Security architect jobs in San Clemente, CA

**About Us** We are a global leader in outdoor sports, golf simulation, and cycling/ power sports equipment, delivering innovative products and digital experiences to athletes and enthusiasts worldwide. Our technology ecosystem spans retail, e-commerce, connected devices, SaaS platforms, and manufacturing systems. Protecting our customers, intellectual property, and operations is essential to maintaining trust and enabling innovation. **Role Overview** We are seeking a Principal Security Architect who will own enterprise security architecture strategy and execution across a complex global landscape. This is not a maintenance role-it's a change leadership position for someone who thrives on solving complex problems, challenging assumptions, and driving transformation. You will work alongside senior IT and business leaders to design and implement enterprise and security architectures that enable innovation and accelerate top-line growth. This role demands autonomy, influence, and the ability to lead engineers through discovery, design, and delivery. **Key Responsibilities** **Enterprise Architecture Leadership** + Define anddrive enterprise-wide security architecture strategy, ensuring alignment with business objectives and growth initiatives. + Influencenetwork and compute architecture decisions to embed security into foundational design. + Champion acloud-first strategy, guiding migration and modernization efforts across hybrid and on-prem environments. + Develop reference architectures, standards, and design patterns that embed security into every layer of our technology stack. **Engineering & Technical Execution** + Lead engineers throughdiscovery and design workshops, translating business priorities into actionable security solutions. + Provide hands-on technical leadership in solution selection and integration (IAM, PAM, SIEM, EDR, cloud security, data security, DevSecOps pipelines). + Oversee proof-of-concept and pilot deployments of new security technologies, ensuring scalability and performance. **Business Partnership & Influence** + Collaborate with senior IT and business leaders toalign security architecture with revenue-driving initiatives. + Influence stakeholders by clearly articulating trade-offs between security, usability, and cost. + Act as a trusted advisor to product, engineering, and business teams during digital transformation efforts. **Governance & Risk Alignment** + Translate regulatory and compliance requirements (PCI-DSS, SOC2, ISO 27001, GDPR, CCPA) into practical security controls. + Participate in security design reviews, risk assessments, and threat modeling for critical projects. + Ensure architectural alignment with enterprise risk management and business continuity objectives. **What We're Looking For** + Relentless problem-solver who thrives in ambiguity and challenges the status quo. + Someone that can envision an effective and efficient technical landscape and then align resources to deliver. + Ability toinfluence without authority and rally teams around a bold vision. + Comfortable makinghigh-impact decisions and owning outcomes. **Qualifications** + Proven track record ofleading enterprise security transformations and delivering measurable improvements. + Deep expertise in cloud-native (AWS, Azure, GCP), hybrid, and on-prem environments. + Strong understanding of identity & access management, zero-trust models, DevSecOps, and container security. + Familiarity with MITRE ATT&CK, NIST CSF, and security design principles. + Excellent communication and stakeholder management skills. **Preferred Experience** + Security leadership in global manufacturing, retail, e-commerce, or supply chain environments. + Hands-on experience with API security, payment security (PCI-DSS), and secure mobile applications. + Knowledge of security automation and orchestration (SOAR) and infrastructure-as-code security (Terraform, CloudFormation). + Simplification of complex legacy landscapes. **Certifications** Certifications are valued but demonstrated experience in driving change and leading architecture at scale is essential. **Why This Role Matters** This is a strategic leadership position that will shape the future of our security posture and enable innovation across the enterprise. Your work will directly impact customer trust, operational resilience, and top-line growth. **Location** This role will be in either Orange County or San Diego County in California. Out of the area candidates will not be considered. \#LI-CD1 **Pay Range:** $123,200.00 - $162,800.00 The actual annual salary offered to a candidate will be based on variables including experience, geographic location, education, and skills/achievements, and will be mutually agreed upon at the time of offer. We offer a highly competitive salary, comprehensive benefits including: medical and dental, vision, disability and life insurance, 401K, PTO, paid holidays, gear discounts and the ability to add value to an exciting mission! Our Postings are not intended for distribution to or use in any jurisdiction, country or territory where such distribution or use would violate local law or would subject us to any regulations in another jurisdiction, country or territory. We reserve the right to limit our Postings in any jurisdiction, country or territory. Equal Opportunity Employer Minorities/Females/Protected Veteran/Disabled **Revelyst is a collective of makers that design and manufacture performance gear and precision technologies. Our category-defining brands leverage meticulous craftsmanship and cross-collaboration to pursue new innovations that redefine what is humanly possible in the outdoors. Portfolio brands include Foresight Sports, Bushnell Golf, Fox, Bell, Giro, CamelBak, Bushnell, Simms Fishing and more.** Revelyst is an equal opportunity employer. All applicants are considered for employment without regard race, color, religion, sexual orientation, gender identity, national origin, disability, veteran status, and any other characteristics protected by law. The EEO Law poster is available here: **************************************************************** If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to ******************** . Please note that this email address is for accommodation purposes only. Revelyst will not respond to inquiries for other purposes.

