanding, finalizing, and documenting pre-sales proposals and technical designs produced by Sales and Solutions Architecture in pre-sale systems architecting and quoting. This position works closely with Sales, Solutions Architecture, Operations, and external customers as required. The primary work products for the Solution Engineer are security system and construction technical drawings, including custom installation drawings and instructions, network design diagrams, riser diagrams, typical installation diagrams, point-to-point system schedules, door hardware schedules, document redlining, functional narratives describing systems operations, and as-built documentation. RESPONSIBILITIES: Creates and updates comprehensive post-sale engineering packages illustrating device locations, IDF/MDF room layouts, SOC/GSOC layouts, console designs, installation diagrams, riser diagrams, network designs, etc. Creates and updates performance-based and product-based specifications Creates and updates pre-fabrication submittal packages as specified by architects and engineers for their approval prior to installation Develops and maintains as-built record documentation over the life cycle of various projects and follow-on MAC work Utilizes and contributes to a comprehensive library of standard post-sale engineering documents, templates, and standards, as well as project-specific and customer-specific submittals Ensures effective value engineering by assuring technical compliance while at the same time reducing Allied Universal Technology Services costs whenever possible Reviews AUTS proposals both pre-sale and post-sale to scrutinize selected products for applicability and specification compliance Collaborates with AUTS's product suppliers to ensure the desired functionality of selected products. Consistently applies AUTS's standards for installation Contributes to AUTS internal guidelines for Solutions Engineering engagement and post-sale systems engineering QUALIFICATIONS (MUST HAVES): A minimum of five (5) years of experience in electronic security systems design / engineering In-depth knowledge of security system design best practices and product applicability, including products like: Video surveillance and related technologies (Analog, IP, Codecs, VMS) Access control and related technologies (card access, biometrics, PIV, FIPS-201, HSPD-12, various processor panels, electric locking hardware, etc.) Physical intrusion detection (Bosch, DMP, etc.) Software House, Lenel, Amag, Brivo, Genetec, and Avigilon systems architectures Computer software skills to include: AutoCAD and associated rendering applications, MS Office, Acrobat Writer, and Visio Ability to read and understand complex architectural and engineering drawings Working knowledge of AC and DC circuitry, voltage drop calculations, and wire sizing Ability to collaborate with diverse teams of technical designers and engineers Ability to simultaneously work on multiple large, complex projects Good written and verbal communication skills Strong analytical decision-making capabilities Self-motivated with the ability to influence others PREFERRED QUALIFICATION (NICE TO HAVES): Manufacture certifications PMP/PSP certifications A bachelor's or associate's degree in electrical engineering or equivalent is considered a plus Ability to plan, size, and design enterprise-class IT network and storage solutions, including products like: Virtualization technologies such as VMware vSphere and View Data-center networking technologies such as Cisco Nexus Storage Area Network technologies such as NetApp or EMC Load balancing / firewalling technologies such as Cisco ACE or Cisco ASA Data-center protocols such as Fibre Channel, NFS, IP, iSCSI, DCE Physical Security Information Management (PSIM) BENEFITS: Salary: $80,000 - 115,000 / annually Medical, dental, vision, basic life, AD&D, and disability insurance Enrollment in our company's 401 (k) or Supplemental Income Plan, subject to eligibility requirements Eight paid holidays annually, five sick days, and four personal days Vacation time offered at an accrual rate of 3.08 hours biweekly. Unused vacation is only paid out where required by law. #LI-EL1 Closing Allied Universal is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race/ethnicity, age, color, religion, sex, sexual orientation, gender identity, national origin, genetic information, disability, protected veteran status or relationship/association with a protected veteran, or any other basis or characteristic protected by law. For more information: *********** If you have difficulty using the online system and require an alternate method to apply or require an accommodation, please contact our local Human Resources department. To find an office near you, please visit: ***********/offices. Requisition ID 2025-1495451

New England College of Optometry seeks an entry level Information Security Manager to develop, implement, and oversee a robust information security strategy and program. This critical role involves establishing and enforcing policies, procedures, and technologies to protect the confidentiality, integrity, and availability of institutional and student data. The Information Security Manager will be responsible for risk assessment, incident response, security operations, and ensuring compliance with all relevant regulations and standards. This role requires strong leadership, technical expertise, and excellent communication skills to collaborate effectively across the institution. Responsibilities * Develop, implement, and oversee a robust information security strategy and program in alignment with institutional goals and industry best practices. * Establish and maintain institutional information security policies, standards, and guidelines, ensuring they are regularly reviewed, updated, and communicated. * Manage security operations, including monitoring, detection, prevention, response, and analysis of security threats and vulnerabilities. * Lead and coordinate the information security incident response team, managing security breaches & ensuring timely and effective resolution and post-incident analysis. * Conduct regular risk assessments and penetration testing to identify and mitigate potential security vulnerabilities across systems, networks, and applications. * Ensure compliance with national and international regulatory frameworks (e.g., FERPA, HIPAA, ISO 27001, SOC 2) relevant to the organization. * Oversee security awareness training programs for all employees to promote a culture of security consciousness. * Manage the security budget and evaluate, select, and implement appropriate security tools and technologies. * Report on the status of the security program, vulnerabilities, and incidents to executive leadership. * Work on "special projects" as assigned by the Chief Information Officer. * Other