Security architect jobs in Round Rock, TX

Primary Responsibilities: · Specification of innovative and disruptive security solutions · Security requirements management and definition, linking security mechanisms to functional requirements · Specification, design and review of security architectures · Detailed attack modeling and definition of security mechanisms in hardware, firmware, protocols, etc. · Advising and training the teams on design, implementation and test of hardware/software security mechanisms · Detailed implementation reviews (RTL, firmware code) · Planning, coordination and execution of pre-silicon vulnerability analysis (VA) · Technical interface to customers and to the different business and product development teams · Certification support and technical interface with evaluators and certifiers Root cause analysis of security defects and vulnerabilities We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form (****************************************** Og4IQS1J6dRiMo) . The EEOC "Know Your Rights" Poster is available here (*********************************************************************************************** . To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: *************************************************** . Skills and Requirements · Master/PhD in Cryptography, Security, Software Engineering or Electrical Engineering · Minimum of 10 years industry experience in the design and development of Embedded Secure Systems. · Strong knowledge of SoCs and/or Secure Element products · Security background, ideally experience in embedded security · Familiar with state of the art CAD tools (e.g. Cadence, ) · Knowledge of Hardware description languages (System Verilog, VHDL) Willing to travel internationally

We provide creative and technology services and solutions in the areas of web design, customized web applications, IT Staffing and e-commerce solutions, Mobile App development and much more services to organizations in the All over the world. With well defined and documented processes and practices, we ensure successful implementation of all our projects. Our teams are highly trained in best practices of web and application developments and are managed by certified project managers who ensure highest levels of process control and management Job Description Security Architect Locations: Austin, TX Full Time Travel Required: Up to 10% or 1 day a week Work with IBM Cloud PaaS Offering Management on defining security roadmap Engage with clients as sponsor users to implement new security capabilities Architect technical security requirements for external compliance certifications Participate and enforce IBM PSIRT, IBM CSIRT, and IBM Secure Engineering processes Provide security technical guidance to Bluemix services and SaaS offerings that run on top of Bluemix PaaS Create external facing collateral for use by client facing teams and clients Participate in IBM Cloud Security interlocks Present in client facing/external conferences e.g., Interconnect etc. Support Bluemix sales by presenting to clients (on the phone, F2F) Mentor security team members You will work with the best of the teams in Cloud Dev, Cloud Security, Cloud Offering Management, Cloud Sales. You will be outgoing, team player, willing to mentor and lead team members, must have great sense of humor. You will have demonstrated communication skills, experience with working with customers and be able to bring customer requirements back to the team. Your extensive experience in security and compliance audit is of great advantage. This is a high performing, leading edge team that offers exciting opportunities in Cloud security. If you have it in you, then you are at the right place. Apply below immediately. Required Technical and Professional Expertise: At least 8 years of experience in technical security architecture and design skills At least 5 years of experience in External customer facing experience and skills At least 3 years experience in Compliance Standards Preferred Technical and Professional Experience: At least 3 years of experience in Cloud Security and compliance standards. Certified Information Systems Security Professional (CISSP) certification is preferred Additional Information All your inform ation will be kept confidential according to EEO guidelines.

Role: Security SoC Architect. We are looking for someone to Influence all aspects of next generation SoC microprocessors security features within SoC architecture team. Client architects guide a SoC from early concept stage through design execution and post silicon. This role involves collaboration with many teams across subject areas, including IP design, SoC integration and physical design, platform architecture, software, firmware, packaging, and silicon validation. You will impact every part of the SoC security and see your contributions in shipping products. RESPONSIBILITIES: • Define, align, and drive common security architecture solutions across an extensive SoC roadmap • Define breakthrough/ground-breaking innovation for security solutions • Capture security product requirements and evolve them into security architecture specifications including HW, SW, FW, etc. • Work closely with the world-wide design teams on the implementation, testing, and review of security solutions • Root cause analysis of security defects • Interface to customers, evaluation labs and to the product development teams • Certification support including the technical collaborate with evaluator and certifier • Planning and execution of design vulnerability assessments REQUIREMENTS: • Extensive experience building SoC designs which include security features (Root of Trust, Cryptography, Product Life Cycle Management) • Have proven experience in secure system design • Experience working with a world-wide team • Clear methodical problem solver • Ability to work independently • Be able to demonstrate good communication, written and verbal skills QUALIFICATIONS: • PhD or Masters in cryptography, HW or SW engineering, security. SALARY NEGOTIABLE