Sr. Cloud Security Architect - (250000OA) Description Who We AreThrough our service brands Hyundai Motor Finance, Genesis Finance, and Kia Finance, Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai, Genesis, and Kia customers and dealerships. We provide vehicle financing, leasing, subscription, and insurance solutions to over 2 million consumers and businesses. Embodying our commitment to grow, innovate, and diversify, we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a values-driven company dedicated to supporting both internal and external communities through volunteering, philanthropy, and the empowerment of our Employee Resource Groups. Together, we strive to be the leader in financing freedom of movement. We Take Care of Our PeopleAlong with competitive pay, as an employee of HCA, you are eligible for the following benefits:· Medical, Dental and Vision plans that include no-cost and low-cost plan options· Immediate 401(k) matching and vesting· Vehicle purchase and lease discounts plus monthly vehicle allowances· Paid Volunteer Time Off with company donation to a charity of your choice· Tuition reimbursement What to ExpectThe Sr. Cloud Security Architect is a strategic technical leader responsible for designing and implementing secure cloud architecture across multiple platforms and service models. This role ensures that enterprise cloud environments-including SaaS, PaaS, and IaaS-are resilient, compliant, and aligned with cybersecurity standards. The architect will work closely with the IT Infrastructure Platform team to integrate security into infrastructure services and cloud-native platforms, including securing the Microsoft 365 (M365) ecosystem. This role will champion the adoption of Zero Trust principles and industry best practices, working cross-functionally to elevate the organization's cloud security posture. What You Will Do1. Cloud Security Architecture & Design:· Design Secure Cloud Infrastructure Environments: design and implement secure cloud architecture across AWS, OCI, GCP and other platforms. · Assess and Secure IaaS, PaaS, SaaS solutions: Identify cybersecurity risk and remediation activities to ensure our SaaS solutions such a Salesforce, M365, and other solutions are aligned with industry's best practices to ensure the security of our data stored and processed within these services. · Secure AI Utilization: design and implement security controls for AI/ML workloads in cloud environments, including securing model training pipelines, protecting sensitive data, and mitigating risks associated with adversarial AI, model drift, and generative AI misuse. · Develop reference architectures and security patterns that align with Zero Trust principles. · Lead threat modeling and risk assessments for cloud and hybrid workloads. 2. Cloud Security Engineering, Implementation and Operations Support:· Cloud Security Solution Management: manage and monitor our cloud native security solutions and monitoring tools to ensure optimal performance and visibility. · Provide Support and Guidance for Security Operations: Provide technical leadership and guidance to our Security ops teams and lead incident responses related to Cloud security events. · Review, monitor and Optimize: review current Cloud solution implementations, optimize cloud security utilization and improve efficiency and integration when possible. Create continuous monitoring of Cloud Security Compliance. · Collaborate with infrastructure and DevOps teams to implement security controls including IAM, encryption, segmentation, and monitoring. · Integrate cloud security tools (CSPM, CWPP, CIEM) into CI/CD pipelines and runtime environments. · Drive automation and infrastructure-as-code (IaC) practices using tools. · Define cloud security monitoring requirements and integrate with SIEM and SOAR platforms. · Support incident response and forensic investigations related to cloud and hybrid environments. · Conduct root cause analysis and recommend architectural improvements to prevent recurrence. 3. Collaboration and Innovation:· Cross-Functional Collaboration: Partner with IT Infrastructure and IT Application teams, DevOps, IAM, DLP, Security Operations, Information Protection Governance and business units to integrate security into digital transformation initiatives, such as cloud migrations, fintech innovations, and core banking systems. · Technology Evaluation: Research and evaluate emerging cybersecurity technologies (e. g. , AI-driven threat detection, PasswordLess authentication) to enhance architectural resilience and efficiency. · Automation and Orchestration: Design automated security workflows using tools like SOAR platforms (e. g. , Splunk SOAR, Palo Alto Cortex) to improve incident response and operational efficiency. · Knowledge Sharing: Mentor junior architects and engineers, sharing best practices and fostering a culture of security awareness across the organization. · Act as a subject matter expert (SME) for cloud and hybrid security across the enterprise. · Influence strategic decisions around cloud adoption, migration, and modernization with a security-first mindset. 4. Compliance and Regulatory Alignment:· Regulatory Compliance: Ensure cloud security architecture meets financial regulations (e. g. , PCI DSS, GDPR, Korean SOX, FFIEC, NYDFS) through secure design, documentation, and audit-ready configurations. · Policy Development: Contribute to the development of cybersecurity policies and standards, ensuring architectural designs align with regulatory and organizational requirements. · Vendor Evaluation: Assess third-party vendors and Managed Security Service Providers (MSSPs) for compatibility with architectural designs and compliance needs· Promote and enforce industry best practices for cloud security architecture, operations, and governance. 5. Documentation and Reporting:· Architecture Documentation: Create and maintain detailed architectural diagrams, design documents, standards and runbooks to support implementation, audits, and incident response. · Executive Communication: Present architectural designs, risk assessments, and recommendations to the Director of Cybersecurity, CISO, and senior leadership, articulating business impacts. · Metrics and Validation: Develop metrics to validate architectural effectiveness (e. g. , threat detection coverage, compliance adherence) and drive continuous improvement. Qualifications What You Will Bring· Minimum 8 years progressive experience in cybersecurity with proven knowledge in cloud security architecture or engineering role designing secure cloud native systems. · 3+ years of experience in financial services, with a strong understanding of financial threats (e. g. , fraud, data breaches) and regulations (e. g. , PCI DSS, Korean SOX, GDPR). · Hands-on experience architecting secure network, cloud, and SaaS environments in complex, regulated industries. · Bachelor's degree in computer science, Information Security, or related field; Master's degree preferred· At least one of the following: CISSP, CCSP, CISM, TOGAF, or equivalent. · Hands-on security testing experience in cloud platforms, especially AWS and M365. · Cloud security certifications such as:o AWS Certified Security - Specialtyo Microsoft Azure Security Engineero Microsoft 365 Securityo Google Professional Cloud Security Engineero Other comparable certifications. Technical Skills:· Technical expert with deep experience in financial services, a strategic mindset, and the ability to align cybersecurity architecture with business objectives. · Expertise in network security (e. g. , NGFW, IDS/IPS, VPNs) and cloud security (AWS, Azure, Google Cloud, Oracle Cloud)· Proficiency in Microsoft 365 Security Tools: Microsoft Defender, Intune, Azure AD (Entra), ADFS· Knowledge of security frameworks such as NIST, ISO 27001, and COBIT. · Strong knowledge of Cloud Native Security solutions and monitoring technology - (AWS CloudTrail, SecurityHub, GuardDuty)· Experience with secure software development lifecycles (SDLC) and DevSecOps practices. · Familiarity with automation and scripting (e. g. , Python, PowerShell, Terraform) for infrastructure-as-code and security orchestration. · Hands-on experience with cloud security posture management (CSPM) and workload protection platforms. · Proficiency in IAM frameworks (RBAC, MFA, PAM) and DLP technologies (data classification, policy enforcement). · Strong knowledge of SIEM (e. g. , Splunk), SOAR, and threat intelligence platforms for architectural integration. · Deep experience in the design and implementation of robust security architectures for SaaS platforms, ensuring secure integration, data protection, and compliance with industry standards such as SOC 2, ISO 27001, and others. · Experience designing and implementing security controls for AI/ML workloads in cloud environments. · Knowledge of financial systems (e. g. , core banking platforms, payment gateways) and their security requirements. Soft Skills:· Strong problem-solving skills to address complex architectural challenges. · Excellent communication skills to articulate technical concepts to technical and non-technical stakeholders. · Strategic thinker with the ability to align cybersecurity architectures with business and regulatory goals. Preferred· Experience with AI-driven cybersecurity tools (e. g. , ReliaQuest GreyMatter, Rapid7, etc. ) for threat detection and response. · Familiarity with zero-trust architectures and emerging technologies, such as SASE or decentralized identity. · Knowledge of data encryption, tokenization, and secure API design for financial applications. · Experience working with MSSPs to integrate external security services. · Understanding of threat modeling frameworks. Work EnvironmentEmployees in this class are subject to extended periods of sitting, standing, and walking, vision to monitor and moderate noise levels. Work is performed in an at home and office environment. The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location, and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range. California Privacy NoticeThis notice only applies to our applicants who reside in the State of California. The latest version of our Privacy Policy can be found here. This Privacy Policy provides you with notice, at or before the point of collection, about the categories of personal information to be collected from you, the purposes for which your personal information is collected or used, and whether that information is sold or shared, so that you can exercise meaningful control over our use of your personal information. We are providing this notice to comply with the California Consumer Privacy Act of 2018, as amended as amended by the California Privacy Rights Act of 2020 (“CCPA”). If you have any questions about CCPA regarding California residents or HCA team members, please contact the Privacy Team at Privacy2@hcs. com. Primary Location: United States-California-IrvineWork Locations: Headquarters 1 3161 Michelson Dr. Ste 1900 Irvine 92612Job: IT ApplicationJob Type: RegularOvertime Status: ExemptSchedule: Full-time Minimum Salary: $132,000. 00Maximum Salary: $204,600. 00Job Posting: Dec 1, 2025

Sr. Information Security Engineer External Description: Alignment Healthcare is a data and technology driven healthcare company focused on partnering with health systems, health plans and provider groups to provide care delivery that is preventative, convenient, coordinated, and that results in improved clinical outcomes for seniors. We are experiencing rapid growth (backed by top private equity firms), and our team is looking for the best and brightest individuals. We love our customers and understanding them better makes it possible to provide the best clinical outcomes and care experience. Are you an Information Security Engineer with experience in automation, cloud technologies, and endpoint security? Would you like to work in an environment where your skills can be utilized effectively, and you have opportunities to make significant impact? If you are passionate about security and can reduce risk in practical ways that scale, we want to hear from you! Major Responsibilities Contributes to the daily operational aspects of the Information Security Team, primarily from a technical implementation perspective. Assists with break/fix of tools and automation that are owned by the Information Security Team. Works with internal and external customers on a variety of issues, from a simple security review of a mundane and routine ask, to a complex deep dive into a new feature implementation in O365, Azure, or AWS. Balances operational work (approximately 70% of the day) to help meet team SLAs, and project work (approximately 30% of the day) to meet assigned team deliverables. Contributes to the design, implementation, and documentation of new security tools. Collaborates with other internal information technology teams (networking, cloud, traditional architecture, developers, and data scientists) to support internal and external systems. Utilizes scripting and DevOps to provide automation and orchestration between: information security tools, such as the SIEM (Logstash, FortiSIEM, IBM QRadar, etc.); endpoint protection (Symantec, McAfee, Cylance, CrowdStrike Falcon, etc.); vulnerability scanners (Rapid7, Nessus, etc.); patch management (SCCM, Altiris, PDQ, etc.); other applications; OS' (Windows, MacOS, Linux, iOS, Android); cloud platforms (AWS, Azure); and IAM platforms (Active Directory, Okta, Auth0, PingIdentity, SAML, OIDC). Clearly documents designed automation and system relationships. Contributes and participates in the Information Security Team daily stand-ups and other meetings as necessary. Participates in regular reporting, maintaining accountability and transparency within the Information Security Team. Remains current on industry trends in cyber risk with industry standards (ISO 27001/2, NIST, CIS) and regulatory requirements (HIPAA, HITECH, HITRUST, etc.) Technical knowledge of common information security tools and systems: DLP, MAM/MDM, Firewall/VPN, endpoint protection, PKI, RBAC, IAM, etc. Demonstrated practical experience with one or more programming or scripting languages. (PowerShell, Python, C#, VB, VBA, Ruby, NodeJS, SQL, etc.) We're not picky, but you must be able to deliver practical automation! Demonstrated practical experience with one or more of the major cloud providers (AWS, Azure, GCP). Excellent oral and written communication skills, and an ability to present and discuss technical information in a way that establishes rapport and trust. Detail orientated, with an ability and desire to build to 100%, but being ok with building to 90% as tasked. An ability to be productive as an individual contributor with little supervision to meet agreed upon deliverables. Preferred Prior experience in the healthcare or a related HIPAA regulated industry. A working knowledge of the NIST CSF and/or CIS Critical Security Controls (CSC). A working knowledge of Git and GitHub. Previous experience contributing to projects using agile tools (Jira, Azure DevOps, Pivotal) and processes (Scrum, Kanban). One or more cloud security certifications. Education Bachelor's degree in Computer Science, Computer Engineering, or related technical discipline, and/or equivalent work experience. 3+ years' experience working in a technical, hands-on, information security role. One or more current security related certifications (e.g., CISSP, SANS GIAC, etc.) City: Orange State: California Location City: Orange Schedule: Full Time Location State: California Community / Marketing Title: Sr. Information Security Engineer Company Profile: Alignment Healthcare was founded with a mission to revolutionize health care with a serving heart culture. Through its unique integrated care delivery models, deep physician partnerships and use of proprietary technologies, Alignment is committed to transforming health care one person at a time. By becoming a part of the Alignment Healthcare team, you will provide members with the quality of care they truly need and deserve. We believe that great work comes from people who are inspired to be their best. We have built a team of talented and experienced people who are passionate about transforming the lives of the seniors we serve. In this fast-growing company, you will find ample room for growth and innovation alongside the Alignment community. EEO Employer Verbiage: On August 17, 2021, Alignment implemented a policy requiring all new hires to receive the COVID-19 vaccine. Proof of vaccination will be required as a condition of employment subject to applicable laws concerning exemptions/accommodations. This policy is part of Alignment's ongoing efforts to ensure the safety and well-being of our staff and community, and to support public health efforts. Alignment Healthcare, LLC is proud to practice Equal Employment Opportunity and Affirmative Action. We are looking for diversity in qualified candidates for employment: Minority/Female/Disable/Protected Veteran. If you require any reasonable accommodation under the Americans with Disabilities Act (ADA) in completing the online application, interviewing, completing any pre-employment testing or otherwise participating in the employee selection process, please contact ******************.

