Security Architect jobs in Union, NJ

Job Description Who we are: For over 20 years, Global Relay has set the standard in enterprise information archiving with industry-leading cloud archiving, surveillance, eDiscovery, and analytics solutions. We securely capture and preserve the communications data of the world's most highly regulated firms, giving them greater visibility and control over their information and ensuring compliance with stringent regulations. Though we offer competitive compensation and benefits and all the other perks one would expect from an established company, we are not your typical technology company. Global Relay is a career-building company. A place for big ideas. New challenges. Groundbreaking innovation. It's a place where you can genuinely make an impact – and be recognized for it. We believe great businesses thrive on diversity, inclusion, and the contributions of all employees. To that end, we recruit candidates from different backgrounds and foster a work environment that encourages employees to collaborate and learn from each other, completely free of barriers. Your role: Global Relay is seeking a Director, Information Security to act as the organization's trusted security resource. You will work closely with a variety of stakeholders including our commercial teams, Development and Engineering teams, and Operations team on all security-related matters. Reporting to the Chief Information Security Officer (CISO), you will play a key role in ensuring the successful implementation and completion of security initiatives alongside Global Relay's business objectives. You will be Global Relay's expert in its security practices and provide guidance on ever evolving security challenges and convey our Information Security strategy to our global customers and employees with confidence. You will lead a diverse, global team of security professionals to ensure Global Relay can scale its security program along with its expected growth. Your responsibilities: Work with the CISO to provide senior level direction for our overall security program Constantly reinforce the security-minded culture of Global Relay to ensure it is the first and foremost focus across the business while working closely with the Heads of IT, Product Development, and Engineering to ensure constant alignment of the roadmap Foster a culture of security across Global Relay through staff training, documentation, and enforcing accountability at all levels Develop and execute strategic security programs that align with company goals and protect Global Relay's information assets Manage a growing team, mentor and guide the development of the Cyber Security team to support career growth Provide regular reports with senior stakeholders on Global Relay's cyber security standing, identified risks, and mitigation strategies Provide initiative, direction, and project management to staff in support of our key security goals and objectives and be able to solve the problems encountered in a collaborative fashion Act as a liaison between the security team, senior stakeholders, and customers Be the main point of contact for various security audits and customer audits (ISO 27001, SOC2, Penetration testing, customer audits, etc.) Drive ISO 27001 practices for Global Relay's ISMS and look for constant areas of improvement Maintain alignment with security industry standards through successful ISO 27001 and SOC 2 audit outcomes Constantly conduct evaluations of Global Relay's security measures, identify vulnerabilities, and make recommendations to reduce risk in a cycle of continuous improvement Perform risk assessment reviews and see all security requirements through to completion related to key acquisitions of software and/or services as a part of the Global Relay Vendor Success (procurement) process Supervise all incident response planning and investigations of non-compliance, if any; provide support for any disciplinary and legal matters associated with instances of non-compliances, if any, as necessary Continue to develop and deliver an Information Security Awareness program for Global Relay Other ad hoc analyses and InfoSec project work as required About you: 10+ years of experience in technology and 5+ years of experience in operational security 5+ years of managing technical teams Experience with the management of an information security management system (ISMS) within a fast-paced and growing international organization Demonstrated ability to effectively lead and work with a diverse team by using effective communication skills Strong knowledge of cybersecurity principles, frameworks (e.g., NIST, ISO 27001), and regulations (e.g., GDPR, CCPA) required Track record of successful implementation and management of ISO 27001 certifications and SOC 2 reports Background in information security technologies (e.g. industry standard operating environments, security tools, vulnerability management, enterprise SIEM tools, penetration testing, malware detection) Certification in one or more areas of security expertise, such as CISSP, CISA, or Certified Information Security Manager (CISM) Excellent verbal and written communication skills, with the ability to convey concepts to both technical and non-technical stakeholders and customers Ability to exercise integrity, tact and discretion in handling sensitive and confidential information Excellent organization skills with the ability to prioritize and multitask Strong analytical and problem-solving skills Compensation: Global Relay advertises the pay range for this role in compliance with applicable pay transparency laws. Individual pay rates are determined by evaluating factors such as expertise, skills, education, and professional background. The range below reflects the expected annual base salary, which is only one element of our comprehensive total rewards package designed to reflect our company pay philosophy, culture and values. We aim to foster an inspiring work environment and support employees' work-life rhythms. We provide a comprehensive health benefits program, including extended health coverage and short-term / long-term disability insurance. Employees receive annual allotted vacation days, which increase based on tenure. Other benefits include paid sick days, maternity/parental leave enhanced program, commuter benefits, corporate bonuses, and a 401(k) retirement plan with company contribution matching. For employees based at our New York office, we provide additional perks and amenities to enhance your work experience including a subsidized meal program, courtesy of our in-house culinary team! New York - Base Salary Range:$120,000—$180,000 USD What you can expect: At Global Relay, there's no ceiling to what you can achieve. It's the land of opportunity for the energetic, the intelligent, the driven. You'll receive the mentoring, coaching, and support you need to reach your career goals. You'll be part of a culture that breeds creativity and rewards perseverance and hard work. And you'll be working alongside smart, talented individuals from diverse backgrounds, with complementary knowledge and skills. Global Relay is an equal-opportunity employer committed to diversity, equity, and inclusion. We seek to ensure reasonable adjustments, accommodations, and personal time are tailored to meet the unique needs of every individual. We understand flexible work arrangements are important, and we encourage that in our work culture. Whether it's flexibility around work hours, workstyle, or lifestyle, we want to ensure our employees have a healthy work/life balance. We support and value a hybrid work model that blends collaboration with the team in the office and focus time from the comfort of your home. To learn more about our business, culture, and community involvement, visit ********************