duties as assigned. Requirements * Experience in designing, implementing, and managing enterprise-level information security programs and strategy. * Technical knowledge of network security, application security, cloud security (e.g., AWS, Azure, GCP), and endpoint protection technologies. * Understanding of risk management methodologies and security frameworks (e.g., ISO 27001, NIST, CIS Controls). * Experience leading security incident response and forensic analysis. * Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical audiences. * Knowledge of networking principles, including wireless networking. * Excellent written and verbal communication skills, professional appearance, punctuality and a sense of urgency. * Experience working with Active Directory and Google Cloud Platform. * Ability and willingness to learn new technologies. Preferred Background/Skills * Professional certifications such as CISSP, CISM, or relevant SANS certifications. * Experience with Governance, Risk, and Compliance (GRC) tools and processes. * Exceptional organizational skills, with the ability to prioritize projects and tasks. * Familiarity with scripting languages (e.g., Python, PowerShell) for security automation. * Ability to write reports and document steps for knowledge sharing. * Ability to work efficiently and independently with minimal supervision. * Excellent customer service and communications skills. Education * Bachelor's degree in Computer Science, Information Technology, Information Security, or a related technical field. Experience * A minimum of 2 years of progressive experience in the field of information security. NECO is an Equal Opportunity employer and encourages all qualified candidates to apply. New England College of Optometry offers a robust benefits program including: * 3 plan options for BCBS medical coverage (employer subsidized at 75% or greater) * Mental Health and Wellness benefits * BCBS Dental * Discounted vision services * 13 paid holidays and generous paid time off for sick, vacation, and personal days * Employer-paid life insurance, and short-term and long-term disability * Voluntary Insurance: life, critical illness, hospital indemnity, accident, * Voluntary Benefits: employee discounts and pet insurance * 9% employer contribution to a 403(b) retirement plan after 1 year of service with no vesting schedule or match requirement * Qualified Public Service Loan Forgiveness Employer

Full-time Description New England College of Optometry seeks an entry level Information Security Manager to develop, implement, and oversee a robust information security strategy and program. This critical role involves establishing and enforcing policies, procedures, and technologies to protect the confidentiality, integrity, and availability of institutional and student data. The Information Security Manager will be responsible for risk assessment, incident response, security operations, and ensuring compliance with all relevant regulations and standards. This role requires strong leadership, technical expertise, and excellent communication skills to collaborate effectively across the institution. Responsibilities Develop, implement, and oversee a robust information security strategy and program in alignment with institutional goals and industry best practices. Establish and maintain institutional information security policies, standards, and guidelines, ensuring they are regularly reviewed, updated, and communicated. Manage security operations, including monitoring, detection, prevention, response, and analysis of security threats and vulnerabilities. Lead and coordinate the information security incident response team, managing security breaches & ensuring timely and effective resolution and post-incident analysis. Conduct regular risk assessments and penetration testing to identify and mitigate potential security vulnerabilities across systems, networks, and applications. Ensure compliance with national and international regulatory frameworks (e.g., FERPA, HIPAA, ISO 27001, SOC 2) relevant to the organization. Oversee security awareness training programs for all employees to promote a culture of security consciousness. Manage the security budget and evaluate, select, and implement appropriate security tools and technologies. Report on the status of the security program, vulnerabilities, and incidents to executive leadership. Work on "special projects" as assigned by the Chief Information Officer. Other duties as assigned. Requirements Experience in designing, implementing, and managing enterprise-level information security programs and strategy. Technical knowledge of network security, application security, cloud security (e.g., AWS, Azure, GCP), and endpoint protection technologies. Understanding of risk management methodologies and security frameworks (e.g., ISO 27001, NIST, CIS Controls). Experience leading security incident response and forensic analysis. Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical audiences. Knowledge of networking principles, including wireless networking. Excellent written and verbal communication skills, professional appearance, punctuality and a sense of urgency. Experience working with Active Directory and Google Cloud Platform. Ability and willingness to learn new technologies. Preferred Background/Skills Professional certifications such as CISSP, CISM, or relevant SANS certifications. Experience with Governance, Risk, and Compliance (GRC) tools and processes. Exceptional organizational skills, with the ability to prioritize projects and tasks. Familiarity with scripting languages (e.g., Python, PowerShell) for security automation. Ability to write reports and document steps for knowledge sharing. Ability to work efficiently and independently with minimal supervision. Excellent customer service and communications skills. Education Bachelor's degree in Computer Science, Information Technology, Information Security, or a related technical field. Experience A minimum of 2 years of progressive experience in the field of information security. NECO is an Equal Opportunity employer and encourages all qualified candidates to apply. New England College of Optometry offers a robust benefits program including: 3 plan options for BCBS medical coverage (employer subsidized at 75% or greater) Mental Health and Wellness benefits BCBS Dental Discounted vision services 13 paid holidays and generous paid time off for sick, vacation, and personal days Employer-paid life insurance, and short-term and long-term disability Voluntary Insurance: life, critical illness, hospital indemnity, accident, Voluntary Benefits: employee discounts and pet insurance 9% employer contribution to a 403(b) retirement plan after 1 year of service with no vesting schedule or match requirement Qualified Public Service Loan Forgiveness Employer