Job DescriptionDescription: Aspire General Insurance Company and its affiliated general agent, Aspire General Insurance Services, are on a mission to deliver affordable specialty auto coverage to drivers without compromising outstanding service. Our company values can best be described with ABLE: to always do the right thing, be yourself, learn and evolve, and execute. Join our team where every individual takes pride in driving their role for shared success. JOB SUMMARY: Aspire General Insurance, a leader in non-standard auto insurance, is seeking a hands-on and strategic Director of Information Security to develop, implement, and maintain the company's information security program. This role is responsible for protecting sensitive customer data, ensuring compliance with regulatory standards, and strengthening our overall cyber risk posture in a cloud-native, AI-enabled environment. Key Responsibilities: Develop and lead the enterprise-wide information security strategy, including governance, risk management, threat detection, and incident response. Manage and mature security operations, vulnerability management, and access controls. Own compliance with regulatory frameworks (e.g., NAIC Model Law, GLBA, PCI-DSS, SOC 2) relevant to the insurance industry. Collaborate with IT, legal, and claims teams to embed security into infrastructure, applications, and third-party vendor relationships. Oversee risk assessments, penetration testing, and security audits; prioritize and remediate findings. Lead response to security incidents, including detection, containment, communication, and recovery. Evaluate and implement modern security technologies, particularly in cloud environments (e.g., Azure security tools). Educate employees on security awareness and develop policies for secure use of systems and data. Supervise and grow a small but high-performing InfoSec team and contractors. Requirements: Qualifications: 8+ years in information security roles, with at least 3 years in a leadership capacity. Deep knowledge of cybersecurity principles, risk frameworks, and regulatory requirements. Experience with cloud security (AWS or Azure), identity and access management (IAM), SIEM tools, endpoint protection, and zero trust architectures. Track record of managing security programs in regulated industries such as financial services or insurance. Familiarity with third-party risk management and secure SDLC practices. Excellent communication and incident-handling skills. Knowledge of SOC 2, ISO 27001, and/or NIST frameworks. Bachelor's degree in Information Security, Computer Science, or related field (CISSP, CISM, or similar certification strongly preferred). Preferred Experience: Experience working with or securing AI/ML platforms and data pipelines. Experience with security considerations in insurance claims and policy systems (e.g., PII, policy documents). Benefits: Medical, Dental, Vision, HSA*, PTO, 401k, Company Observed Holidays Individuals seeking employment at Aspire General Insurance Services LLC are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation in accordance with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements. *Dependent on plan selected

Are you a hands-on security leader ready to make a measurable impact in a mission-driven organization? We're looking for a Director of Information Security to lead and scale our security operations, incident response, and engineering efforts. In this role, you'll oversee our security ecosystem - from real-time monitoring to proactive threat hunting - and help shape the future of enterprise security at a growing company. This is a highly collaborative position where you'll work cross-functionally with teams across the business to protect our information assets, infrastructure, and services - especially within a SaaS and life sciences environment. What will you do? Shape and drive the enterprise security operations strategy in alignment with broader company goals. Serve as a trusted advisor to senior leadership on all things security. Manage our Security Operations Center (SOC), ensuring rapid incident detection, triage, and response. Oversee threat intelligence, vulnerability management, and operational risk mitigation initiatives. Partner with IT and engineering teams to deploy, tune, and optimize tools like SIEM, SOAR, EDR, and DLP. Implement automation and integrations that improve speed and efficiency. Lead cyber incident response efforts and continuously test and improve our disaster recovery and response plans. Coordinate cross-functional teams (e.g., Legal, HR, Communications) during major security events. Lead, mentor, and grow a high-performing team of security and infrastructure professionals. Support the development of a resilient, inclusive, and learning-driven culture across the department. Align programs with regulatory standards (HIPAA, SOX, GDPR, PCI-DSS) and frameworks (NIST, MITRE ATT&CK). Support audits and ensure documentation is ready and accurate. How will you get there? Bachelor's degree in Computer Science, Information Security, or related field (Master's a plus). 12+ years of relevant experience, including 4+ years leading teams in complex enterprise environments. Hands-on expertise in SOC management, incident response, and threat intelligence. Experience in the Medical Device, Life Sciences, or highly regulated industries preferred. Professional certifications such as CISSP, CISM, GIAC, or CEH. Proficiency with security tools including SIEM, EDR, SOAR, IDS/IPS, and vulnerability management platforms. Strong knowledge of cloud (AWS, Azure, GCP), Windows/Linux systems, and network protocols. Familiarity with security frameworks and standards (NIST, MITRE, ISO 27001). Proven ability to build, lead, and retain high-performing technical teams. A proactive, solutions-oriented mindset with excellent communication and collaboration skills. #GKOSUS

At Vast, our mission is to contribute to a future where billions of people are living and thriving in space. We are building artificial gravity space stations, allowing long-term stays in space without the adverse effects of zero-gravity. Our initial crewed space habitat will be Haven-1, scheduled to be the world's first commercial space station when it launches into low earth orbit in May 2026. Our team is all-in, committed to executing our mission safely and on time. If you want to work with the most talented people on Earth furthering space exploration for humanity, come join us. Vast is looking for a Senior Product Security Engineer, reporting to the Information Security Manager, to support the development of the systems that will be required for the design and build of artificial-gravity human-rated space stations. This will be a full-time, exempt position located in our Long Beach location. Responsibilities: Developing top-level system requirements, and flowing down requirements and implementation concepts to subsystem. Define security development and test efforts implementation of security controls of components for the ground, link, and vehicle segments. Support developing plans and estimates, task execution, project tracking, reporting, and risk identification and mitigation plans. Interact with other functions to coordinate requirements, solutions, trades, costs, implementation, system impacts, and effectiveness. Support compliance efforts as it relates to NIST 800-53. Minimum Qualifications: 5+ years of hands-on experience. Strong understanding of security architecture, system requirements development, and implementation concepts for complex systems. Hands-on experience with threat modeling, risk assessment, and security testing methodologies. Familiarity with cryptographic methods, access controls, and secure communications protocols. Experience supporting project planning, task execution, reporting, and risk management. Strong ability to interact with cross-functional teams to align security requirements, trade-offs, and system impacts. Experience in security assessments, audits, and remediation planning. Preferred Skills & Experience: Understanding of compliance requirements and certifications like NIST 800-53. Understanding of the SPARTA framework. Prior experience developing, implementing, and validating a security features for a space system. Familiarity operating in AWS. Prior experience working in a fast-paced startup environment. Additional Requirements: Ability to travel up to 10% of the time. Willingness to work overtime, or weekends to support critical mission milestones. Pay Range Senior Product Security Engineer: $150,000 - $204,000 Staff Product Security Engineer: $183,000 - $242,800 Salary Range: California$150,000-$242,800 USDCOMPENSATION AND BENEFITS Base salary will vary depending on job-related knowledge, education, skills, experience, business needs, and market demand. Salary is just one component of our comprehensive compensation package. Full-time employees also receive company equity, as well as access to a full suite of compelling benefits and perks, including: 100% medical, dental, and vision coverage for employees and dependents, flexible paid time off for exempt staff and up to 10 days of vacation for non-exempt staff, paid parental leave, short and long-term disability insurance, life insurance, access to a 401(k) retirement plan, One Medical membership, ClassPass credits, personalized mental healthcare through Spring Health, and other discounts and perks. We also take pride in offering exceptional food perks, with snacks, drip coffee, cold drinks, and dinner meals remaining free of charge, and lunch subsidized as part of Vast's ongoing commitment to providing high-quality meals for employees. U.S. EXPORT CONTROL COMPLIANCE STATUS The person hired will have access to information and items subject to U.S. export controls, and therefore, must either be a “U.S. person” as defined by 22 C.F.R. § 120.62 or otherwise eligible for deemed export licensing. This status includes U.S. citizens, U.S. nationals, lawful permanent residents (green card holders), and asylees and refugees with such status granted, not pending. EQUAL OPPORTUNITY Vast is an Equal Opportunity Employer; employment with Vast is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.