Exciting Opportunity at Hologic: Become a Lead Product Security Architect! Are you a cybersecurity enthusiast ready to make a significant impact in the healthcare industry? Join our dynamic team at Hologic's Breast & Skeletal Health Division, where you will champion a Secure by Design culture for our groundbreaking, life-saving medical devices. As a Lead Product Security Architect, you will play a crucial role in ensuring the security and integrity of our innovative healthcare solutions. This role may sit in Newark, DE, Santa Clara, CA, Marlborough, MA or can sit remotely. This is your chance to be part of something truly transformative and contribute to advancements in women's health. Key Responsibilities: Champion Security Culture: Lead the charge in embedding a Secure by Design culture across product teams. Ensure compliance with security standards and best practices, and represent our division in industry forums, information-sharing organizations, and standards groups. Policy Enhancement: Spearhead the continuous improvement of our Secure by Design policies and procedures, collaborating with functional teams to align our products with the latest security requirements and regulatory standards. Security Tools and Automation: Partner with DevOps to enhance our Security Tools capabilities, automation, and related processes, ensuring security excellence across our extensive portfolio of medical devices. Security Engineer Support and Mentoring: Provide guidance and mentorship to Product Security Engineers, driving security planning, design consistency, and overall excellence. Documentation and Architecture: Lead the creation and maintenance of security design documentation, architecture views, and diagrams for our products. Design Strategy: Participate in product design discussions to identify and integrate security requirements, considerations, and deliverables. Identify common security modules and resources that can be shared across all products. Security Assessments: Lead or support ongoing security assessments, including Threat Modeling, for Hologic products and remote connectivity solutions. Assess new products or projects for required security activities and deliverables. Security Communication: Lead and support security communications with external stakeholders and customers. Develop security resources, such as White Papers, and support Sales and Marketing efforts by highlighting our security excellence. Education and Training: Educate teams on securing our products, development environments, connected health solutions, and their operating environments. Continuous Learning: Stay ahead of the curve by keeping up with the latest security threats, regulatory changes, industry standards, and best practices. Ideal Candidate Profile: Security Architecture and Design: Possess a strong understanding of security architecture and design. Change Champion: Have a proactive and innovative mindset focused on enhancing and optimizing strategies, processes, and tools. Travel Flexibility: Be available for travel to Hologic offices, training, conferences, and customer sites. Autonomous Alignment: Work with minimal supervision while aligning with strategic intentions and corporate priorities. Global Regulatory Environment: Ensure continuous awareness and adherence to regulatory requirements for our products and environments. Qualifications: Education: Master's or Bachelor's degree in Computer Science, Management Information Science, Engineering, or a related technical field. Medical Systems Knowledge: Experience with medical information system administration and extensive knowledge of medical device security standards and regulations such as FDA Premarket Cybersecurity Guidance, IEC 81001-5-1, AAMI TIR57, AAMI SW96). Regulated Industry Experience: Experience in software development and verification within the medical device industry is preferred. Experience: 6+ years in: Security Architecture and Design Security policy, procedures, and standards creation Cybersecurity Risk Assessment Secure application development Computer and network security Microsoft Windows and Linux operating systems Technical Skills: In-depth knowledge of the secure development lifecycle Leading security design and architecture for embedded devices and complex applications Expertise in secure coding standards and common vulnerabilities Proficiency with industry-standard security tools (SAST, SCA, DAST, vulnerability scanning) Leading Threat Modeling activities Supporting Penetration Testing activities Securing development and cloud environments (Azure preferred) Strong communication skills, both verbal and written Preferred Qualifications: Team Lead Experience: Experience supporting a team of security engineers. Certifications: Security-related certifications (e.g., CISSP), OS (Windows, Linux), and networking (Cisco) certifications. DoD ATO Compliance: Experience obtaining and maintaining Department of Defense (DoD) Authority to Operate (ATO) certifications. Cloud Compliance: Experience in obtaining and maintaining industry-recognized certifications such as SOC 2, HITRUST, and FedRAMP. So why join Hologic? We are committed to making Hologic the company where top talent comes to grow. For you to succeed, we want to enable you with the tools and knowledge required and so we provide comprehensive training when you join as well as continued development and training throughout your career. We offer a competitive salary and annual bonus scheme, one of our talent partners can discuss this in more detail with you. If you have the right skills and experience and want to join our team, apply today. We can't wait to hear from you! The annualized base salary range for this role is $128,300 - $$200,600 and is bonus eligible. Final compensation packages will ultimately depend on factors including relevant experience, skillset, knowledge, geography, education, business needs and market demand. Agency and Third-Party Recruiter Notice: Agencies that submit a resume to Hologic must have a current executed Hologic Agency Agreement executed by a member of the Human Resource Department. In addition Agencies may only submit candidates to positions for which they have been invited to do so by a Hologic Recruiter. All resumes must be sent to the Hologic Recruiter under these terms or they will not be considered. As part of our commitment to a fair and accurate evaluation of each candidate's qualifications, we require all applicants to refrain from using AI tools, such as generative AI or automated writing assistance, during any stage of the interview process. Responses influenced by AI may result in disqualification. We appreciate your understanding and cooperation in ensuring a transparent and equitable selection process. Hologic, Inc. is proud to be an Equal Opportunity Employer inclusive of disability and veterans. LI-#DS1

Full Time Position : Compensation : TBD- based on experience US Citizens and those authorized to work in the US are encouraged to apply. Unfortunately we are unable to offer sponsorships at this time. We're looking for a cut above the rest, someone who is not only technical but also has the skill set as an Architect to design Checkpoint and launch it. Very important that you actually knows how to hold a conversation and walk a client through the process. Qualifications Must have : Proficiency in Check Point products (Firewall, VPN etc) Experience with Blue Coat products (Proxy SG, WAN acceleration, Packetshaping, etc.), Citrix NetScaler or IP Load balancing product and WebSense products Very important that you actually knows how to hold a conversation and walk a client through the process. Must be analytical, and have extreme good organizational skills Certifications in above technologies CCSE, CCSI, CCSA, CISSP (Not required, but a plus to have) Thank you, John Anton Additional Information All your information will be kept confidential according to EEO guidelines.

The corporation is built around the enterprise relationships that they have as a service provider and an expertise in the industry of technology. Job Description Location: Metro Area Full Time Position: Compensation: TBD- based on experience US Citizens and those authorized to work in the US are encouraged to apply. Unfortunately we are unable to offer sponsorships at this time. We're looking for a cut above the rest, someone who is not only technical but also has the skill set as an Architect to design Checkpoint and launch it. Very important that you actually knows how to hold a conversation and walk a client through the process. Qualifications Must have: Proficiency in Check Point products (Firewall, VPN etc) Experience with Blue Coat products (Proxy SG, WAN acceleration, Packetshaping, etc.), Citrix NetScaler or IP Load balancing product and WebSense products Very important that you actually knows how to hold a conversation and walk a client through the process. Must be analytical, and have extreme good organizational skills Certifications in above technologies CCSE, CCSI, CCSA, CISSP (Not required, but a plus to have) Thank you, John Anton Additional Information All your information will be kept confidential according to EEO guidelines.

Security Architect / Senior Security Engineer - Cloud & Enterprise Security Type: Full-time Reports to: Director of Cybersecurity About the Role We're looking for a hands-on Security Architect/Senior Engineer with deep expertise in Palo Alto Networks, especially GlobalProtect VPN, to help design, implement, and optimize our security infrastructure. This isn't a pure architecture role-you'll be a true player-coach, working across architecture, engineering, implementations, and day-to-day SOC-level troubleshooting. You'll help lead our transition from Cisco ASA to Palo Alto GlobalProtect, and we need someone who can not only deploy it, but truly get the most out of the platform. Palo Alto is a strategic pillar of our security stack, and we need a candidate who brings real depth in this area. What You'll Do Lead the implementation and ongoing optimization of Palo Alto firewalls and GlobalProtect VPN Serve as a subject matter expert (SME) across Palo Alto platforms, with a focus on design, policy tuning, and advanced troubleshooting Architect and implement security solutions across cloud (Azure, GCP), hybrid, and on-prem environments Participate in SOC-level analysis, hands-on engineering, incident response, and infrastructure hardening Work cross-functionally to embed security into infrastructure, apps, and user access Maintain and fine-tune other core security tools including: Zscaler, CrowdStrike, Defender, Proofpoint Guide IAM/PAM architecture (Okta, Active Directory, MFA) Contribute to policy development and control alignment (NIST, CIS, Zero Trust) What You Bring 7-10+ years of experience in security engineering and architecture Deep, hands-on experience with Palo Alto firewalls and GlobalProtect VPN (implementation, policy design, optimization, troubleshooting) Familiarity with legacy Cisco ASA VPNs and migration experience is a plus Experience across cloud platforms: Azure, GCP Strong scripting or automation experience (Python, PowerShell, Terraform) Familiarity with security monitoring, incident response, and SOC practices Strong knowledge of frameworks: NIST, ISO 27001, CIS Benchmarks, Zero Trust Excellent communication skills and a team-first attitude Certifications Required: CISSP Preferred: CISM, CCSP, or relevant vendor-specific certs (e.g., Palo Alto PCNSA/PCNSE) Why Join Us Be part of a collaborative team where leadership is hands-on Contribute to meaningful, strategic projects with real technical depth Enjoy a hybrid work model with strong internal visibility and growth potential Laurie Roth President/Sr. Consultant DSN-IT ************ ************* ************** ****************************************************