The Company PayPal has been revolutionizing commerce globally for more than 25 years. Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy. We operate a global, two-sided network at scale that connects hundreds of millions of merchants and consumers. We help merchants and consumers connect, transact, and complete payments, whether they are online or in person. PayPal is more than a connection to third-party payment networks. We provide proprietary payment solutions accepted by merchants that enable the completion of payments on our platform on behalf of our customers. We offer our customers the flexibility to use their accounts to purchase and receive payments for goods and services, as well as the ability to transfer and withdraw funds. We enable consumers to exchange funds more safely with merchants using a variety of funding sources, which may include a bank account, a PayPal or Venmo account balance, PayPal and Venmo branded credit products, a credit card, a debit card, certain cryptocurrencies, or other stored value products such as gift cards, and eligible credit card rewards. Our PayPal, Venmo, and Xoom products also make it safer and simpler for friends and family to transfer funds to each other. We offer merchants an end-to-end payments solution that provides authorization and settlement capabilities, as well as instant access to funds and payouts. We also help merchants connect with their customers, process exchanges and returns, and manage risk. We enable consumers to engage in cross-border shopping and merchants to extend their global reach while reducing the complexity and friction involved in enabling cross-border trade. Our beliefs are the foundation for how we conduct business every day. We live each day guided by our core values of Inclusion, Innovation, Collaboration, and Wellness. Together, our values ensure that we work together as one global team with our customers at the center of everything we do - and they push us to ensure we take care of ourselves, each other, and our communities. Job Summary: Sr. Analyst, Cybersecurity Operations focused on cloud security. As a key player in our Cloud Assurance team, you will help provide comprehensive visibility into cloud infrastructures, monitor for misconfigurations, and proactively detect threats. Job Description: Essential Responsibilities: * Independently apply security best practices to enhance and optimize cyber threat management, ensuring robust protection and efficiency, while beginning to understand and align security measures with business objectives. * Partner with peers and internal teams to drive security initiatives, contribute to cross-functional projects, and at times co-lead efforts to strengthen security posture and cyber threat management. * Analyze and resolve security challenges by adapting standard cyber threat management processes and exploring alternative approaches to address complex threats. * Influence the quality, efficiency, and effectiveness of the team through informed decision-making, with a potential impact on other teams. * Collaborate with key partners to gather and incorporate feedback, driving continuous improvements in cyber threat management. Minimum Qualifications: * Minimum of 5 years of relevant work experience and a Bachelor's degree or equivalent experience. Preferred Qualification: Your day to day: This role will be focused primarily on the security in AWS and GCP cloud environments at PayPal. This will include the security aspects of infrastructure, build pipelines, application design, cloud native service and tool design patterns, stakeholder communications, consulting and advisement of peer security teams, and solution review and approval. Daily tasks will include but not limited to: * Onboarding Cloud accounts (such as Azure, AWS & GCP) - this includes access grant, enabling policies, configuring baselines, configuring agents (if applicable), verifying health status * Administer CSPM solution - this includes managing user roles, audit logs, manage API access * Discover cloud assets - this includes gaining visibility and manage cloud assets * Manage Security policies and Benchmarks - this includes configuring CSPs specific security policies, industry specific compliance policies (such as PCI), benchmarks standards (such as CIS, NIST, etc.) * Respond to alerts - this includes monitor, investigate and triage incidents based on actionable alerts * Manage OS hardening - this includes administer operating system baseline and hardening * Integration with 3rd party systems - this includes manage changes, requests on integration with other systems (such as ITSM and CI/CD Tools) * Remediation guidance - this includes providing recommendations to the stakeholders to fix the potential threats, applying configurations on the systems to maintain IT security regulatory compliance and standards * Manage reports - this includes providing reports to the business and IT stakeholders What do you need to bring: * 5+ years' experience in Cloud Security, CSPM * Collaborate with the team to design and deliver scalable back-end services that enhance our leading CSPM platform * Develop user-friendly command-line utilities that interact with our web services * Excellent communication and documentation skills * Provide integration support and documentation for various teams, including UX/UI and Sensors * Configure and monitor uptime alerts related to the services you manage * Continuously improve architecture, models, user experience, performance, and stability through rapid prototyping and agile decision-making * Innovate and refine methods to utilize data for automating global-scale cyber threat intelligence * Contribute to building a platform that secures the entire lifecycle of cloud workloads for our customers * Proficiency in at least one object-oriented programming language with strong typing * Experience in developing and using RESTful API web services * Familiarity with cloud provider APIs and CLI tools for AWS, Azure, and GCP * Experience with infrastructure-as-code tools like CloudFormation, Terraform, and Azure Templates * Hands-on experience with Docker containers in Kubernetes environments * Experience with message queues including defining messages, estimating sizes and rates, and monitoring lag * Experience with RDBMS databases and SQL, such as Postgres Preferred certifications: * Cloud Security related certifications (AWS, GCP) * Bachelors / Master's Degree in Computer Science / Cybersecurity or related field Bonus Points: * Industry experience or certifications related to CNAPP, CSPM, or Cloud Security * Experience with application observability tools such as Splunk and PagerDuty * Experience managing production environments with Postgres, Kubernetes etc. * Familiarity with graph structures, data, and graph databases * Compliance knowledge/experience * Automation Subsidiary: PayPal Travel Percent: 0 * PayPal is committed to fair and equitable compensation practices. Actual Compensation is based on various factors including but not limited to work location, and relevant skills and experience. The total compensation for this practice may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit ******************************* The US national annual pay range for this role is $111,500 to $191,950 PayPal does not charge candidates any fees for courses, applications, resume reviews, interviews, background checks, or onboarding. Any such request is a red flag and likely part of a scam. To learn more about how to identify and avoid recruitment fraud please visit ************************************ For the majority of employees, PayPal's balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations. Our Benefits: At PayPal, we're committed to building an equitable and inclusive global economy. And we can't do this without our most important asset-you. That's why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you. We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit ******************************* Who We Are: Click Here to learn more about our culture and community. Commitment to Diversity and Inclusion PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at ****************************************. Belonging at PayPal: Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with a sense of acceptance and security where all employees feel included and valued. We are proud to have a diverse workforce reflective of the merchants, consumers, and communities that we serve, and we continue to take tangible actions to cultivate inclusivity and belonging at PayPal. Any general requests for consideration of your skills, please Join our Talent Community. We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don't hesitate to apply.

Title: Manager, Information Security & Compliance Duration: Fulltime Permanent with Client ________________________________ Responsibilities: Provide leadership, management, and guidance to the Operational Technology Security & Compliance team. Oversee and manage the security patch management, password management, configuration management and logging solution. Develop and maintain maintenance and configuration procedures, schedules and related evidentiary documentation. Manage on-call schedule. Maintain security system standards and NERC compliance in accordance with good utility practices. Manage daily system monitoring, verifying the integrity and availability of hardware, server resources, systems and key processes, reviewing and verifying system and application logs. Coordinate testing and implementing operating system patches in the operations technology environment. Ensure NERC CIP requirements are implemented when performing any work. Requirements: 5+ years of experience managing information security and compliance team. 10+ years of experience with security and compliance functions (Access Management, Threat and Vulnerability Management, Security Monitoring, Patch Management, Password Management, Configuration Management and Logging). Experience supporting CIP compliance is a plus. Experience working with a team required to operate in 24/7 shifts. Strong writing and communication skills. Commitment to providing excellent customer service. Qualifications NERC CIP Additional Information All your information will be kept confidential according to EEO guidelines.

ISSO Employment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: * Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. * Maintain responsibility for managing cybersecurity risk from an organizational perspective. * Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. * Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. * Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). * Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. * Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. * Provide subject matter expertise for cyber security and trusted system technology. * Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. * Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. * Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. * Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: * Bachelor's Degree. * A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. * eMASS experience. * Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. * Strong desktop publishing skills using Microsoft Word and Excel. * Experience with industry writing styles such as grammar, sentence form, and structure. * Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: * CISSP, CASP, or a similar certificate is preferred. * Master's Degree in Cybersecurity or related field. * Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. * Demonstrated ability to work well independently and as a part of a team. * Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: ************************************* For more information about CGS please visit: ************************** or contact: Email: [email protected] #CJ $92,213.33 - $125,146.66 a year We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: * Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Build-time controls: Managing applications/products security controls and activities during development. * Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities * Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. * Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Support or develop components of the security analytics platform. * Contribute to investigations, threat hunting, and incident response activities in a supporting role. * Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. * Support the security operations team with the vulnerability management lifecycle for products and services under your purview. * Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities * Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. * Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. * Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. * Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). * Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. * Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. * Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. * Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. * Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. * Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. * Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. * Experience engaging with vendors in design partnerships. * Experience overseeing vulnerability and threat management at the platform and application levels. * Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. * Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. $146,000 - $170,000 a year In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