General information Requisition # R64222 Posting Date 11/14/2025 Security Clearance Required TS/SCI Remote Type Onsite Time Type Full time Description & Requirements Shape the future of defense with MANTECH! Join a team dedicated to safeguarding our nation through advanced tech and innovative solutions. Since 1968, we've been a trusted partner to the Department of Defense, delivering cutting-edge projects that make a real impact. Dive into exciting opportunities in Cybersecurity, IT, Data Analytics and more. Propel your career forward and be part of something extraordinary. Your journey starts now-protect and innovate with MANTECH! MANTECH seeks a motivated, career and customer-oriented Information Systems Security Officer with strengths in Information Systems Security to join our team at Marine Corps Base Camp Pendleton California. This position will assist Marine Corps Warfighting Laboratory (MCWL) prepare for and maintain the IT infrastructure, IT capabilities and Audio-Visual capabilities to support emerging ICD 705 Sensitive Compartmentalized Information Facilities (SCIFs) and Special Access Control Facilities (SAPFs) through planning, activation and operations. Responsibilities include but are not limited to: * Experience in network design, network monitoring, systems development, and knowledge of Information Assurance (IA) policies, directives, and best practices across DoD and Marine Corps. * Knowledge and experience with organizations within the Marine Corps responsible for facilitating network approvals and connections. * Work with various Marine Corps, Navy, Joint, and other services to coordinate installs supporting Initial Operating Capability (IOC) and Final Operating Capability (FOC). * Ability to communicate and provide effective staff coordination across government, Marine Corps, and contractor organizations. * Support the facility Site Security Manager (SSM)/Special Security Representative (SSR) and Information Systems Security Manager (ISSM) to oversee the secure installations and operations of systems across multiple security domains and in accordance with policies, directives, and best practices. * Establishes and satisfies complex system-wide information security requirements based upon the analysis of user, policy, regulatory, and resource demands. Supports Marine Corps and other customers at the highest levels in the development and implementation of doctrine and policies. Minimum Qualifications: * Bachelor's degree and at least 10 years' experience planning and/or operating IT infrastructure within ICD 705 facilities. * Experience with network security aspects of installations and operations. Preferred Qualifications: * Experience with MS Word, MS Power Point Clearance Requirements: * Candidate must have a current/active Top Secret clearance with the ability to obtain and maintain a TS/SCI clearance prior to starting this position. Physical Requirements: * Ability to maintain construction security oversight in outdoor environment; walk (with personal protective equipment) to inspect and document delivery of components and assembly/construction of structure. The projected compensation range for this position is $112,400.00-$186,500.00. There are differentiating factors that can impact a final salary/hourly rate, including, but not limited to, Contract Wage Determination, relevant work experience, skills and competencies that align to the specified role, geographic location (For Remote Opportunities), education and certifications as well as Federal Government Contract Labor categories. In addition, MANTECH invests in its employees beyond just compensation. MANTECH's benefits offerings include, dependent upon position, Health Insurance, Life Insurance, Paid Time Off, Holiday Pay, short-term and long-term Disability, Retirement and Savings, Learning and Development opportunities, wellness programs as well as other optional benefit elections. MANTECH International Corporation considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation. If you need a reasonable accommodation to apply for a position with MANTECH, please email us at ******************* and provide your name and contact information.

Momenti is a dynamic and immersive content company that revolutionizestraditional media by bringing visceral experiences to all forms of content. Wespecialize in interactive video that breaks the 4th wall, creating deeperconnections and emotions with our audience. Join us in transforming the waypeople engage with content and bring moments to life. Momenti is at theforefront of the content revolution, and we want you to be part of it. Job Summary:We are seeking a talented and experienced Security Engineer to join Momentias our first security hire and report directly to our Engineering Director. In thisrole, you will be responsible for ensuring the security and integrity of oursystems, applications, and data. You will work closely with cross-functionalteams to identify potential vulnerabilities, develop and implement securitymeasures, and provide ongoing support to maintain a secure environment. Thisis a unique opportunity to make a significant impact and shape the securitylandscape at Momenti. Key Responsibilities:• Develop and implement effective security strategies, policies, and proceduresto protect Momenti's systems, applications, and data.• Conduct regular security assessments, vulnerability testing, and risk analysisto identify and address potential security weaknesses.• Collaborate with software engineers and other stakeholders to design andimplement secure coding practices and ensure secure applicationdevelopment.• Monitor and respond to security incidents, including investigating andresolving security breaches, intrusions, and unauthorized access attempts.• Stay up-to-date with the latest security technologies, trends, and bestpractices, and provide recommendations for enhancements to our securityposture.• Educate and train employees on security awareness and best practices topromote a culture of security throughout the organization.Preferred Qualifications:• Solid experience in a security engineering or related role, with a focus onapplication and system security.• Strong understanding of web application security, network security principles,and secure coding practices.• Familiarity with security frameworks such as OWASP, NIST, and CISbenchmarks.• Knowledge of cloud security principles and experience securing cloud-basedenvironments (e.g., GCP, AWS, Azure).• Experience with security assessment tools and techniques, such asvulnerability scanners, penetration testing, and log analysis.Basic Qualifications:• Proven experience in implementing and managing security controls in aproduction environment.• Familiarity with compliance standards and regulations (e.g., GDPR, HIPAA,PCI DSS).• Strong problem-solving and analytical skills, with the ability to assess risksand develop effective mitigation strategies.• Excellent communication and collaboration skills, with the ability to workeffectively in cross-functional teams.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.