Complete Description: · The Enterprise Architect will also be tasked with preparing security standards, policies and procedures - as well as mentoring team members and executive staff on security matters. CISSP REQUIRED. · The department is seeking an Enterprise Architect to work in conjunction with the Modernization Team, as well as the DHS Information Security and Privacy Office, to analyze and document the existing information security environment. · Conducting system security and vulnerability analyses and risk assessments · Evaluating the systems architecture and identifying integration issues · Serve as Information Security Subject Matter Expert (SME), while working with a Systems Integrator and software vendors, to develop the approach for implementing an enterprise security infrastructure that ensures compliance to standards, policies and procedures · Monitor delivery efforts to ensure compliance to standards, policies, and procedures · Deliver evidence, demonstrating project deliverables meet federal certification requirements · Improves DHS Incident Response efforts by analyzing existing systems/processes and recommending future technologies and associated processes · Participate in the RFI/RFP process for systems module selection · Participate in the procurement process to select a Systems Integrator to execute the DDI phase · CISSP certification REQUIRED · Extensive experience designing and implementing enterprise security architectures based on NIST Risk Management Framework (NIST 800-53), state and federal security standards, and security industry best practices · An extensive understanding of security tools and software products, including Identity Access Management (IAM), Security Incident and Event Management (SIEM), and Cloud Access Security Brokers (CASB) · In-depth experience in creating, documenting, and implementing enterprise security policies and standards - including enterprise-wide communication and training

At Rockstar Games, we create world-class entertainment experiences. Become part of a team working on some of the most rewarding, large-scale creative projects to be found in any entertainment medium - all within an inclusive, highly-motivated environment where you can learn and collaborate with some of the most talented people in the industry. Rockstar is on the lookout for a talented Security Architect who can provide cybersecurity expertise and work across teams to identify and communicate risk, mitigation options, and solutions to help safeguard employees, information systems, and intellectual property. The successful candidate will leverage cross-domain expertise to create solutions, processes, and reusable proof-of-concept models for cybersecurity while remaining at the forefront of best practices for cybersecurity policy and technological advances. This is a full-time, in-office position based out of Rockstar's NYC headquarters in Downtown Manhattan. WHAT WE DO The Rockstar Security team is responsible for advancing the state of information security across the company globally by prioritizing and executing security initiatives that drive down risk. We strive to understand the threat landscape affecting our development studios, the gaming industry, and the world at large to define information security policies, standards, and procedures to safeguard our business and protect our players. We lead efforts to build enterprise security controls ranging from endpoint protection technologies to security incident and event monitoring solutions. We have a passion for identifying threats and vulnerabilities, and coming up with clever solutions to mitigate or remediate those risks. RESPONSIBILITIES Gather business requirements, translate them into technical specifications, and integrate security measures into system architecture and applications. Conduct risk assessments and identify vulnerabilities in existing systems. Develop strategies to mitigate risks and enhance security posture. Establish, maintain, and leverage effective working relationships with all areas of technology services and external stakeholders to improve the overall service provided by the enterprise Information Security team. Maintain accurate and up-to-date documentation for security systems and processes. Proactively research and engage emerging vendors and technologies to understand how they may be used to solve enterprise challenges. Maintain knowledge of current security trends, news and changes in the threat landscape and be able to interpret them into actionable advice for staff in various types of technical and non-technical roles. QUALIFICATIONS A subject matter expert well versed in multiple technologies across security domains (e.g., Cloud Security, Security Engineering, Identity & Access Management, Network Security, Endpoint Security, Privileged Access Management, etc.). Bachelor's Degree in Computer Science or relevant discipline. 8+ years of experience in IT, Engineering, or related field, with considerable experience in Information Security. 3+ years in an enterprise-level security consultative role building and assessing Information Security architectures and programs. Experience with common infrastructure technologies that support development environments: Active Directory, Microsoft Exchange, distributed software version controls systems, enterprise virtualization. Experience with securing complex on-prem and cloud AWS, Azure, or GCP environments. Possess industry-recognized certifications such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), and/or AWS/GCP/Azure certifications. SKILLS Ability to communicate clearly, both verbally and written with a strong attention to detail. Understand and articulate complex technical information to both technical and non-technical audiences. Deep knowledge of security engineering, system and network security including authentication and security protocols. Understanding of enterprise security controls (e.g., IDS/IDP, SIEM, Endpoint Detection & Response, Vulnerability Scanners, Next-Generation Firewalls). Experience with industry leading security products including SIEM, Vulnerability Scanning, Firewall, and EDR technologies. Experience with scripting and process automation. HOW TO APPLY Please apply with a resume and cover letter demonstrating how you meet the skills above. If we would like to move forward with your application, a Rockstar recruiter will reach out to you to explain next steps and guide you through the process. Rockstar is committed to creating a work environment that promotes equal opportunity, dignity and respect. In line with this commitment, Rockstar will provide reasonable accommodations to qualified job applicants with disabilities during the recruitment process in order for such applicants to be considered for the position for which they are applying, as well as to qualified employees to enable them to perform the essential functions of their roles. If you need more information about Rockstar's reasonable accommodation policies or process, or need to request an accommodation, please contact the Human Resources Department. If you've got the right skills for the job, we want to hear from you. We encourage applications from all suitable candidates regardless of age, disability, gender identity, sexual orientation, religion, belief, race, or any other protected category. The pay range for this position in New York State (inclusive of New York City) at the start of employment is expected to be between the range below* per year. However, base pay offered is based on market location, and may vary further depending on individualized factors for job candidates, such as job-related knowledge, skills, experience, and other objective business considerations. Subject to those same considerations, the total compensation package for this position may also include other elements, including a bonus and/or equity awards, in addition to a full range of medical, financial, and/or other benefits. Details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired, employee will be in an "at-will position" and the company reserves the right to modify base salary (as well as any other discretionary payment or compensation or benefit program) at any time, including for reasons related to individual performance, company or individual department/team performance, and market factors. *NY Base Pay Range$144,600—$180,500 USD