JOB TYPE: Full-time WORK LOCATION: Onsite in Martinsburg, WV, Hines IL or Austin, TX. Only Candidates who reside in WV, IL and TX will be considered for this position. POSITIONS: There are 2 positions are available: 1st shift: Sunday -Thursday, 0700 - 1530, 2nd shift: Tuesday - Saturday, 0700-1530 ABOUT: QMS Consulting (QMS) is an Education Technology (EdTech) and Information Technology (IT) Consulting firm specializing in Cybersecurity / Data Protection, Cloud Lifecycle, Software Development and Data Science. QMS seeks a seasoned Security Operations Center (SOC) analyst to work within a dynamic and highly innovative SOC team that supports federal government customers. The Senior SOC analyst will include onboarding new detection technologies, crafting and updating incident response playbooks, and leading investigations of escalated incidents by analyzing attack patterns and determining root causes. In this role, you should be technically sound, detail oriented with the ability to lead tasks and ensure high-quality service delivery. Critical thinking and problem-solving skills are essential for this position. JOB RESPONSIBILITIES: Sr. Security Operations Center Analyst responsibilities include: Work with detection engineering team to onboard and operationalize new cloud detection tools include Azure Sentinel, AWS Guard Duty, Netskope CASB etc. Develop playbooks for cloud incident response. Lead and actively participate in the investigation, analysis, and resolution of Tier 3 and escalated cybersecurity incidents. Analyze attack patterns, determine the root cause, and recommend appropriate remediation measures to prevent future occurrences. Serve as a cloud subject matter expert in handling incidents of varying complexity, providing guidance and support to Tier 1 and Tier 2 analysts during investigations. Ensure accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned. Collaborate with knowledge management teams to maintain up-to-date incident response playbooks. Collaborate effectively with cross-functional teams, including forensics, threat intelligence, IT, and network administrators. Clearly communicate technical information and incident-related updates to management and stakeholders. Develop and operationalize advanced security analytics use cases to detect and respond to sophisticated cyber threats in real-time. Monitor the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy. Leverage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions. Support the mentoring and training of more junior IR staff. Stay informed about the latest cybersecurity threats, trends, and best practices. Actively participate in cybersecurity exercises, drills, and simulations to improve incident response capabilities. This list of responsibilities may not be all-inclusive and can be expanded to include other duties or responsibilities as required by the business. QUALIFICATIONS AND REQUIRED EXPERIENCE: Sr. Security Operations Center Analyst requirements include: 5+ years of experience supporting large-scale IT related projects 3+ years of experience supporting incident response in an enterprise-level Security Operations Center (SOC) that includes monitoring of cloud environments. A deep understanding of cybersecurity principles, incident response methodologies, and a proactive mindset to ensure our SOC operates effectively in a high-pressure environment. Strong experience with security technologies, including SIEM, IDS/IPS, EDR, and network monitoring tools Experience with enterprise ticketing systems like ServiceNow Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight. Ability to learn and function in multiple capacities and learn quickly. Strong verbal and written communication skills Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field (or equivalent work experience) Certifications, such as CISSP, GCIH, GCFA, CEH, or equivalent, are highly desirable SALARY: $113,000 - $125,000 BENEFITS: health benefits, holidays and PTO We are an equal opportunity employer. Our policy is to always provide equal opportunity without regard to race, color, religion, sex, pregnancy, national origin, ancestry, age, marital status, sexual orientation, family responsibility, physical or mental disability, medication, or status as a veteran.

The Security Operations team is responsible for designing and driving information security initiatives at Tricentis including defining and enforcing policy, engineering defensive controls, and responding to incidents. We are seeking a candidate with a strong technical background who can adapt and thrive within a fast-growing SaaS environment. As a Senior Security Analyst, you will be a key component of our front-line defense and overall security posture. Responsibilities Include: Monitoring and reacting to security events Assisting in incident response efforts Planning, coordinating, and/or executing security assessments of networks, systems, applications, and cloud platforms Working with system owners and stakeholders to mitigate issues found in security assessments Assist with governance, risk, and compliance initiatives as needed Developing and curating threat intelligence Working with the greater Information Security team to define and implement security policies, procedures, and controls General awareness of developments in information security and help in guiding the company's response Providing security expertise and advice to other teams within the company Collaborating with other teams to solve business challenges Basic Qualifications: 5+ years of experience in information security concepts, controls, and technology Extensive experience with servers/workstations, computer networks, cloud platforms, their built-in security capabilities and hardening options Experience in a global SOC environment Experience with Azure and/or AWS cloud environments Experience with Log Management/SIEM tools Experience with EDR, Antivirus, and security tools Familiarity with the following security related disciplines with deep experience in several: Vulnerability management Forensic Analysis Application Security Cloud Security Posture Management IAM Penetration Testing Malware analysis Deep technical troubleshooting skills Familiarity with industry or regulatory compliance standards (CIS, NIST, SOC2, etc) Technical degree, certification, and/or 5+ years of experience related to information security Excellent communication skills, and the ability to explain security best practices to a non-technical audience Willingness and aptitude for learning new skills and adapting to new technologies Experience with programming and/or automation software Why Tricentis? Tricentis is currently investing heavily in our information security efforts so that means investing in YOU. We've allocated a budget for training, certifications, conference attendance, etc. and support participation in industry groups as well as speaking at events. As you are joining a company in a growth phase, we are interested in developing individuals that show leadership qualities into those that will build and oversee future teams. In addition to significant growth opportunities, you will get to help build our security stack, sourced from best-in-breed solutions and tooling. Tricentis Core Values: Knowing what we need to achieve and how to achieve it is important. Tricentis core values define our ways of working and the behaviors we model that create an enjoyable and successful Tricentis life. Demonstrate Self-Awareness: Own your strengths and limitations. Finish What We Start: Do what we say we are going to do. Move Fast: Create momentum and efficiency. Run Towards Change: Challenge the status quo. Serve Our Customers & Communities: Create a positive experience with each interaction. Solve Problems Together: We win or lose as one team. Think Big & Believe: Set extraordinary goals and believe you can achieve them. Why You'll Love Working at Tricentis: Market conform salary + success-oriented bonus Supportive and engaged leadership team 401(k) plan, full benefits package available Company paid Disability and Life Insurance Hybrid work environment Tricentis is proud to be an equal opportunity workplace. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran.