ABOUT ROCKET LAB Rocket Lab is an end-to-end space company delivering responsive launch services, complete spacecraft design and manufacturing, payloads, satellite components, and more - all with the goal of opening access space. The rockets and satellites we build, and launch enable some of the most ambitious and vital space missions globally, supporting scientific exploration, Earth observation and missions to combat climate change, national security, and exciting new technology demonstrations. Our Electron rocket has become the second most frequently launched U.S. rocket annually and has delivered more than 230 satellites to orbit, all while we work to develop Neutron, our upcoming medium-lift, reusable launch vehicle for larger constellation deployment. Our Space Systems business designs and builds our extensive line of satellites, payloads, and their components, including spacecraft that have been selected to support NASA missions to the Moon and Mars and components used on the James Webb Space Telescope. IT Rocket Lab's IT team is responsible for how our global teams access information and run operations across our computer systems, networks, and devices. Our hardworking IT team is a group of flexible problem-solvers working in a fast-paced environment but who also thrive under the challenge of supporting all of our proprietary systems and people, from finance to launch operations. PRINCIPAL CLOUD SECURITY ENGINEER Based onsite at Rocket Lab's office in Long Beach, CA the Senior Cloud Security Engineer must demonstrate a firm grasp of cloud-first, automated, API-driven security and statistical risk concepts and communication. They will work on securing all facets of Rocket Lab's cloud presence: the wide array of vendor services, code pipelines deploying into prod and non-prod environments, and automation performing an assortment of business-critical operations. They will provide analyses including quantifiable statistical information regarding IT and Cybersecurity risk to business partners with fiduciary responsibility. They will support the IT organization to develop a secure, reliable, and fiercely efficient platform to empower the Rocket Lab's objectives as a rapidly growing multinational space company. WHAT YOU'LL GET TO DO: * Design, implement, and maintain security controls for hybrid cloud-based environments, including infrastructure as a service (IaaS), platform as a service (PaaS), software as a service (SaaS), and function as a service (FaaS) solutions. * Design and develop custom automation in pursuit of cyber team objectives. * Provide security support for internal and external design reviews related to security. * Conduct security assessments and risk analyses to identify vulnerabilities and develop mitigation strategies for automated infrastructure such as public cloud, CI/CD pipelines, and agentic systems. * Work with Infrastructure Operations to Implement and manage identity and access management (IAM) solutions to control access to cloud resources and applications. * Develop documentation, plans, and proofs of concept for cybersecurity-related platform improvements. * Configure and monitor cloud security tools and services. * Collaborate with development teams to integrate security best practices into the software development lifecycle (SDLC), DevOps, and MLOps processes. * Maintain systems to help the team stay up-to-date on emerging threats, vulnerabilities, and industry best practices related to DevSecOps/MLOps and recommend proactive measures to enhance security posture. * Provide guidance and support to internal teams on security-related matters, including incident response, compliance, and security awareness training. * Participate in regular security audits, assessments, and compliance reviews to ensure adherence to regulatory requirements and industry standards. YOU'LL BRING THESE QUALIFICATIONS * Education and Experience in IT and Cybersecurity * 12+ years of experience in scripting languages (e.g., Bash, PowerShell, Python) and configuration management/infrastructure as code tools (e.g., Puppet, Ansible, Terraform). * Bachelor's degree or equivalent years of work experience (16+ years of total work experience) * Cloud Security and Architecture Expertise * Proven experience in cloud security architecture, design, and implementation across major cloud platforms (AWS, Azure, Google Cloud). * Hands-on experience with cloud security tools and services (e.g., AWS Security Hub, Azure Security Center, Google Cloud Security Command Center). * Compliance, Vulnerability Management, and IT Governance * Experience working under US Government compliance regimes (e.g., CMMC, NIST, DISA STIG) and ITIL/Change Review systems. * Proficiency in vulnerability management systems (e.g., Tenable, Bringa) and CLI scanning tools (e.g., Trivy, OpenSCAP). * Version Control, Networking, and Secure Communication * Extensive experience with git-driven version control systems (e.g., GitHub, GitLab, Bitbucket). * Strong understanding of networking concepts, encryption techniques, and secure communication protocols. * Data and Analytics Expertise * Experience with databases (e.g., PostgreSQL, SQLite) and data formats (e.g., Parquet, Arrow). * Proficiency in analytics systems (e.g., PowerBI, Jupyter) and vendor-agnostic assessment engines (e.g., Cloud Custodian, Panther). THESE QUALIFICATIONS WOULD BE NICE TO HAVE: * Advanced degree in computer science, information technology, cybersecurity, or equivalent career experience * Involvement with community cybersecurity organizations * Experience with the following: * AWS GovCloud / Azure GCC High * CI/CD pipeline security * Tier 2 cloud vendors * Hybrid cloud engineering * SAST and DAST testing * Secrets management / vaults / HSMs * Cloud incident response / forensics * Log aggregators like Graylog, ELK, or Splunk ADDITIONAL REQUIREMENTS: * Specific vision abilities required by this job include close vision, distance vision, peripheral vision, depth perception, and the ability to focus. * Regularly required to sit, use hands and fingers, operate computer keyboard and controls, and communicate verbally and in writing. * Must be physically able to commute to buildings. * Occasional exposure to dust, fumes and moderate levels of noise. Level and base salary will be determined on a case-by-case basis and may vary based on the following considerations: job-related knowledge and skills, education, and experience. Base salary is just one component of our total rewards package at Rocket Lab. Employees may also receive company equity and access to a robust benefits package including: top tier medical HMO, PPO & a 100% company-sponsored medical HSA plan option, dental and vision coverage, 3 weeks paid vacation and 5 days sick leave per year, 11 paid holidays per year, flexible spending and dependent care savings accounts, paid parental leave, disability insurance, life insurance, and access to a 401(k) retirement plan with company match. Other perks include: Discounted employee stock purchase program, subsidized EV charging stations, onsite gym, food and drinks, and other discounts. Eligibility for benefits may vary based on employment status, please check with your recruiter for a comprehensive list of the benefits available for this role. Benefit programs are subject to change at the company's discretion. Base Pay Range (CA Only) $150,000-$175,000 USD WHAT TO EXPECT We're on a mission to unlock the potential of space to improve life on Earth, but that's not an easy task. It takes hard work, determination, relentless innovation, teamwork, grit, and an unwavering commitment to achieving what others often deem impossible. Our people out-think, out-work and out-pace. We pride ourselves on having each other's backs, checking our egos at the door, and rolling up our sleeves on all tasks big and small. We thrive under pressure, work to tight deadlines, and our focus is always on how we can deliver, rather than dwelling on the challenges that stand in the way. Important information: FOR CANDIDATES SEEKING TO WORK IN US OFFICES ONLY: To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR), Rocket Lab Employees must be a U.S. citizen, lawful U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum, or be eligible to obtain the required authorizations from the U.S. Department of State and/or the U.S. Department of Commerce, as applicable. Learn more about ITAR here. Rocket Lab provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment at Rocket Lab, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Applicants requiring a reasonable accommodation for the application/interview process for a job in the United States should contact Giulia Johnson at ***********************.This dedicated resource is intended solely to assist job seekers with disabilities whose disability prevents them from being able to apply/interview. Only messages left for this purpose will be considered. A response to your request may take up to two business days. FOR CANDIDATES SEEKING TO WORK IN NEW ZEALAND OFFICES ONLY: For security reasons background checks will be undertaken prior to any employment offers being made to an applicant. These checks will include nationality checks as it is a requirement of this position that you be eligible to access equipment and data regulated by the United States' International Traffic in Arms Regulations. Under these Regulations, you may be ineligible for this role if you do not hold citizenship of Australia, Japan, New Zealand, Switzerland, the European Union or a country that is part of NATO, or if you hold ineligible dual citizenship or nationality. For more information on these Regulations, click here ITAR Regulations.