US Tech Solutions is a global staff augmentation firm providing a wide-range of talent on-demand and total workforce solutions. To know more about US Tech Solutions, please visit our website ************************ We are constantly on the lookout for professionals to fulfill the staffing needs of our clients, sets the correct expectation and thus becomes an accelerator in the mutual growth of the individual and the organization as well. Keeping the same intent in mind, we would like you to consider the job opening with US Tech Solutions that fits your expertise and skillset. Job Description Position Responsibilities: • Work with IT project community and advise on application security standard controls and best practices. • Work closely with other IT operation groups for identifying and remediation of systems with security issues. • Should have practical implementation knowledge to advise IT development and implementation teams on how to fix potential vulnerabilities. • Advise senior management including business sponsors on Security risks and should be able to translate security risks to business impact. • Review application, database and network architecture and highlight risks. • Onboard applications into the existing Security frameworks and participate in an advisory capacity until project deployment. Position Qualifications: Candidate Background • 1-3 years professional experience as an Application Developer. • 8-10 years of professional experience in an information security function for a financial, insurance, pharmaceutical, or similar commercial industry preferred. • Bachelor's Degree in Computer Science or related field preferred. Qualifications Required Skills • Perform Risk assessments for applications and underlying systems and recommend security requirements based on upstream Business requirements. • Should have knowledge on Network and Infrastructure architecture. • Ability to review and understand organizational security policies and incorporate into standard processes in a project. • Expert understanding of HTTP, HTTPS, and other application layer protocols. • Expert understanding of network layer protocols & industry best practices. • Demonstrated proficiency in developing secure solutions developed using common development frameworks (J2EE, .NET, Spring, Struts, Hibernate, etc) and languages (Java, C#, C++, etc) • Actively contributes to strategic security departmental planning in alignment with architectural goals. • Strong analytical and problem solving skills. • Excellent written, verbal communication & presentation skills. • Should be able to work as a team player. Additional Information Kushal kumar Direct.No: ************

SAP Security administrator who should have at least 5 years of experience with the below skillset. Strong communication skills to facilitate working in a dynamic project environment Role design, configuration, testing, and deployment methodology within SAP application architecture Detailed knowledge of ABAP and Java based authorizations within SAP applications SAP ECC Profile Generator (single roles, master / derived roles, composite roles) SAP BI analysis authorization concepts SAP BPC security and administration Qualifications SAP Central User Administration configuration and administration SAP GRC configuration and administration SAP Enterprise Portal UME administration SAP BOBJ Security and administration Additional Information Share the Profiles to mahesh(@)techtammina(dot)com Contact: ************ Job Type: W2 Contract Eligibility: EAD Green Card/Green Card/US Citizens Keep the subject line with Job Title and Location

Job Title: Manager, Information Security Grade: TBD Department: Information Technology Reports To: Senior Manager, IT Infrastructure FLSA Status: Exempt (Management) Summary: The Manager, Information Security will be responsible for the strategic leadership, execution, and continuous improvement of the organization's information security program designed to protect the Funds' systems, networks, and data. This role will provide critical oversight of security operations, develop and maintain policies and frameworks, and mentor members of the Information Security team. The Manager will be responsible for managing the risk register, define and implement frameworks to improve Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), Incident Response Plans, and ensure the Information Security Policy Manual and Business Continuity Plan addresses the evolving threat landscape and compliance requirements. The successful candidate will be a hands-on leader, well-versed in both operational security and governance, and capable of building a scalable, resilient information security team aligned with the Funds' broader IT strategy. Essential Duties and Responsibilities: Lead and manage the IT Security Operations team, including Information Security Analysts, Engineers, and Incident Responders. Provides guidance and expertise in the field of risk management regarding the protection and security of digital assets in the cloud and on-premises. Designs and develops Information Security architectures to prevent unauthorized access to our system, networks, data, and information. Develops, maintains, enhances, and implements information security policies and procedures, including the Information Security Policy Manual, Incident Response plans, playbooks, runbooks, and the Business Continuity Plan documents on a regular basis as changes occur. Coordinates and performs business continuity planning and incident response exercises on an annual basis within IT and with business champions. Coordinates and leads response efforts during security incidents. Manages, maintains, and monitors security technologies such as vulnerability scanning solutions, IDS/IPS, anti-virus technologies, DLP capabilities, SIEM technologies, EDR, host forensics and malware analysis, core and web application firewalls, network security groups, threat intel platforms, and proxy solutions. Oversees and collaborates with our Security Operations Center (SOC) provider to review threat alerts, reports, and ensures the team follows up on all actionable information. Receives guidance and collaborates with our vCISO to manage all security initiatives, risk mitigation plans, annual assessments, security audits, and penetration testing activities. Manages real time threat detection technologies to identify and quarantine threats, monitors endpoint security alerts and takes corrective action. Minimizes security threats by examining governance, technology infrastructure, and facilities to identify security deficiencies, using risk analysis and follow up with corrective action plan. Monitors internal control systems to ensure appropriate access levels are maintained, protects against unauthorized system access, modification and destruction. Reviews security related reports, logs and occurrences; escalates issues and initiates security response procedures. Creates and reviews vulnerability reports, tracks compliance with vulnerability management policies, and escalates. Researches and evaluates emerging technologies, latest cybersecurity threats, trends, tools, and best practices in support of security technology enhancements applicable to the organization's environment, proposes technical solutions to management, to address security weaknesses, and coordinates with relevant stakeholders to implement. Reviews, updates, and enforces data security practices within the organization; tests for exposures to ensure adherence to relevant regulations and frameworks (e.g., NIST, ISO 27001, PCI-DSS, HIPAA) and procedures and works with platform experts to implement remedial measures as appropriate. Tests security controls and manages the associated remediation of any deficiencies as needed. Assesses security information, triaging and responding to security events, identifying false positives, and conducts correlation analysis across numerous internal and external data sources while prioritizing information security incidents. Performs project management tasks for security initiatives and projects. Manages incident-handling processes, which include implementation of containment, protection, and remediation activities. Supports information security training and awareness by providing ideas and content and collaborates with the Training and Development department with updates to employee security awareness education and training. Manage multiple priorities and deadlines concurrently. Provides support after hours, on weekends, and through on-call rotation. Performs other duties as assigned. Qualifications: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. 7+ years in Information Security, or IT Operations management and systems administration with at least 5 years specific to IT Security and at least 2 years managing IT Security staff. Strong knowledge of Information Security design, principles, and processes; Experience in writing and maintaining information security policies, standards, and guidelines. Incident response experience is required; in-depth knowledge of Windows/Unix operating system forensics, event logging systems, authentication methods, remote and local web application security, and penetration testing. Advanced experience in networking (TCP/IP) protocols, DNS, LDAP, AD, DHCP, HTTP, web browsers, firewalls, and other computer/network and application security and system administration. Demonstrated ability to monitor and audit network security systems such as Firewalls, IPS, SIEM, DLP, web proxy, NAC, and Vulnerability Scanners. Hands on experience with mitigating security controls (i.e., IAM, RBACs, anti-virus, IPS/IDS, DLP, web and network proxies, URL content filtering, multi-factor authentication, SSL VPNs). Familiar with regulatory compliance regulations (PCI, PII, HIPAA, GDPR, etc.). Strong knowledge of common security frameworks (ISO, NIST, etc.). Experience in risk assessments and vulnerability management. General knowledge of Endpoint protection solutions. Knowledge of mainstream operating systems (Microsoft Windows, Linux, IOS) and a wide range of security technologies. Microsoft Azure DevOps Security design implementation, automation is a plus General knowledge of Database technologies and queries (Microsoft SQL, MySQL, Oracle, etc.) is a plus Ability to independently identify, research and resolve issues with minimal amount of supervision, and ability to work with peers in a team effort. Interpersonal Skills: Detail oriented with excellent communication, organization and analytical skills. Ability to plan, take initiatives to accomplish objectives in a timely fashion, and work independently. Ability to prioritize work and meet deadlines. Ability to establish and maintain effective working relationships with project team members, supervisors, and other employees. Education and/or Experience: Bachelor's Degree in Computer Science, or a related discipline. Language Skills: Speak, read, write and understand English Reasoning Ability: High Certificates, Licenses, Registrations: CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), or CISA (Certified Information Systems Auditor) certification are highly preferred. Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals to perform the essential functions. Under 1/3 of the time: Standing, Walking, Climbing or Balancing, Stooping, Kneeling, Crouching, or Crawling 1/2 to 2/3 of the time: Sitting, Reaching with Hands & Arms Over 2/3 of the time: Talking or Hearing 100% of the time: Using Hands Work Environment: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. 1/3 to 2/3 of the time: Work near moving or mechanical parts, exposure to radiation, moderate noise.