SpyCloud is on a mission to make the internet a safer place by disrupting the criminal underground. SpyCloud's solutions thwart cyberattacks and protect more than 4 billion accounts worldwide. Cybersecurity is an exciting, evolving space, and being at the forefront of the fight to disrupt cybercrime makes SpyCloud a special place to work. If you're driven to align your career with a fantastic mission, look no further! *This role can be hybrid out of Austin (preferred) or remote in the United States with occasional travel to the office (around once per quarter) We are looking for a passionate Senior Security Data Analyst/Python Developer to help us parse, transform, and analyze dirty data. The ideal candidate has a thorough understanding of Python, Data analysis techniques, AWS, ETL patterns, and Automation techniques. Our Stack: Python Linux Databases: Relational and NoSQL AWS (EC2, RDS, SQS, S3, Lambda, API Gateway, and more) What You'll Do: Parse and transform structured and unstructured datasets. Build Python-based automation for the parsing platform. Bring order to dirty and/or unstructured data. Develop ETL-style automation scripts. Maintain and improve the existing codebase and infrastructure. Manage the weekly data ingestion process. Collaborate with the team to design and build innovative data systems. Data analysis based on the consumption of blogs for the marketing team. Develop processes, standards and CI/CD pipelines to manage our codebase. Leverage AI to automatically parse data. Requirements: 5-7 years of professional experience as a Python developer. A love of working with data. Familiarity with cleaning/transforming data. Experience building data solutions and automation tools using Python. Proficient in Linux bash/ksh scripting and Regular Expressions. Interest in cybersecurity. Strong understanding of computer science fundamentals (data structures, algorithms, data processing). Experience with relational and NoSQL databases. Excellent communication skills. Great team player. Self-directed, empathetic, and eager to automate repetitive tasks. Able to switch contexts as business needs change. Nice to Have: Background or strong interest in cybersecurity. Familiarity with Git version control system. Experience with AWS (Compute, Storage, Database). Experience working with Infrastructure as Code (we use Terraform and Ansible). SpyCloud is not sponsoring visas at this time. U.S.-Based Benefits + Perks (for Full Time Employees): At SpyCloud, we are committed to working alongside individuals who are equally passionate about preventing cybercrime, regardless of their department or role. Guided by our core values in all business decisions, we prioritize unity in our mission and ensure all SpyCloud employees have the support and benefits they need to stay focused on our goals. In addition to our engaging workspace in South Austin, flexible and remote-friendly work options, and competitive salary package, we offer our employees a comprehensive benefits package that includes: 401(k) with Employer Contribution Health, Vision, and Dental Insurance Health Savings Account (HSA) available with Employer Contribution Employer Paid Life, Short-term, and Long-term Disability Insurance Generous PTO Plan and 16 paid holidays per year U.K.-Based Benefits + Perks (for Full Time Employees): Retirement Savings Plan with Employer Contribution Employer Provided Private Health Insurance and Healthcare Cashplan Employer Paid Life Insurance and Income Replacement Generous Holiday Plan and 14 paid holidays per year About SpyCloud: SpyCloud is on a mission to disrupt the cycle of cybercrime. As the leader in Cybercrime Analytics, our solutions thwart cyberattacks that originate from the use of stolen data, including account takeover, ransomware, and online fraud. More than 550 customers and partners trust SpyCloud to protect users' identities, prevent targeted attacks, and unmask adversaries attempting to harm businesses and their customers. To learn more and see insights on your company's exposed data, visit SpyCloud. Our Mission: Our mission is to make the internet a safer place by disrupting the criminal underground. Together with our customers and partners, we aim to end criminals' ability to profit from stolen information. Who We Are: SpyCloud is a place for innovative, collaborative, and problem-solvers to thrive. Individually, we're amazing, but together, we're unstoppable. We celebrate diversity and various perspectives and aim to create an inclusive and supportive environment for all. We are proud to be an Equal Employment Opportunity and Affirmative Action employer of choice. All aspects of employment decisions will be based on merit, performance, and business needs. We do not discriminate on the basis of any status protected under federal, state, or local law. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. Women, minorities, individuals with disabilities, and protected veterans are encouraged to apply. SpyCloud complies with applicable state and local laws governing nondiscrimination in employment. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. SpyCloud expressly prohibits any form of workplace harassment. Improper interference with the ability of SpyCloud's employees to perform their job duties may result in discipline up to and including discharge. SpyCloud shares the right to work and participates in the E-Verify program in all locations. If you need assistance or accommodation due to a disability, you may contact us. Our Culture: Our culture is something really special. We're all driven to disrupt the cybercriminal economy as we keep customer accounts safe from compromise. We support a truly worthy and serious mission, but we have fun doing it together. If you are driven, inventive, and collaborative, you'll fit right in. SpyCloud's Recruitment Policy: We will never ask an applicant for sensitive or personal financial information during the recruitment process. We advise all applicants seeking employment with SpyCloud to review available information on recruitment fraud. Anyone who suspects that they have been contacted by someone falsely representing SpyCloud should email ********************. Compensation Transparency Policy: At SpyCloud, we believe in transparency and fairness in compensation. We strive to ensure that all employees are fairly compensated for their contributions, and we openly discuss our compensation philosophy and structure. We are committed to providing competitive salaries and benefits packages to attract and retain top talent, and we encourage open dialogue and feedback regarding compensation matters. Learn more and apply: SpyCloud Careers