at loan Depot Responsible for driving the development, implementation, communication, and maintenance of loan Depot's technology policies, standards and procedures that are aligned to industry standards and regulatory requirements. Ensures that loan Depot technology processes adheres to regulatory requirements, manages risks effectively, and establishes strong governance practices. Develops and implements controls, monitors compliance, and supports risk management activities. Responsibilities: Leads the development and implementation of comprehensive cybersecurity and IT policies, standards, and guidelines. Continuously evaluates and updates cybersecurity and IT policies to ensure they remain current and effective. Ensures policies comply with relevant laws, regulations, and industry standards (e.g., NIST, FFIEC, GLBA, NYDFS, SOX and PCI-DSS). Collaborates with teams, working closely with IT, legal, compliance, and other departments, to gain a deep understanding of business needs to ensure cybersecurity policies align with business objectives. Transforms complex information and documentation into simple concepts that are easy to understand by the end-users. Offers specialized expertise and consultation to cross-functional teams to perform framework-oriented risk assessments, identify deficiencies, generate reports, and recommends prioritized, actionable solutions to mitigate risks and enhance loan Depot's overall security posture. Stays informed about the latest cybersecurity threats, trends, and best practices. Ensures accurate and up-to-date records of policy reviews, risk assessments, training activities, and incident responses. Benchmarks the organization's policies against industry standards and best practices. Develops and implements governance frameworks for cybersecurity policy management. Monitors key performance indicators, conducts gap analysis, risk assessments and implements frameworks, as needed. Tests and monitors effectiveness of controls. Establishes a feedback loop and analyzes metrics to continuously improve cybersecurity policies based on audit findings, incident reviews, and emerging threats. Actively leads and supports on internal and external audits and assessments of cybersecurity policies and practices. Accountable for ensuring identified audit and assessment findings and actions are tracked to closure. Maintains comprehensive documentation of all cybersecurity policies, procedures, and related activities. Communicates policy requirements and updates to all relevant stakeholders. Identifies opportunities for innovation and improvement in cybersecurity policy and practice. Proposes suitable mitigation strategies and verifies the effectiveness of remediation plans Requirements: Bachelor's Degree in Information Security, Computer Science, Information Technology, or a related field preferred. Minimum of six (6) + years' experience working in Cybersecurity GRC, policy development, risk management, or a similar field. Experience with GRC tools (e.g., Archer, ServiceNow, OneTrust). Proficiency in using data analysis and reporting tools (e.g., Excel, Power BI). Relevant certifications such as CISM and/or CISA are highly desirable. Why work for #teamloan Depot: Competitive compensation package based on experience, skillset and overall fit for #TeamloanDepot. Inclusive, diverse, and collaborative culture where people from all backgrounds can thrive Work with other passionate, purposeful, and customer-centric people Extensive internal growth and professional development opportunities including tuition reimbursement Comprehensive benefits package including Medical/Dental/Vision Wellness program to support both mental and physical health Generous paid time off for both exempt and non-exempt positions About loan Depot: loan Depot (NYSE: LDI) is a digital commerce company committed to serving its customers throughout the home ownership journey. Since its launch in 2010, loan Depot has revolutionized the mortgage industry with a digital-first approach that makes it easier, faster, and less stressful to purchase or refinance a home. Today, as the nation's second largest non-bank retail mortgage lender, loan Depot enables customers to achieve the American dream of homeownership through a broad suite of lending and real estate services that simplify one of life's most complex transactions. With headquarters in Southern California and offices nationwide, loan Depot is committed to serving the communities in which its team lives and works through a variety of local, regional, and national philanthropic efforts. Base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay for this role is between $99,000 and $136,500. Your base pay will depend on multiple individualized factors, including your job-related knowledge/skills, qualifications, experience, and market location. We are an equal opportunity employer and value diversity in our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Orange County's Credit Union is hiring: Information Security Engineer. Why Orange County's Credit Union? With over 85 years of experience, serving 123,000+ members, and managing $2.5+ billion in assets, we are a premier financial service provider. Our mantra, "Putting People First: Connect, Discover, Deliver & Wow!" is not just a saying-it's a way of life. On our team. You'll work closely with leadership to ensure our projects are aligned with our mission to put people first. What We Offer: Comprehensive Benefits: Medical, Dental, and VSP effective day one of employment! Financial Security: Enjoy peace of mind with life insurance at no cost to you and a robust 401(k) plan where we contribute up to 8%. Work-Life Balance: Generous days of vacation, seven (7) sick days per year, and paid holidays, you'll have the time to recharge and pursue your passions. Growth Opportunities: We believe in your professional and personal development, offering educational grants up to $2,000 per year, step progression opportunities, and annual performance merit increases. Rewarding Work: Annual discretionary bonus and a supportive work environment that celebrates achievements and fosters collaboration. Make a Difference with Us! If you're looking for a rewarding role where you can contribute to a positive work environment and make a difference in the community, we'd love to hear from you. Apply today and join a team that puts people first, values your expertise, and supports your growth. OVERVIEW: The Information Security Engineer will play a critical role in evolving and maturing the organization's information security program to ensure the confidentiality, integrity, and availability of Orange County's Credit Union assets. The program includes: policies, standards, guidelines, and controls to manage and prevent risks to Orange County's Credit Union. Responsible for conducting information security reviews (technology, application and process) and vulnerability / risk assessments, monitoring key / compensating controls and baseline configuration standards, and identifying / remediating control gaps to minimize risks. ESSENTIAL FUNCTIONS: Coordinate and perform risk and vulnerability assessments of the Credit Union's systems and processes to ensure appropriate controls are in place and recommend / implement controls to remediate risk findings. In collaboration with IT Operations / Technology Services / Software Engineering and outside vendors, design and implement security tools, controls and automation frameworks to ensure the integrity, availability and confidentiality of the organization's data, systems and services on premises and in public cloud. Design, develop and document (1) network security architecture and baseline configuration standards for firewalls, routers, switches, load balancers, and related network appliances; (2) device security architecture and baseline configuration standards for servers, workstations and mobile devices; (3) application and data security architecture and baseline configuration standards for databases and enterprise applications; and (4) cloud platform security architecture and baseline configuration standards for AWS and Microsoft Azure services. QUALIFICATIONS: Bachelor's Degree in Computer Science, Information Security, Information Assurance or related technology field. 5+ years of experience in information / cyber security and IT risk management (including hands-on experience in implementing, maintaining, and managing on-prem and cloud-based network / infrastructure / application / data security for the enterprise). 2+ years of hands-on experience in securing AWS and Microsoft Azure cloud infrastructure / applications / services / solutions. Relevant security certifications (at least one is required), such as CISSP, SANS GIAC, CompTIA Security+, AWS Certified Security - Specialty, Azure Security Engineer Associate. The targeted salary range is $100,000.00 to $125,000.00. Final offer will be determined based on experience, education, training/certifications and specialized skills. We perform thorough background check and credit check. EOE