Job DescriptionScope of Work Objectives: The Information Security Risk Compliance Manage oversees the organization's efforts in Risk assessment, Risk mitigation, Compliance management, Security governance, incident response, vendor risk management, Security awareness and training, Security audits and assessments, reporting and communication, continual improvement, and cross-functional collaboration. Their role is to ensure that the organization's systems, networks, and processes are secure, compliant with regulations and standards, and aligned with organizational goals and objectives. Responsibilities: Conduct risk assessments to identify potential threats and vulnerabilities to the organization. Develop and implement risk management strategies and policies to mitigate identified risks. Monitor and evaluate risk exposure across various departments and business units. Coordinate with stakeholders to ensure compliance with regulatory requirements and industry standards. Communicate risk management strategies and findings to senior management and relevant stakeholders. Lead the development and maintenance of the organization's risk register and risk management framework. Provide guidance and support to departments and teams in implementing risk mitigation measures. Conduct training and awareness programs on risk management principles and practices. Continuously monitor and review the effectiveness of risk management strategies and adjust as necessary. Stay updated on emerging risks and industry trends to proactively address potential threats to the organization. Maintain and enhance the company-wide security awareness program. Take ownership of establishing and enforcing security standards both within the team and across the organization. Work proactively and collaboratively to achieve change management and buy-in. Deliverables: Compliance Management: Ensure compliance with relevant regulations, standards, and frameworks such as GDPR, HIPAA, ISO 27001, NIST, etc., by establishing and maintaining appropriate controls and processes. Risk Mitigation: Develop and oversee risk mitigation strategies and controls to address identified security risks, including implementing technical controls, security best practices, and security awareness training programs. Incident Response: Develop and implement incident response plans and procedures to effectively respond to and manage security incidents, including data breaches, cyberattacks, and security breaches. Vendor Risk Management: Assess and manage risks associated with third-party vendors and service providers, including evaluating their security posture, conducting due diligence assessments, and ensuring contractual compliance. Cross-functional collaboration: Collaborate with IT teams, legal, HR, compliance, and other departments to ensure a holistic approach to information security risk management and compliance. Continual Improvement: Monitor industry trends, emerging threats, and regulatory changes to ensure that the organization's information security risk and compliance programs remain up-todate and effective. Preferred Skills: Excellent verbal and written communication skills. Ability to work both independently and as part of a team. Knowledge of Networking (Firewall, Networking Protocols); Working knowledge Frameworks Working knowledge of Information Security Domains Working knowledge of Security protocols

We are seeking an experienced Information Security Manager to spearhead our efforts in safeguarding client data and maintaining a robust organizational threat posture. In this role, you will lead strategic initiatives to protect sensitive information, manage threat intelligence programs, and ensure compliance with relevant regulations. You will also collaborate closely with various internal teams-technical and non-technical alike-to develop, implement, and continuously improve security best practices. Key Responsibilities Client Data Protection & Compliance Design and enforce policies, procedures, and technical safeguards that secure client information from unauthorized access, disclosure, or misuse. Stay current on data privacy regulations (e.g., GDPR, CCPA) and industry standards (e.g., ISO 27001, SOC 2), incorporating them into organizational processes. Oversee and maintain data classification protocols, ensuring appropriate access controls and encryption methods are applied. Threat Intelligence & Vulnerability Management Establish a comprehensive threat intelligence program, monitoring emerging risks and industry trends that could impact clients' or the organization's security posture. Conduct routine vulnerability assessments, penetration tests, and security audits, prioritizing remediation efforts based on criticality. Collaborate with cross-functional teams (e.g., DevOps, Network Engineering) to implement and validate fixes or security upgrades. Incident Response & Crisis Management Develop and continuously refine the Incident Response Plan (IRP), outlining clear processes for detecting, containing, and remediating security breaches. Coordinate tabletop exercises and real-world simulations to test the IRP, training staff to respond effectively in high-stress scenarios. Serve as the primary point of contact during security incidents, liaising with external agencies (law enforcement, regulatory bodies) as necessary. Security Architecture & Best Practices Work with solution architects and system administrators to integrate robust security controls into infrastructure, software, and cloud environments. Evaluate and recommend new security products, tools, and services that enhance the organization's threat detection and prevention capabilities. Enforce secure coding practices, hardening standards, and network segmentation protocols that align with evolving threats. Governance, Risk & Compliance (GRC) Lead security risk assessments, identifying and documenting vulnerabilities, threats, and overall risk exposure to client data. Define and track security metrics (KPIs), reporting progress, gaps, and action plans to executive leadership. Oversee internal and external security audits, ensuring timely completion of any required corrective measures. Team Leadership & Collaboration Manage a team of security analysts, engineers, and incident responders, providing coaching, mentorship, and clear performance objectives. Foster a culture of security awareness and accountability throughout the organization, conducting regular training sessions for all staff. Coordinate with third-party vendors, managed security service providers, and consultants to strengthen the organization's security ecosystem. Requirements Education & Experience Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or related field (or equivalent experience). 5+ years of hands-on experience in information security, including roles in threat intelligence, GRC, and/or incident response. Experience working within heavily regulated industries (e.g., finance, healthcare, government) is highly desirable. Technical Skills Proficiency with SIEM platforms (e.g., Splunk, QRadar), endpoint protection suites, and vulnerability management tools (e.g., Nessus, Qualys). In-depth knowledge of security frameworks (NIST CSF, ISO 27001, COBIT) and compliance standards (PCI-DSS, HIPAA, SOC 2). Hands-on expertise in cloud security (AWS, Azure, GCP) and containerization platforms (Kubernetes, Docker) is a plus. Certifications Relevant certifications such as CISSP, CISM, CRISC, or GIAC (GSEC, GCIA, GCIH) strongly preferred. Soft Skills Exceptional problem-solving and analytical abilities, with a keen eye for detail. Excellent communication and presentation skills for both technical and executive audiences. Proven track record of managing diverse teams and collaborating effectively across departments. Personal Attributes Integrity: Upholds the highest ethical standards in protecting sensitive client data. Leadership: Inspires trust and confidence, fostering a culture of teamwork, accountability, and continual learning. Adaptability: Stays agile in a dynamic threat landscape, quickly pivoting security strategies as new risks emerge. Strategic Mindset: Balances day-to-day operational demands with long-term security vision and innovation. BenefitsWhat We Offer Competitive Compensation: Commensurate with experience, plus potential bonus structures. Comprehensive Benefits: Medical, dental, vision, and retirement plan options. Professional Growth: Training allowances, continuing education support, and clear career advancement paths. Impactful Work: Play a pivotal role in safeguarding clients' data and reputations, contributing to the organization's broader mission of secure service delivery.