At Jamf, we believe in an open, flexible culture based on respect and trust. Our track record and thriving work environment all stem from the freedom we grant ourselves to get the job done right. We take pride in helping tens of thousands of customers around the globe succeed with Apple. The secret to our success lies in our connectivity, while operating with a high degree of flexibility. Work-life balance remains our priority while feeling connected is important to maintain our strong culture, achieve our goals, and thrive as #OneJamf. What you'll do at Jamf: The Senior Security Operations Engineer will work with the Cloud and Delivery team to continue to build, automate and maintain cloud security services in Azure. They will be responsible for leading the Security Design and Architecture, Log Collection, Security Incident Management, Identity and Access Management, Vulnerability and Patch management. They will be responsible for maintaining operation of the environment in accordance with our service level agreements and providing support to both our staff and customers. This role if offered as remote in Minneapolis, MN; Eau Claire, WI; or Austin, TX. You may be required to work periodically at a Jamf office or collaborative work location with other Jamf employees in your area for certain events or moments that matter. We are only able to accept applications for those based in one of these locations. What you can expect to do in this role: Mentors and advises others in related components and broad fundamental expertise areas Manages identity and access control in Azure Responsible for the tools, configuration, administration and related processes around our log file collection and monitoring Provides the framework, processes and execution to ensure support of Jamfs data leakage prevention Responsible for Web application firewall and related prevention, detection and mitigation of DDoS attack Vulnerability Management: Accountable for the prevention, detection and mitigation of vulnerabilities through industry standard tools, configuration, administration and internal procedures Performs regular firewall audits in line with our procedures. Provides the appropriate documentation, supporting evidence and follow up on identified issues requiring remediation Responsible for tooling, processes and follow up actions related to our external port scanning needs and practices Handles the identification, planning and implementation of any server hardening needs. Works collaboratively with Operations and other internal teams to communicate, document and implement Performs security incident analysis, response and remediation Participates in design and implementation of security automation workflows Helps manage security data reporting and visualization platform #LIRemote What we are looking for: Minimum of 4 years IT security principles, security operations, techniques, and technologies. (Required) Minimum of 4 years experience working with Linux/Unix command line interfaces, including Shell or Python scripting (Required) Minimum of 4 years experience with industry standard configuration management and deployment tools (e.g. Ansible, Azure Resource Manager or other) (Required) Minimum of 2 years experience administering some or all of the following Azure Services: (Virtual Machines, SQL Database, Load Balancer, Storage) (Preferred) Minimum of 2 years experience working with monitoring (Logic Monitor, AppDynamics, Zabbix, etc) and logging tools (Splunk, Sumologic, or ELK (ElasticSearch/Logstash/Kibana)) (Preferred) Advanced knowledge of containerization concepts and Kubernetes (Preferred) Basic knowledge of MySQL or Postgres (Preferred) 4 year / Bachelor's Degree (Preferred) A combination of relevant experience and education may be considered The following certification is preferred: Microsoft Certified: Azure Security Engineer Associate OTHER REQUIREMENTS: This position will perform work that the U.S. government has specified can only be performed by a U.S. citizen located physically in the U.S., and therefore any employment offer will be contingent upon verification of both of these requirements. Applicants who are not U.S. citizens or who are located outside of the U.S. are strongly encouraged to apply for other positions at Jamf, which is an equal-opportunity employer. SECURITY AND PRIVACY REQUIREMENTS: Participation in ongoing security training is mandatory Established security protocols will be adhered to, sensitive data will be handled responsibly, and data protection practices are followed, including understanding relevant privacy regulations and reporting breaches Acknowledging the Jamf Code of Conduct, where applicable security and privacy policies can be found, is a requirement of all roles at Jamf How we help you reach your best potential: Named a 2025 Best Companies to Work For by U.S. News Named a 2024 Best Technology Company to Work For by U.S. News Named one of Forbes Most Trusted Companies in 2024 Named a 2024 Best Companies to Work For by U.S. News Our developers work in agile delivery teams to produce new features, improve software components, and are the subject matter experts for our Jamf product offerings. You will have the opportunity to make a real and meaningful impact for more than 75,000 global customers with the best Apple device management solution in the world. We constantly push the boundaries of technology, our developers support new innovations and OS releases the moment they are made available by Apple. Several Jamf engineers are named in patents and with team names like CatDog, ThunderSnow and Dalek you can expect to have some fun while building cutting-edge software. You will have the opportunity to work with a small and empowered team where the culture is based on trust, ownership, and respect. We offer a clear career path that enables you to grow under supportive leadership and management Visit our Jamf Engineering blog to learn more about the innovative projects our team is working on and what we learn from each challenge we solve. A blog written by engineers, for engineers at medium.com/jamf-engineering 22 of 25 world's most valuable brands rely on Jamf to do their best work (as ranked by Forbes). Over 100,000 Jamf Nation users, the largest online IT community in the world. The below annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/annual salary to be offered to the selected candidate. Factors include, but are not limited to the scope and responsibilities of the role, the selected candidate's work experience, education and training, the work location as well as market and business considerations. Pay Transparency Range$103,100-$219,700 USD What it means to be a Jamf? We are a team of free-thinkers, can-doers, and problem-crushers. We value humility and the relentless pursuit of knowledge. Our culture flows from a spirit of selflessness and relentless self-improvement - driving both personal growth and collective progress throughout our company. We unite around common goals while respecting personal approaches, believing that fulfilled individuals create a thriving, vibrant workplace. Our aim is simple: hire exceptionally good people who are incredibly good at what they do and let them do it. We provide the support and resources to let everyone be their authentic, best selves at work, at rest, and at play. We are committed to supporting the continual improvement of Apple in the workplace, the organizations that rely on them and the people who keep it all running smoothly. Above it all, waves our banner of #OneJamf - and the knowledge that when we stand together, we accomplish so much more than we could alone. We seek individuals who share this unwavering journey toward growth to join us in our quest for constant improvement. What does Jamf do? Jamf extends the legendary Apple experience people enjoy in their personal lives to the workplace. We believe the experience of using a device at work or school should feel the same, and be as secure as, using a personal device. With Jamf, customers are able to confidently automate Mac, iPad, iPhone and Apple TV deployment, management, and security - anytime, anywhere - to protect the data and applications used by employees in the workplace, students learning in the classroom, and streamline communications in healthcare between patients and providers. More than 2,500 Jamf strong worldwide, we are free-thinkers, can-doers, and problems crushers who are encouraged to bring their whole selves to work each and every day. Get social with us and follow the conversation at #OneJamf Jamf is committed to creating an inclusive & supportive work environment for all candidates and employees. Candidates with disabilities or religious beliefs are encouraged to reach out if they need additional support or alternative options to our recruiting processes to accommodate their disability or religious belief. If you need an accommodation, please contact your Recruiter or Recruiting Coordinator directly. Requests for accommodation will be handled confidentially by Recruiting and will not be shared with the hiring manager. Jamf is an equal opportunity employer and does not discriminate against individuals who request reasonable accommodation for disability or religious beliefs. To request accommodations please email us at *******************