The System Security Engineer Level II is required to be a highly skilled and hands-on security engineer, and will be responsible for helping to maintain and expand the infrastructure of the entire Cambro network, ensuring that they are protected from cyber threats and attacks, ensuring compliance, and responding to incidents. In this role, the responsibility is to manage, monitor, and maintain our Network IT infrastructure from CVEs, cyber threats, manage and implement device firmware and software updates. Also, the role is required to assist in projects and initiatives to support, upgrade, and maintain our technical environment to improve network security. The role requirement is to be proficient with cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. The role requires to have a multi-disciplined background including experience with Cybersecurity Operations, firewalls, IDS/IPS, switches, VLANs, routing protocols, IPsec, VPN tunnels, multi factor authentication and e-mail security. In addition, they must have a solid understanding of virtualized servers, Windows workstations and services. This role is required to have the network monitoring skills and technologies for detecting unusual activity, investigate security breaches and lead incidence response. ESSENTIAL JOB FUNCTIONS • Monitor network traffic for anomalies, investigate alerts and respond to security incidents. • Conduct regular vulnerability scans, risk assessments, patch management and mitigation across network devices. • Ensure adherence to cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. • Able to proactively scan servers and network devices for vulnerable ports and protocols and rogue devices. • Manage our firewall environment with the ability to create route policies and apply cybersecurity recommendations • Install and configure Network Equipment (Switches, Firewalls, and other networking hardware) • Perform (Layer 2) switch administration and configuration on Cisco/Ruckus switches. Including configuring LAGs, interfaces, creating trunks, creating, and managing segmented VLANs. • Possess a solid understanding of Windows Server services and roles including installation and configuration • Create certificates for network devices and servers that have a web management capability • A strong understanding of Windows Active Directory and can design, implement, and configure and troubleshoot Active Directory issues • Create, Manage and Deploy Group Policy Objects (GPO's) to deploy applications and implement security including windows firewalls • Effectively use PowerShell to automate and standardize administrative tasks • Capable of installing a Linux VM and execute basic Linux commands and managing Linux appliances • Manage our virtualized server environment managing, creating VM's and patching the VMware environment. • Strong understanding of Virtual Switches, Port Groups (Distributed and Standard) • Manage the Active Backup for Business on Synology and other advanced Synology administration features • Maintain and monitor Backup solutions. • Manage our users email accounts using the cloud service M365 from Microsoft • Responsible for creating and maintaining server and network documentation to include tasks and procedures • Proactively monitor our network using a variety of tools to help identify potential network and server issues • Assist in patching our entire infrastructure when needed using a variety of tools • Maintains strong technical abilities, knowledge of new and changing technologies • Prepare for emergencies by creating and/or updating action plans • Jumping into time-sensitive projects wherever needed • Showing flexibility and a willingness to learn • Maintain healthy communication with IT Staff, IT Customers and Vendors • Actively participate in IT Infrastructure and Operations projects, managing, completing, communicating, and fully documenting assigned tasks and deliverables. • Maintain reliable and consistent attendance, including being punctual, and dependable in order to meet the needs of the department and the organization. • Execute each essential duty satisfactorily to perform job successfully. • Follows all safety procedures required in work area, wears PPE as needed, attends all safety meetings, and reports safety issues regarding equipment or unsafe/hazardous conditions. • Performs effectively as a team member, able to work well with others, open to receiving and give feedback, and treats everyone with respect. • Takes ownership of own work and behavior, accepts accountability for own actions, encourages solutions, and communicates status of work/projects. • Follow all department quality standards/criteria. Raise concerns and issues to immediate manager. • Able to understand and demonstrate Cambro company culture, display company core values (Safety, Quality, Respect, and Service). • Understands department's key performance indicators and contributes to achieve these goals both individually and as a team. • Maintains reliable and consistent attendance, including being punctual, dependable, and flexible to potential schedule changes to meet the needs of the department and the organization. • Executes each essential duty satisfactorily to perform job successfully. • Follows all safety procedures required in work area, wears PPE as needed, attends all safety meetings, and reports safety issues regarding equipment or unsafe/hazardous conditions. • Performs effectively as a team member, able to work well with others, open to receive and give feedback, and treats everyone with respect. • Takes ownership of own work and behavior, accepts accountability for own actions, encourages solutions, and communicates status of work/projects. • Follows all department quality standards/criteria. Raises concerns and issues to management. • Understands department's key performance indicators (KPIs) and contributes to achieve these goals both individually and as a team. • Other duties as needed or required. ADDITIONAL RESPONSIBILITIES • Ability to be on call 24 hours a day, 7 days a week for global operations, by periodically providing off-hours, evening, and weekend support to accommodate maintenance windows and issue resolution • Occasional travel to various Cambro locations domestically and internationally as required (15%) • May occasionally guide less experienced associates to help with technical projects • Some travel may be required. REQUIRED QUALIFICATIONS The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. • Bachelor's degree (B.A.) from a four-year accredited college or university. • 5-10 years of experience in IT security, network, administration, and support roles. • Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form. • Ability to adapt and adjust plans to meet changing needs. • Proficient in Microsoft Office Suite • Experience with Fortinet solutions, EDR, email security solutions • Solid knowledge of cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. • Solid working knowledge of Layer 2 (VLANs, Inter-VLANs, VTP Domains, bridge groups, MVRP, ACL's) technologies and network segmentation. • Strong knowledge of DNS records including reverse zones and maintaining DNS records • Strong DHCP Knowledge to include DHCP Fail over and able to configure DCHP relay on Switches • Solid understanding of routing protocols, static routes and ARP cache • Proficient in creating and implementing certificates on layer 2 devices (Switches, Firewalls, Linux Appliances) • Strong troubleshooting skills and possess the ability to find security and network issues in a timely manner • Strong Windows administration skills including Active Directory/GPO's and security policies • Solid working knowledge of Virtualization, such as VMware ESXi servers and vCenter 7.x • Solid working knowledge of Veeam/Bacula/Exagrid backup software to manage backup and restore procedures • Must be able to follow instructions and procedures and ask questions if something is unclear • Excellent documentation skills including ability to create network drawings • Self-motivated and energetic with the ability to manage time efficiently without supervision and to work effectively under pressure • Strong customer service and communication skills • Excellent organizational skills and strong sense of urgency • Familiarity with various network types including LANs, WANs, SDWAN, WLANs, SANs, and VoIP networks • Great accuracy and attention to detail PREFERRED QUALIFICATIONS • Experience in Business Continuity and disaster recovery is a plus • Knowledge of Ruckus Access Points and Switches • Knowledge of IBMi PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Sitting, walking, standing, bending at the neck, bending at the waist, squatting, climbing, kneeling, crawling, twisting at the neck and waist, repetitive use of hands, simple grasping, power grasping, fine manipulation, pushing and pulling, reaching above and below the shoulder, carrying/lifting up to 50 lbs. Driving cars and other IT equipment Working around equipment and machinery Exposure to excessive noise Exposure to dust, gas, fumes or chemicals Working at heights Use of special visual or auditory protective equipment Walking on uneven ground PPE Requirements Safety glasses Steel-toe slip-resistant shoes - When in production area Hearing protection (e.g. ear plugs, ear muffs) - When in production area Face covering (mask) in accordance with company policy. Hardhat/bump camp IT Application COMPENSATION RANGE: $97,000- $120,000 Salary may vary based on experience. CAMBRO is proud to be an equal-opportunity workplace. All qualified applicants will receive consideration for employment without regard to and will not be discriminated against based upon race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic information, military or veteran status, or other characteristics protected by law.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Raytheon is seeking a well-qualified Systems Security Engineer II (P2) to join our Systems Security Engineering (SSE) team in developing solutions to protect the Warfighter's technology advantage. Systems Security Engineering creates holistic security solutions leveraging Cyber Security, Software Assurance and Supply Chain Risk Management to support Program Protection Implementation on embedded weapons systems. Join our highly visible team and perform technically challenging assignments, which will directly contribute to protecting our nation and our Warfighters. This is an onsite position at Raytheon in Fullerton, CA. What You Will Do * Lead the patch team, ensuring on-time delivery of patches to our customer * Perform analysis on cybersecurity collected data and test results * Validate secure configuration of routers, switches, firewalls, servers, operating systems, applications, and other assets, using DoD approved scanning and assessment tools such as Nessus, STIG, Evaluate STIG, and/or RADIX * Create and maintain Linux Bash and Python scripts * Create patch artifacts such as patch media and information assurance posture reports Qualifications You Must Have * Typically requires a Bachelor's Degree in Science, Technology, Engineering or Mathematics (STEM) and 2 years of prior relevant experience * Active and transferable U.S. government issued DoD Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance * Experience in System Security Engineering, computer technology reverse engineering, cybersecurity or embedded security Qualifications We Prefer * Experience with scrum planning and scrum tools such as Jira * Experience in the SSE implementation throughout the entire life cycle * Experience contributing to a team environment for the purpose of developing creative solutions to technical problems * Cyber Certifications in accordance with DoDD 8570/DoDD 8140 such as CISSP, GSLC, CEH * Experience supporting the development of Risk Management Framework (RMF) documents and controls validation testing for Authority to Operate (ATO) accreditations * Candidate must exhibit an exceptional degree of ingenuity, creativity and resourcefulness * Excellent communication, technical writing, oral presentation and interpersonal skills What We Offer * Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation * Relocation Eligible - Relocation assistance is available As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

What you do Be responsible for Pre Sales Support & End User Support for, but not limited to the design, configuration, and operation of complete building low voltage systems, including fire, security, and other low voltage control sub-systems (i.e. lighting, nurse call, data networks, etc.) to meet the intent of the project requirements. Accountable to field teams for quality, timeliness and efficiency of designs. Develops complex software programs, commissions and troubleshooting to ensure proper operations of the building control system. Provides detailed information and submittals to communicate design and operation to customers, consultants, Johnson Controls field installation team and subcontractors. How will you do it - Sales Support and End User Support · Possible job walks with the Sales Team on the initial design phase · Designs and configures are technically complex building control systems as defined by the contract documents. · Creates flow diagrams, sequence of operations, bill of material, network layouts and electrical schematics as required. · Develop and tests software programs necessary to operate the system per the project requirements' intent. · Coordinates the creation of necessary drawings and equipment schedules for submittals and installation. · Assists in the loading and commissioning of all system and network-level controllers as required. · Assists in validation of complete system functionality and troubleshoots problems with subcontractors and other trades to ensure proper operation. · Provides field change information to the project team for the creation of as-built drawings and software. · Keeps management and JCI contractor or customer informed of job progress and issues. · Assists in performing site-specific training for owner/operator on the total building control system. · Participates in release meeting with the project field team. · Performs value engineering to provide cost effective results while maintaining customer satisfaction. · Adheres to safety standards. · High degree of employee and subcontractor safety. What we look for Required Qualifications · Minimum of seven years of experience, or an associate degree in a related technical field with seven years of relevant work experience required. · Demonstrated knowledge of the construction, mechanical, electrical, or HVAC service industry. · Demonstrated knowledge of mechanical drawings, electrical wiring diagrams, control theory, automatic temperature controls, building automation systems and other building subsystems. · Demonstrated experience in the integration of low voltage building sub-systems using various industry protocols (i.e. LON, BACnet, etc.). · Ability to relate technical knowledge to a non-technical audience. · Demonstrated advanced computer skills required, particularly computer-related drafting tools, such as Visio. Preferred Qualifications · Bachelor's degree in engineering with a minimum of five years of experience, or an associate degree in a related technical field with seven years of relevant work experience required. · Understanding of IP networking for building automation systems. · Understanding of Tridium/Niagara Framework HIRING SALARY RANGE: $100K to $125K (Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, location and alignment with market data.) This role offers a competitive Bonus plan that will take into account individual, group, and corporate performance. This position includes a competitive benefits package. For details, please visit the About Us tab on the Johnson Controls Careers site at ***************************************** Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability or any other characteristic protected by law. To view more information about your equal opportunity and non-discrimination rights as a candidate, visit EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit here.