As CureMD's Information Security Manager, you will oversee the development, implementation, and management of a strategic, comprehensive enterprise information security and IT risk management program tailored to the demands of healthcare IT. You will demonstrate strong proficiency in healthcare IT information security standards, including but not limited to HIPAA, NIST, HITRUST CSF, FedRAMP, ISO/IEC 27001, PCI DSS, and other relevant standards/regulations, ensuring our organization meets compliance requirements effectively. Job Responsibilities: Manage and execute a strategic enterprise information security and IT risk management framework, focusing on healthcare IT information security standards. Collaborate with business units to conduct risk assessments and manage risk, ensuring seamless integration of policies and standards across technology initiatives, systems, and services. Provide direction to the information security team, ensuring robust measures to protect patient data and organizational assets against current and emerging threats. Build partnerships across the company to promote risk management awareness and practices. Implement strategies for risk assessment and mitigation, safeguarding the organization's assets and ensuring business continuity and disaster recovery. Maintain security processes and policies to ensure compliance with local and national health, privacy, and safety regulations. Foster a culture of security awareness through training programs and effective communication to minimize risks and liabilities across informational, physical, and financial domains. Research and deploy advanced security solutions with a focus on AI-related risks. Work with executive leadership to develop budgets supporting security programs, contributing to a multi-year cybersecurity roadmap with clear goals, strategies, and metrics. Mentor and guide a skilled security team, fostering cross-functional collaboration, service excellence, and continuous improvement. Manage critical security functions such as Incident Response, Third-Party Security Assessment, Identity & Access Management, and Privileged User Access. Support governance and control strategies for emerging technologies, including cloud and distributed computing, staying ahead of developing security threats. Ensure cyber compliance through collaboration with the Cyber Security Governance Committee (CSG) and Audit Committee. Prepare and report on the organization's information security posture to Senior Management and stakeholders. Qualifications: Bachelor's degree in Engineering, Cybersecurity, or related field (Master's preferred). Hands-on technical experience in health IT risk management with a strong understanding of applicable standards such as HIPAA, HITRUST, and StateRAMP etc. Proven leadership in implementing and auditing information security programs. Strong analytical, problem-solving, and collaboration skills. Relevant certifications (e.g., CISSP, CISM) are desirable. Compensation and Benefits: Salary range $125,000 - $140,000. Comprehensive medical, dental, and vision insurance. Up to 4% employer match for 401(k). Commuter benefits and flexible spending account (FSA). Generous paid time off (PTO) and paid holidays. Hybrid schedule in a brand-new office located in the heart of the Financial District. Social events such as happy hours, birthday celebrations and company-sponsored lunches with Grubhub. Opportunities for professional development and career growth. The Difference You'll Make: At CureMD, every role, whether senior or junior, plays a pivotal part in transforming healthcare. By joining our innovative team, you'll contribute to groundbreaking technology that directly impacts patient care, enhances healthcare efficiency, and saves lives globally. Your skills and passion will drive meaningful change, helping us deliver solutions that support healthcare professionals in critical, real-time settings. Together, we're not just advancing technology - we're making a tangible difference in people's lives. Together, let's save lives. #LI-RL1 #LI-Onsite

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express. **Join Team Amex and let's lead the way together.** The Technical Risk Management (TRM) team, within the Global Risk and Compliance organization and led by the Chief Risk Officer, manage operational risks associated with Information & Cyber Security Risk, Business Disruption, Technology Risk, Data Risk, & AI Risk Management. The team also ensures that risk management activities are conducted in a manner compliant with regulatory requirements and expectations. The team aggregates and reports on key risk management and oversight activities to the relevant management and Board risk committees. **Functional Description:** This individual contributor role is part of the second line technology risk management team within the GRC group, headed by the Chief Risk Officer (CRO) of the company. This is a unique opportunity to work with a team of diverse and talented professionals who are responsible for building the technology risk management program and providing independent risk oversight to the technology, cyber security and data risks. Reporting to the Director for Technology Risk oversight, this position is responsible for independently assessing, reporting, and aggregating data risks (including data security, data architecture and data storage). The risks identified by this team are reported to the Senior Management, Risk Management Committees, Board of Directors, and Regulators. This position will be responsible for effectively collaborating with key stakeholders across lines of business and lines of defense to ensure data risks are managed effectively and efficiently in accordance with the company policies and applicable regulatory requirements. **Essential Job Functions:** + Drive cross-functional collaboration with internal stakeholders responsible for data risk management to ensure proactive identification, measurement, management, monitoring, and reporting of data security risks. + Provide effective oversight and credible challenge to the 1st line's implementation of data-related controls within the Risk and Control Self-Assessment (RCSA) and review the design and operating effectiveness of controls linked to data security, availability, and architecture. + Contribute to enterprise-wide initiatives focused on enhancing the data risk management framework, information security policies, & security standards. Support development of key risk indicators and key performance indicators that delivers meaningful insights into data security risks and control performance trends. + Perform data-driven reviews focused on data risk (including data security, data architecture and data storage) and prepare risk review reports for senior stakeholders and governance bodies. + Stay abreast of applicable regulations, guidelines, and industry standards, and drive continuous enhancement of oversight practices to ensure alignment with evolving regulatory expectations and leading practices. + Conduct exploratory data analysis on large sets of structure data using industry standard tools (Ex: SQL, Python, Power BI, and Excel data models) to develop meaningful insights on cybersecurity and technology related data. + Learn technology, cyber security, and business continuity management processes at American Express, demonstrating strong levels of curiosity and willingness, in order to present an effective credible challenge. + Support the design of independent technology risk oversight program which defines the engagement and integration with various risk management programs, including Risk and Control Self Assessments, operational risk event management, operational risk issue management. + Help embed a strong risk-aware culture, encouraging proactive risk management behaviors within the organization. **Minimum Qualifications:** + Minimum five years of experience in data security & risk management within the banking/financial services industry including policy & procedure development, risk appetite, risk control self-assessment and testing, operational event & issue management. + Proven ability to identify & assess risks, analyze issues and derive meaningful insights about risk trends by conducting interviews and analyzing large volumes of data. + Strong verbal and written communication skills with an ability to explain complex problems and ideas clearly and succinctly to senior management. + Ability to work in a highly collaborative environment, excellent relationship building skills and ability to influence partners with a firm strategic view. + Excellent analytical skills with high attention to detail and accuracy. + Excellent critical thinking and problem-solving skills. + Required self-starter who can work with minimal supervision. + Willingness to challenge traditional thinking by actively engaging in constructive dialogue. **Preferred** : + Educational background: Bachelor's in computer science or information systems. + Working knowledge of one or more of the data mining tools and technologies (SQL, Python, Power BI, Excel data models, pivot tables & DAX queries, R) + Experience in risk management frameworks and standards across cyber security, data risk, information technology, 3rd party, business continuity management. + Industry certifications (e.g., CISSP, CISM, CISA, CRISC, CompTIA Security ) + Understanding of risk assessment methodologies, frameworks, and industry standards (e.g., COSO, COBIT, ISO 27001, FAIR or NIST RMF). + Knowledge of relevant policies & regulations (e.g., OCC Heightened Standards, FFIEC IT booklets). + Experience with Governance, Risk and Compliance tools (Ex: Archer). **Qualifications** Salary Range: $110,000.00 to $190,000.00 annually bonus equity (if applicable) benefits The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we'll consider your location, experience, and other job-related factors. We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally: + Competitive base salaries + Bonus incentives + 6% Company Match on retirement savings plan + Free financial coaching and financial well-being support + Comprehensive medical, dental, vision, life insurance, and disability benefits + Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need + 20 weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy + Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) + Free and confidential counseling support through our Healthy Minds program + Career development and training opportunities For a full list of Team Amex benefits, visit our Colleague Benefits Site . American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law. American Express will consider for employment all qualified applicants, including those with arrest or conviction records, in accordance with the requirements of applicable state and local laws, including, but not limited to, the California Fair Chance Act, the Los Angeles County Fair Chance Ordinance for Employers, and the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance. For positions covered by federal and/or state banking regulations, American Express will comply with such regulations as it relates to the consideration of applicants with criminal convictions. We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually. * Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions. US Job Seekers - Click to view the " Know Your Rights " poster. If the link does not work, you may access the poster by copying and pasting the following URL in a new browser window: *************************** **Job:** Technology **Primary Location:** US-New York-New York **Schedule** Full-time **Tags** 2LOD_ERM - Enterprise Risk Management **Req ID:** 25010637