Job DescriptionSaronic Technologies is a leader in revolutionizing defense autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations for the Department of Defense (DoD) through autonomous and intelligent platforms. Position OverviewWe are seeking an experienced ISSO to lead the stand-up, accreditation, and continuous monitoring of classified networks in support of U.S. Government customers. The ideal candidate has direct, hands-on experience securing Authorities to Operate (ATO) for SIPRNet (DCSA) and JWICS (Navy/IC) environments, with proven expertise managing ATO lifecycles across the DOW, IC, and specific Navy stakeholders. Experience with CWAN and/or enabling Defense Contractors to build compliant, customer-aligned classified enclaves is preferred.This role reports to the Industrial Security Manager and works closely with Cybersecurity, Information Technology, Business Development, and Growth Teams to deliver accredited classified capabilities on time and within scope.Key Responsibilities Serve as the primary ISSO for SIPRNet (DCSA) and JWICS (Navy/IC) ATO packages, including RMF workflow in eMASS, Xacta, or equivalent. Lead ATO development, submission, assessment, and authorization with DCSA, Navy AO/DAO, and IC CAFs (e.g., DIA, NSA, NRO). SOCOM-Specific Functions Author and maintain USSOCOM 10-702 RMF overlays for SOF-unique systems (e.g., SOFNET, SOF-IA, Mission Command Systems). Manage ATO packages under SOCOM's J6/J39 using eMASS Enterprise and SOCOM's Risk Management Framework Process Guide. Coordinate with TSOC ISSMs and Component Command Validators for deployment of classified SOF enclaves worldwide. Navy-Specific Functions Interface directly with NAVCYBERFOR, FLTCYBERCOM, and SPAWAR/NAVWAR for CANES, ADNS, and ISNS integration into contractor JWICS drops. Execute Navy RMF per NAVSEA 9400 series and SECNAV M-5239.2 for ship-to-shore and afloat classified networks. Manage JWICS ATOs under Navy DAO (OPNAV N2N6), including Type-1 encryption and NSA Commercial Solutions for Classified (CSfC) implementations. SAP/SCI Environment Functions Act as SAP ISSO for Special Access Programs (SAP) under DoD SAPCO, Service SAPCOs, and IC SAPCOs. Participate in the development of SAP Security Plans (SAPSP), Fixed Facility Checklists (FFC), and TEMPEST addendums for SAP facilities. Oversee SAP network carve-outs, air-gapped systems, and bilateral SAP-to-SCI cross-domain transfers. Manage classified network stand-up for Defense Contractor facilities, including: Design and implementation of secure enclaves (SIPR, JWICS, CWAN, SAP) Cross-domain solutions (CDS), VTC, and secure voice Compliance with ICD 503, JSIG, NISPOM, DAAPM, and CNSSI 1253 Oversee continuous monitoring, POA&M management, and annual re-accreditation for CWAN-connected systems and/or SAP collateral networks. Coordinate with Navy SPAWAR, NRO, DISA, SOCOM J6, and IC customers to align technical solutions with mission requirements. Conduct security audits, vulnerability scans (ACAS), STIG compliance, and incident response for classified systems. Mentor junior ISSOs and interface with CPSO/FSO on physical, personnel, and COMSEC requirements. Required Qualifications 5+ years as ISSO in classified DoD/IC environments (SIPR/JWICS and SAP mandatory). Direct experience obtaining and maintaining ATOs with: DCSA for SIPRNet DOW for JWICS CWAN-connected networks USSOCOM or SAP AOs for SOF/SAP systems Proficiency with RMF, eMASS, Xacta 360, SOCOM 10-702 overlays, and SCAP/STIGs. Current DoD 8570 IAT/IAM Level III certification (e.g., CISSP, CISM, GSLC). Active TS/SCI with Full-Scope Poly (or CI Poly with ability to obtain FS). Bachelor's degree in Cybersecurity, IT, or related field (or equivalent experience). Travel: Occasional (10-15%) Preferred Qualifications Prior CWAN and SOCOM SOFNET accreditation and operations experience. Experience with Navy FLTCYBERCOM, SPAWAR, ONR, or SOCOM J39 classified programs. Familiarity with CDS (ISSE Guard, Radiant Mercury), CSfC, and secure VTC (SVTC). SAP ISSM training (e.g., CDSE SAP Security Management) and ICD 705 SCIF accreditation experience. Experience supporting Defense Contractors in building customer-dedicated classified networks (e.g., SCIF-in-SCIF, dedicated JWICS/SAP drops). Physical Demands Prolonged periods of sitting at a desk and working on a computer Occasional standing and walking within the office and production environments Manual dexterity to operate a computer keyboard, mouse, and other office equipment Visual acuity to read screens, documents, and reports Occasional reaching, bending, or stooping Lifting and carrying items up to 20 pounds Benefits Medical Insurance: Comprehensive health insurance plans covering a range of services Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care Saronic pays 100% of the premium for employees and 80% for dependents Time Off: Generous PTO and Holidays Parental Leave: Paid maternity and paternity leave to support new parents Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses Retirement Plan: 401(k) plan Stock Options: Equity options to give employees a stake in the company's success Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office This role requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3) . Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.

Information System Security Officer - Assessor Contract - 12-24 months *must be local to the Austin area and be willing to be ONSITE Daily The ideal candidate will be responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by the information systems to determine the overall effectiveness of the controls. Qualifications/Requirements: At least 5 years of experience in common information security and risk management frameworks Security + certification (at a minimum) is required 3+ years of experience with NIST Compliance and Third Party Risk assessments Strong knowledge of information security practices, procedures, and regulations Previous experience in a government agency environment is highly desirable Ability to work independently with minimal oversight to complete assigned projects General Duties: Assist with implementation and management the Organization's Secure Systems Perform security assessments and reviews of account permissions, computer data access needs, security violations, and programming changes Develop appropriate plans to safeguard computer configuration and data files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs Coordinate the implementation of system security plans for internal personnel and outside vendors Coordinate account permissions and data access needs Review security violations and programming changes required Advise management and users regarding security configurations and procedures Participate in the development of information technology disaster recovery and business continuity planning Continuously review and assess technical risks of new and existing applications and systems, including data center physical security and environment Research, evaluate, and recommend systems and procedures for the prevention, detection, containment, and correction of data security breaches Prepare final security assessment reports containing findings May be asked to perform additional duties as required Genius Road, LLC is proud to be a Certified Women's Business Enterprise, an Equal Opportunity Employer and values diversity. All employment is decided on the basis of qualifications, merit and business need.

Location: Austin, United States of AmericaThales people architect identity management and data protection solutions at the heart of digital security. Business and governments rely on us to bring trust to the billons of digital interactions they have with people. Our technologies and services help banks exchange funds, people cross borders, energy become smarter and much more. More than 30,000 organizations already rely on us to verify the identities of people and things, grant access to digital services, analyze vast quantities of information and encrypt data to make the connected world more secure. This is a hybrid position out of Austin, TX Position Summary Imperva's Enterprise Services program drives customer success with proactive monitoring and management that maximizes the value customers get from their products and services. As a Cloud Security Engineer, you will respond to security and system health incidents, provide holistic operational guidance, and troubleshoot and configuration within Imperva's Cloud Application Security platform. You will also see a broad range of activities across cloud application and security domains, from integration tasks (such as key management and logging) to security response (advising during triage, analysis, and remediation) to providing analysis and insights through advanced reporting. You will also consult with internal functions, both technical (such as support and R&D) and business (such as account executives and renewals), constantly improving best practices for solutions and services. You will work closely with Management to implement and expand the global Enterprise Services program. The position entails occasional paid weekend on-call rotation (1 weekend per quarter) Essential Functions Expertise with Imperva Cloud Application Security platform and stay current on cloud, application, and cybersecurity trends Provide comprehensive service to our customers, including proactive monitoring, configuration, integration assistance, and post-sales assistance Analyze customer security logs, derive security patterns, attack information and insights from the traffic. Highlight these insights, traffic trends and make solid recommendations for improving systems health and overall security posture. Research new attack vectors and security solutions to create customized security policies that detect, alert, and prevent malicious requests and attacks. Participate in presentations, Quarterly Business Reviews and Service Reviews with customers on a regular basis. Take ownership of problems, work with Imperva's internal threat research, data science, and product teams by delivering actionable intelligence that will inform & shape future product enhancements Keep customer teams up to date via ongoing status about onboarding, configuration and tuning efforts, cases, feature requests, service review calls, and current news from the field on the latest security trends and developments as well as product release notes. Develop and implement troubleshooting tools, processes, and ideas that improve efficiency of Enterprise Services delivery. Continually evaluate and enhance proactive monitoring, automation, and reporting initiatives. Minimum Requirements Bachelors degree in Information Systems, Computer Science, Telecommunications, or any Technology field plus a minimum of 5 years' experience in application or network security in a technical customer facing role OR a Master's degree in a technology field plus a minimum of 4 years' experience in application or network security and security data analysis with at least 1 year in a Technical Customer-facing role. Familiarity with Internet Security and Networking Technologies such as TCP/IP, HTTP, SSL/TLS, Proxies, Firewalls, OWASP Top 10, and OWASP Automated Threats to Web Applications. Excellent analytical and problem-solving approach alongside self-learning ability. Excellent communication (written and verbal), interpersonal skills, team-player and customer-focused skills. Experience with basic scripts in one or more languages, such as Python You have a knack for automating redundant tasks, streamlining repetitive processes, and are always looking for opportunities to scale operations Preferred Qualifications Hands-on experience with a SIEM or data analysis tool like Splunk or Tableau or Graylog, etc. Proficiency with Python & any other programming language like JS Prefer a candidate willing to work Eastern Time zone hours. #LI-Hybrid #LI-MG1 This position will require successfully completing a post-offer background check. Qualified candidates with [a] criminal history will be considered and are not automatically disqualified, consistent with federal law, state law, and local ordinances. We are an equal opportunity employer, including disability and veteran status. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. If you need an accommodation or assistance in order to apply for a position with Thales, please contact us at ************************************. The reference Total Target Compensation (TTC) market range for this position, inclusive of annual base salary and the variable compensation target, is between Total Target Cash (TTC) 88,749.02 - 179,179.52 USD Annual This reflects how companies in a similar industry and geographic region generally pay for similar jobs. This range helps the Company make pay decisions as one data point among many. Where a position falls within this range is also dependent on other factors including - but not limited to - the employee's career path history, competencies, skills and performance, as well as the company's annual salary budget, the customer's program requirements, and the company's internal equity. Thales may offer additional benefits and other compensation, depending on circumstances not related to an applicant's status protected by local, state, or federal law. (For Internal candidate, if you need more information, please reach out to your HR Shared Service, 1st Point) Thales provides an extensive benefits program for all full-time employees working 30 or more hours per week and their eligible dependents, including the following: •Elective Health, Dental, Vision, FSA/HSA, Voluntary Life and AD&D, Whole Group Life w/LTC, Critical Illness, Hospital Indemnity, Accident Insurance, Legal Plan, Identity Theft, and Pet Insurance •Retirement Savings Plan after 30 days of employment with a company contribution and a match, and with no vesting period •Company paid holidays and Paid Time Off •Company provided Life Insurance, AD&D, Disability, Employee Assistance Plan, and Well-being Program