As a Senior Security Operations Analyst, you will be a key member of our Security Operations team, responsible for detecting, investigating, and responding to cyber threats across our enterprise. You will help build and mature our SOC (Security Operations Center) capabilities, contribute to threat intelligence and incident response, and play a critical role in securing our e-commerce platforms, customer data, and connected product ecosystem. This role requires a balance of hands-on technical expertise, analytical thinking, and the ability to communicate risk and remediation clearly to both technical and business stakeholders. **Key Responsibilities** Security Monitoring & Detection · Lead monitoring of security events across SIEM, EDR, cloud, and network security platforms. · Analyze alerts, correlate data, and distinguish between true positives, false positives, and emerging threats. · Develop, tune, and improve detection use cases, rules, and automation playbooks. Incident Response & Forensics · Serve as a first responder and subject matter expert for security incidents, leading investigations and containment activities. · Conduct forensic analysis on endpoints, cloud environments, and applications when necessary. · Collaborate with IT, cloud, and DevOps teams to ensure rapid remediation and recovery. Threat Intelligence & Hunting · Perform proactive threat hunting activities to identify hidden risks or advanced persistent threats. · Leverage external threat intelligence to enrich investigations and improve defensive measures. · Stay current with evolving attack techniques, malware trends, and vulnerabilities relevant to retail, e-commerce, and IoT/connected devices. Governance, Risk, and Compliance (Support) · Support compliance initiatives (PCI-DSS, SOC2, ISO 27001, GDPR, CCPA, NIST etc.) by ensuring security controls are effective. · Provide input into risk assessments and partner with vulnerability management to prioritize patching. Collaboration & Continuous Improvement · Partner with IT, Product, e-commerce, and retail technology teams to secure new business initiatives. · Mentor junior analysts and contribute to knowledge-sharing across the team. · Recommend and implement process improvements, automation, and best practices. **Qualifications** Required Skills & Experience · 5+ years in a security operations or incident response role, with experience in enterprise-scale environments. · Strong knowledge of SIEM, EDR, MDR, firewalls, and cloud-native security tools (AWS/GCP/Azure). · Hands-on experience with incident handling, digital forensics, and malware analysis. · Familiarity with MITRE ATT&CK, cyber kill chain, and common threat actor tactics. · Proficiency in scripting (Python, PowerShell, or similar) to automate investigations or workflows. · Excellent communication skills, with the ability to explain technical risks to non-technical stakeholders. Preferred Skills · Experience in retail, e-commerce, or IoT/connected device security. · Experience in key principles of incident response & security operations. · Experience in MDR & SIEM solutions · retail, e-commerce, or IoT/connected device security. · Exposure to PCI-DSS or other retail payment security frameworks. · Knowledge of container security (Kubernetes, Docker) and DevSecOps practices. · Relevant certifications: GCIA, GCIH, GCFA, CEH, OSCP, or CISSP. **Pay Range:** $112,200.00 - $148,500.00 The actual annual salary offered to a candidate will be based on variables including experience, geographic location, education, and skills/achievements, and will be mutually agreed upon at the time of offer. We offer a highly competitive salary, comprehensive benefits including: medical and dental, vision, disability and life insurance, 401K, PTO, paid holidays, gear discounts and the ability to add value to an exciting mission! Our Postings are not intended for distribution to or use in any jurisdiction, country or territory where such distribution or use would violate local law or would subject us to any regulations in another jurisdiction, country or territory. We reserve the right to limit our Postings in any jurisdiction, country or territory. Equal Opportunity Employer Minorities/Females/Protected Veteran/Disabled **Revelyst is a collective of makers that design and manufacture performance gear and precision technologies. Our category-defining brands leverage meticulous craftsmanship and cross-collaboration to pursue new innovations that redefine what is humanly possible in the outdoors. Portfolio brands include Foresight Sports, Bushnell Golf, Fox, Bell, Giro, CamelBak, Bushnell, Simms Fishing and more.** Revelyst is an equal opportunity employer. All applicants are considered for employment without regard race, color, religion, sexual orientation, gender identity, national origin, disability, veteran status, and any other characteristics protected by law. The EEO Law poster is available here: **************************************************************** If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to ******************** . Please note that this email address is for accommodation purposes only. Revelyst will not respond to inquiries for other purposes.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

**Country:** United States of America ** Onsite **U.S. Citizen, U.S. Person, or Immigration Status Requirements:** Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance **Security Clearance:** Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Raytheon is seeking a well-qualified **Systems Security Engineer II (P2)** to join our Systems Security Engineering (SSE) team in developing solutions to protect the Warfighter's technology advantage. Systems Security Engineering creates holistic security solutions leveraging Cyber Security, Software Assurance and Supply Chain Risk Management to support Program Protection Implementation on embedded weapons systems. Join our highly visible team and perform technically challenging assignments, which will directly contribute to protecting our nation and our Warfighters. This is an onsite position at Raytheon in Fullerton, CA. **What You Will Do** + Lead the patch team, ensuring on-time delivery of patches to our customer + Perform analysis on cybersecurity collected data and test results + Validate secure configuration of routers, switches, firewalls, servers, operating systems, applications, and other assets, using DoD approved scanning and assessment tools such as Nessus, STIG, Evaluate STIG, and/or RADIX + Create and maintain Linux Bash and Python scripts + Create patch artifacts such as patch media and information assurance posture reports **Qualifications You Must Have** + Typically requires a Bachelor's Degree in Science, Technology, Engineering or Mathematics (STEM) and 2 years of prior relevant experience + Active and transferable U.S. government issued DoD Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance + Experience in System Security Engineering, computer technology reverse engineering, cybersecurity or embedded security **Qualifications We Prefer** + Experience with scrum planning and scrum tools such as Jira + Experience in the SSE implementation throughout the entire life cycle + Experience contributing to a team environment for the purpose of developing creative solutions to technical problems + Cyber Certifications in accordance with DoDD 8570/DoDD 8140 such as CISSP, GSLC, CEH + Experience supporting the development of Risk Management Framework (RMF) documents and controls validation testing for Authority to Operate (ATO) accreditations + Candidate must exhibit an exceptional degree of ingenuity, creativity and resourcefulness + Excellent communication, technical writing, oral presentation and interpersonal skills **What We Offer** + Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation + Relocation Eligible - Relocation assistance is available **_As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote._** The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. _RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act._ **Privacy Policy and Terms:** Click on this link (******************************************************** to read the Policy and Terms Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

**MANTECH** seeks a motivated, career and customer-oriented **Information Systems Security Officer** with strengths in Information Systems Security to join our team at Marine Corps Base **Camp Pendleton California.** This position will assist Marine Corps Warfighting Laboratory (MCWL) prepare for and maintain the IT infrastructure, IT capabilities and Audio-Visual capabilities to support emerging ICD 705 Sensitive Compartmentalized Information Facilities (SCIFs) and Special Access Control Facilities (SAPFs) through planning, activation and operations. **Responsibilities include but are not limited to:** + Experience in network design, network monitoring, systems development, and knowledge of Information Assurance (IA) policies, directives, and best practices across DoD and Marine Corps. + Knowledge and experience with organizations within the Marine Corps responsible for facilitating network approvals and connections. + Work with various Marine Corps, Navy, Joint, and other services to coordinate installs supporting Initial Operating Capability (IOC) and Final Operating Capability (FOC). + Ability to communicate and provide effective staff coordination across government, Marine Corps, and contractor organizations. + Support the facility Site Security Manager (SSM)/Special Security Representative (SSR) and Information Systems Security Manager (ISSM) to oversee the secure installations and operations of systems across multiple security domains and in accordance with policies, directives, and best practices. + Establishes and satisfies complex system-wide information security requirements based upon the analysis of user, policy, regulatory, and resource demands. Supports Marine Corps and other customers at the highest levels in the development and implementation of doctrine and policies. **Minimum Qualifications:** + Bachelor's degree and at least 10 years' experience planning and/or operating IT infrastructure within ICD 705 facilities. + Experience with network security aspects of installations and operations. **Preferred Qualifications:** + Experience with MS Word, MS Power Point **Clearance Requirements** **_:_** + Candidate must have a current/active Top Secret clearance with the ability to obtain and maintain a TS/SCI clearance prior to starting this position. **Physical Requirements:** + Ability to maintain construction security oversight in outdoor environment; walk (with personal protective equipment) to inspect and document delivery of components and assembly/construction of structure. MANTECH International Corporation considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation. If you need a reasonable accommodation to apply for a position with MANTECH, please email us at ******************* and provide your name and contact information.