Major League Soccer (MLS) is seeking an experienced Chief Information Security Officer (CISO) to lead data privacy, compliance, and cybersecurity initiatives. The CISO will ensure MLS's adherence to global data protection regulations (e.g., GDPR, CCPA, HIPAA) while implementing robust security frameworks (ISO 27001, NIST, SOC 2). This role will also be responsible for MLS's Data Privacy Management Platform, ensuring secure and compliant data handling across digital platforms, customer data systems, and marketing technologies. The ideal candidate has deep expertise in data governance, access controls, privacy impact assessments (PIAs), and third-party risk management. They will lead MLS's efforts in integrating privacy-by-design principles into software development, ensuring that security and compliance are embedded across all business operations. Responsibilities Oversee and manage MLS's Data Privacy Management Platform, ensuring compliance with privacy laws and security best practices. Develop and enforce privacy and security policies for MLS's customer data platforms (CDPs), identity management systems, and digital marketing technologies. Ensure compliance with GDPR, CCPA, HIPAA, and other global privacy frameworks, working closely with Legal, IT, and Marketing teams. Lead incident response, breach management, and regulatory reporting, ensuring adherence to data breach notification laws. Conduct privacy impact assessments (PIAs) and risk assessments for new technologies and data initiatives. Secure engineering processes and the software development lifecycle by implementing security measures such as code review, vulnerability testing, security education, and establishing DevSecOps practices. Oversee third-party Information Security risk management, ensuring vendor compliance with MLS's security and privacy requirements. Lead security awareness and training programs for employees, contractors, and partners. Regularly report on security risks, compliance status, and emerging threats. Work with MLS Clubs on enterprise-wide security policies and data privacy management solutions. Qualifications Education and Experience Bachelor's Degree required 12+ years of experience in information security, privacy, and compliance leadership roles. Required Skills Expert knowledge of global data protection regulations (e.g., GDPR, CCPA, HIPAA) and how to operationalize compliance through policies, access controls, and technology. Experience managing Data Privacy Management Platforms and implementing privacy frameworks such as ISO 27701 (Privacy Information Management System), NIST Privacy Framework, and SOC 2 Privacy Criteria. Strong background in data governance, consent management, and privacy-by-design principles for digital platforms. Technical expertise in encryption, identity & access management (IAM), secure software development (DevSecOps), and cloud security. Experience leading cybersecurity risk assessments, vulnerability management, and incident response programs. Ability to collaborate across Legal, Compliance, IT, Marketing, and Business teams to align privacy and security initiatives with organizational goals. Exceptional communication and leadership skills, with the ability to engage executive stakeholders and drive security awareness. Relevant certifications such as CISSP, CISM, CIPP (US/EU), CRISC, or ISO 27001 Lead Implementer are preferred. High-level of commitment to a quality work product and organizational ethics, integrity and compliance Ability to work effectively in a fast paced, team environment Strong interpersonal skills and the ability to effectively communicate, both verbally and in writing Demonstrated decision making and problem-solving skills High attention to detail with the ability to multi-task and meet deadlines with minimal supervision Proficiency in Word, Excel, PowerPoint and Outlook Total Rewards Major League Soccer offers a competitive starting base salary of $200,000 - $275,000, based on individual qualifications, market financials, and operational business needs. We are committed to providing a Total Rewards package that attracts, supports, engages, and retains talent. Our benefits package includes comprehensive medical, dental, and vision coverage, a $500 wellness reimbursement, and generous PTO. We also prioritize career and professional development, offering on-the-job training, feedback, and ongoing educational opportunities. We believe in the power of in-person collaboration to fuel creativity, strengthen connections, and cultivate a vibrant workplace. As a result, employees are required to work from an MLS office at least four days a week. We understand the value of balance, so employees also have the flexibility of working remotely on Fridays, along with the option to take up to two additional remote flex days each month. At Major League Soccer, we are proud to be an equal opportunity employer. We value diversity and inclusion and believe that a diverse workforce enhances our ability to compete in the marketplace. We are committed to providing equal employment opportunities to all individuals regardless of race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law. We are dedicated to ensuring that individuals with disabilities are provided reasonable accommodation throughout the job application or interview process, essential job functions, and other benefits and privileges of employment. If you require accommodation, please contact us to request it.We can recommend jobs specifically for you! Click here to get started.

We are looking to hire an expert in physical security information technology to help us keep our physical spaces safe and secure on a global scale. Technology is central to our business, and you will join a team dedicated to supporting our global physical security operations center (PSOC) which keeps our office buildings, disaster recovery sites, and colocation sites secure. You'll take a hands-on role in a wide range of tasks each day, including high-level security design and the building, testing, commissioning, maintenance, and troubleshooting of our security systems. You'll also monitor and maintain our access control, video management, intercom, and visitor management systems. The right person will enjoy working independently on small teams, solving complex problems, and making decisions that have a real and immediate impact on the firm. This role sits within our broader Technology group which designs, deploys, and supports all of the infrastructure underpinning our trading activities. Our firm is growing fast, and with over 2,600 employees across four office locations, our security challenges have become substantially more interesting over the last 10 years. We invest heavily in technology, and your expertise and ideas will help us continue to meet the highest standard of security. About You Have 5+ years of professional experience in physical security systems, including system administration, installation, design, vendor management, and security project management (experience supporting a PSOC environment is preferred) Have excellent analytical and creative problem-solving skills Can manage and monitor access control and video monitoring systems efficiently, and are strongly familiar with relevant enterprise system platforms (i.e., Genetec, Software House, Honeywell, Milestone, Salient Systems); already having an enterprise-level certification in CCURE and Genetec is preferred Have strong networking knowledge Experienced in deploying and troubleshooting IP cameras, access control panels, door hardware, and other relevant equipment Experienced in overseeing the design, development, implementation, and maintenance of multiple security systems (such as access control and CCTV systems) and have a deep understanding of the overarching security principles Experienced with cloud-based security technologies such as SAAS Experienced in writing PowerShell scripts Reliable, collaborative, and flexible team player with a positive attitude Experienced with IOT cyber programs Having a working knowledge of access control SDK/API is a plus Having a background in electrical engineering or low-voltage systems is a plus If you're a recruiting agency and want to partner with us, please reach out to **********************************.