Description & Requirements Electronic Arts creates next-level entertainment experiences that inspire players and fans around the world. Here, everyone is part of the story. Part of a community that connects across the globe. A place where creativity thrives, new perspectives are invited, and ideas matter. A team where everyone makes play happen. Offensive Security Engineer - Enterprise Red Team EA Security The EA Security team protects EA by reducing our exposure to security risks by raising awareness and providing a measured, proportionate set of security and risk management controls, services and solutions. EA is looking for a security engineer to join EA's Enterprise Red Team. You will help us identify threat vectors before they can be exploited in our systems, services, cloud infrastructure or applications. We're a team that can find the worst of the worst, knows what's most likely to be attractive to attackers, and we're motivated to make things better. You will report to the Enterprise Red Team Director to work on an offensive security-driven application security program that scales enterprise-wide with a focus on automation, exploitation and best-practices. What You'll Do * Be part of the offense! Find and exploit security vulnerabilities for defensive purposes to help identify risks and lead mitigations * Perform architecture and threat model reviews to identify security vulnerabilities with a focus on AI applications, agents, and infrastructure * Build automation to scale penetration testing and to test threat detection and response capabilities * Develop, pilot and operate flexible and creative security testing automation * Collaborate with engineers across EA to identify automation gaps and rapid prototyping of new ideas and mitigations * Support traditional red team assessments, adversarial emulation campaigns and penetration tests of EA's systems to discover and document high risk vulnerabilities * Support incident response activities as required What You'll Need * 4+ years' experience in penetration testing and/or red team operations * 2+ years programming experience in at least one of the following: Golang, Python, Java, C#, C/C++ * Working knowledge of DevSecOps and CI/CD pipelines and related tooling (Gitlab, Github, Jenkins,…) * Application Analysis (fuzzing, static analysis, app scanning) * Familiarity with reviewing source code for security vulnerabilities and related tooling (Code QL, semgrep,…) * Basic understanding of machine learning its attack surface * Advanced knowledge in application security, network security, authentication protocols * Proficiency in one or more operating systems: Linux, Windows, mac OS * Experience with tooling such as Metasploit, Bloodhound, Burp, PromptFoo, ZAP, Sliver,… * Web and Database Penetration Testing Experience About Electronic Arts We're proud to have an extensive portfolio of games and experiences, locations around the world, and opportunities across EA. We value adaptability, resilience, creativity, and curiosity. From leadership that brings out your potential, to creating space for learning and experimenting, we empower you to do great work and pursue opportunities for growth. We adopt a holistic approach to our benefits programs, emphasizing physical, emotional, financial, career, and community wellness to support a balanced life. Our packages are tailored to meet local needs and may include healthcare coverage, mental well-being support, retirement savings, paid time off, family leaves, complimentary games, and more. We nurture environments where our teams can always bring their best to what they do. Electronic Arts is an equal opportunity employer. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status, veteran status, or any other characteristic protected by law. We will also consider employment qualified applicants with criminal records in accordance with applicable law. EA also makes workplace accommodations for qualified individuals with disabilities as required by applicable law.

Imagine what you could do here! At Apple, new ideas have a way of becoming extraordinary products, services, and customer experiences very quickly. Bring passion and dedication to your job and there's no telling what you could accomplish. Dynamic, intelligent people and inspiring, innovative technologies are the norm here. The people who work here have reinvented entire industries with all Apple Hardware products. The same real passion for innovation that goes into our products also applies to our practices strengthening our dedication to leave the world better than we found it. We are looking for an experienced Security Architect with experience spanning both hardware and software. You will work with a multi-functional engineering team to define, design, and verify security systems. Join us to help deliver the next groundbreaking Apple product. As part of the Platform Architecture organization, the Security Architecture team has a mission to provide rock-solid security foundation to Apple's products. We evaluate security threats, define security features, architect security solutions. We collaborate with the software teams to ensure seamless security systems. We work together with different silicon teams throughout the entire design flow to guarantee state-of-the-art security goes into various in-house and out-sourced silicon chips. 20 years of relevant industry experience. MS or PhD in EE/CE, Computer Science or related engineering degree. Solid background of applied cryptography. Exposure to OS security. Excellent interpersonal skills. Ability to independently pursue new ideas and innovations. Good knowledge of Verilog/VHDL. Experience in C/C++ and interpretive language such as Perl/Python. BS in EE/CE, Computer Science or related engineering degree. Experience in definition of secure systems. Experience in threat modeling and weaknesses analysis. Experience with SoC architecture.

We provide creative and technology services and solutions in the areas of web design, customized web applications, IT Staffing and e-commerce solutions, Mobile App development and much more services to organizations in the All over the world. With well defined and documented processes and practices, we ensure successful implementation of all our projects. Our teams are highly trained in best practices of web and application developments and are managed by certified project managers who ensure highest levels of process control and management Job Description Security Architect Locations: Austin, TX Full Time Travel Required: Up to 10% or 1 day a week Work with IBM Cloud PaaS Offering Management on defining security roadmap Engage with clients as sponsor users to implement new security capabilities Architect technical security requirements for external compliance certifications Participate and enforce IBM PSIRT, IBM CSIRT, and IBM Secure Engineering processes Provide security technical guidance to Bluemix services and SaaS offerings that run on top of Bluemix PaaS Create external facing collateral for use by client facing teams and clients Participate in IBM Cloud Security interlocks Present in client facing/external conferences e.g., Interconnect etc. Support Bluemix sales by presenting to clients (on the phone, F2F) Mentor security team members You will work with the best of the teams in Cloud Dev, Cloud Security, Cloud Offering Management, Cloud Sales. You will be outgoing, team player, willing to mentor and lead team members, must have great sense of humor. You will have demonstrated communication skills, experience with working with customers and be able to bring customer requirements back to the team. Your extensive experience in security and compliance audit is of great advantage. This is a high performing, leading edge team that offers exciting opportunities in Cloud security. If you have it in you, then you are at the right place. Apply below immediately. Required Technical and Professional Expertise: At least 8 years of experience in technical security architecture and design skills At least 5 years of experience in External customer facing experience and skills At least 3 years experience in Compliance Standards Preferred Technical and Professional Experience: At least 3 years of experience in Cloud Security and compliance standards. Certified Information Systems Security Professional (CISSP) certification is preferred Additional Information All your inform ation will be kept confidential according to EEO guidelines.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Saronic Technologies is a leader in revolutionizing defense autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations for the Department of Defense (DoD) through autonomous and intelligent platforms. Position OverviewWe are seeking an experienced ISSO to lead the stand-up, accreditation, and continuous monitoring of classified networks in support of U.S. Government customers. The ideal candidate has direct, hands-on experience securing Authorities to Operate (ATO) for SIPRNet (DCSA) and JWICS (Navy/IC) environments, with proven expertise managing ATO lifecycles across the DOW, IC, and specific Navy stakeholders. Experience with CWAN and/or enabling Defense Contractors to build compliant, customer-aligned classified enclaves is preferred.This role reports to the Industrial Security Manager and works closely with Cybersecurity, Information Technology, Business Development, and Growth Teams to deliver accredited classified capabilities on time and within scope.Key Responsibilities Serve as the primary ISSO for SIPRNet (DCSA) and JWICS (Navy/IC) ATO packages, including RMF workflow in eMASS, Xacta, or equivalent. Lead ATO development, submission, assessment, and authorization with DCSA, Navy AO/DAO, and IC CAFs (e.g., DIA, NSA, NRO). SOCOM-Specific Functions Author and maintain USSOCOM 10-702 RMF overlays for SOF-unique systems (e.g., SOFNET, SOF-IA, Mission Command Systems). Manage ATO packages under SOCOM's J6/J39 using eMASS Enterprise and SOCOM's Risk Management Framework Process Guide. Coordinate with TSOC ISSMs and Component Command Validators for deployment of classified SOF enclaves worldwide. Navy-Specific Functions Interface directly with NAVCYBERFOR, FLTCYBERCOM, and SPAWAR/NAVWAR for CANES, ADNS, and ISNS integration into contractor JWICS drops. Execute Navy RMF per NAVSEA 9400 series and SECNAV M-5239.2 for ship-to-shore and afloat classified networks. Manage JWICS ATOs under Navy DAO (OPNAV N2N6), including Type-1 encryption and NSA Commercial Solutions for Classified (CSfC) implementations. SAP/SCI Environment Functions Act as SAP ISSO for Special Access Programs (SAP) under DoD SAPCO, Service SAPCOs, and IC SAPCOs. Participate in the development of SAP Security Plans (SAPSP), Fixed Facility Checklists (FFC), and TEMPEST addendums for SAP facilities. Oversee SAP network carve-outs, air-gapped systems, and bilateral SAP-to-SCI cross-domain transfers. Manage classified network stand-up for Defense Contractor facilities, including: Design and implementation of secure enclaves (SIPR, JWICS, CWAN, SAP) Cross-domain solutions (CDS), VTC, and secure voice Compliance with ICD 503, JSIG, NISPOM, DAAPM, and CNSSI 1253 Oversee continuous monitoring, POA&M management, and annual re-accreditation for CWAN-connected systems and/or SAP collateral networks. Coordinate with Navy SPAWAR, NRO, DISA, SOCOM J6, and IC customers to align technical solutions with mission requirements. Conduct security audits, vulnerability scans (ACAS), STIG compliance, and incident response for classified systems. Mentor junior ISSOs and interface with CPSO/FSO on physical, personnel, and COMSEC requirements. Required Qualifications 5+ years as ISSO in classified DoD/IC environments (SIPR/JWICS and SAP mandatory). Direct experience obtaining and maintaining ATOs with: DCSA for SIPRNet DOW for JWICS CWAN-connected networks USSOCOM or SAP AOs for SOF/SAP systems Proficiency with RMF, eMASS, Xacta 360, SOCOM 10-702 overlays, and SCAP/STIGs. Current DoD 8570 IAT/IAM Level III certification (e.g., CISSP, CISM, GSLC). Active TS/SCI with Full-Scope Poly (or CI Poly with ability to obtain FS). Bachelor's degree in Cybersecurity, IT, or related field (or equivalent experience). Travel: Occasional (10-15%) Preferred Qualifications Prior CWAN and SOCOM SOFNET accreditation and operations experience. Experience with Navy FLTCYBERCOM, SPAWAR, ONR, or SOCOM J39 classified programs. Familiarity with CDS (ISSE Guard, Radiant Mercury), CSfC, and secure VTC (SVTC). SAP ISSM training (e.g., CDSE SAP Security Management) and ICD 705 SCIF accreditation experience. Experience supporting Defense Contractors in building customer-dedicated classified networks (e.g., SCIF-in-SCIF, dedicated JWICS/SAP drops). Physical Demands Prolonged periods of sitting at a desk and working on a computer Occasional standing and walking within the office and production environments Manual dexterity to operate a computer keyboard, mouse, and other office equipment Visual acuity to read screens, documents, and reports Occasional reaching, bending, or stooping Lifting and carrying items up to 20 pounds Benefits Medical Insurance: Comprehensive health insurance plans covering a range of services Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care Saronic pays 100% of the premium for employees and 80% for dependents Time Off: Generous PTO and Holidays Parental Leave: Paid maternity and paternity leave to support new parents Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses Retirement Plan: 401(k) plan Stock Options: Equity options to give employees a stake in the company's success Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office This role requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3) . Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.