A client of Insight Global is looking for a Level 6 Anti-Tamper System Security Engineer to join their team. This person will be responsible for leading the development and implementation of Anti-Tamper measures and serve as a subject matter expert in the area. Additional responsibilities include: - Assessing threats via attack analysis - Engineer secure systems - Develop Program Protection Plans - Collaborate with customers, internal teams, and leadership - Mentor junior engineers This position follows a 9/80 schedule in Clifton, NJ. We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form (****************************************** Og4IQS1J6dRiMo) . The EEOC "Know Your Rights" Poster is available here (*********************************************************************************************** . To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: *************************************************** . Skills and Requirements - Bachelor's degree and 12 YOE or Graduate degree and 10 YOE - If no degree, 16 YOE is required - Secret Security Clearance - Professional experience with RMF - Prior experience with development and implementation of Anti-Tamper - Active TS/SCI Clearance null We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to ********************.

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express. Join Team Amex and let's lead the way together. The Technical Risk Management (TRM) team, within the Global Risk and Compliance organization and led by the Chief Risk Officer, manage operational risks associated with Information & Cyber Security Risk, Business Disruption, Technology Risk, Data Risk, & AI Risk Management. The team also ensures that risk management activities are conducted in a manner compliant with regulatory requirements and expectations. The team aggregates and reports on key risk management and oversight activities to the relevant management and Board risk committees. Functional Description: This individual contributor role is part of the second line technology risk management team within the GRC group, headed by the Chief Risk Officer (CRO) of the company. This is a unique opportunity to work with a team of diverse and talented professionals who are responsible for building the technology risk management program and providing independent risk oversight to the technology, cyber security and data risks. Reporting to the Director for Technology Risk oversight, this position is responsible for independently assessing, reporting, and aggregating data risks (including data security, data architecture and data storage). The risks identified by this team are reported to the Senior Management, Risk Management Committees, Board of Directors, and Regulators. This position will be responsible for effectively collaborating with key stakeholders across lines of business and lines of defense to ensure data risks are managed effectively and efficiently in accordance with the company policies and applicable regulatory requirements. Essential Job Functions: * Drive cross-functional collaboration with internal stakeholders responsible for data risk management to ensure proactive identification, measurement, management, monitoring, and reporting of data security risks. * Provide effective oversight and credible challenge to the 1st line's implementation of data-related controls within the Risk and Control Self-Assessment (RCSA) and review the design and operating effectiveness of controls linked to data security, availability, and architecture. * Contribute to enterprise-wide initiatives focused on enhancing the data risk management framework, information security policies, & security standards. Support development of key risk indicators and key performance indicators that delivers meaningful insights into data security risks and control performance trends. * Perform data-driven reviews focused on data risk (including data security, data architecture and data storage) and prepare risk review reports for senior stakeholders and governance bodies. * Stay abreast of applicable regulations, guidelines, and industry standards, and drive continuous enhancement of oversight practices to ensure alignment with evolving regulatory expectations and leading practices. * Conduct exploratory data analysis on large sets of structure data using industry standard tools (Ex: SQL, Python, Power BI, and Excel data models) to develop meaningful insights on cybersecurity and technology related data. * Learn technology, cyber security, and business continuity management processes at American Express, demonstrating strong levels of curiosity and willingness, in order to present an effective credible challenge. * Support the design of independent technology risk oversight program which defines the engagement and integration with various risk management programs, including Risk and Control Self Assessments, operational risk event management, operational risk issue management. * Help embed a strong risk-aware culture, encouraging proactive risk management behaviors within the organization. Minimum Qualifications: * Minimum five years of experience in data security & risk management within the banking/financial services industry including policy & procedure development, risk appetite, risk control self-assessment and testing, operational event & issue management. * Proven ability to identify & assess risks, analyze issues and derive meaningful insights about risk trends by conducting interviews and analyzing large volumes of data. * Strong verbal and written communication skills with an ability to explain complex problems and ideas clearly and succinctly to senior management. * Ability to work in a highly collaborative environment, excellent relationship building skills and ability to influence partners with a firm strategic view. * Excellent analytical skills with high attention to detail and accuracy. * Excellent critical thinking and problem-solving skills. * Required self-starter who can work with minimal supervision. * Willingness to challenge traditional thinking by actively engaging in constructive dialogue. Preferred: * Educational background: Bachelor's in computer science or information systems. * Working knowledge of one or more of the data mining tools and technologies (SQL, Python, Power BI, Excel data models, pivot tables & DAX queries, R) * Experience in risk management frameworks and standards across cyber security, data risk, information technology, 3rd party, business continuity management. * Industry certifications (e.g., CISSP, CISM, CISA, CRISC, CompTIA Security+) * Understanding of risk assessment methodologies, frameworks, and industry standards (e.g., COSO, COBIT, ISO 27001, FAIR or NIST RMF). * Knowledge of relevant policies & regulations (e.g., OCC Heightened Standards, FFIEC IT booklets). * Experience with Governance, Risk and Compliance tools (Ex: Archer). Salary Range: $110,000.00 to $190,000.00 annually + bonus + equity (if applicable) + benefits The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we'll consider your location, experience, and other job-related factors. We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally: * Competitive base salaries * Bonus incentives * 6% Company Match on retirement savings plan * Free financial coaching and financial well-being support * Comprehensive medical, dental, vision, life insurance, and disability benefits * Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need * 20+ weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy * Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) * Free and confidential counseling support through our Healthy Minds program * Career development and training opportunities For a full list of Team Amex benefits, visit our Colleague Benefits Site. American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law. American Express will consider for employment all qualified applicants, including those with arrest or conviction records, in accordance with the requirements of applicable state and local laws, including, but not limited to, the California Fair Chance Act, the Los Angeles County Fair Chance Ordinance for Employers, and the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance. For positions covered by federal and/or state banking regulations, American Express will comply with such regulations as it relates to the consideration of applicants with criminal convictions. We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually. * Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions. US Job Seekers - Click to view the "Know Your Rights" poster. If the link does not work, you may access the poster by copying and pasting the following URL in a new browser window: ***************************

We are looking to hire an expert in physical security information technology to help us keep our physical spaces safe and secure on a global scale. Technology is central to our business, and you will join a team dedicated to supporting our global physical security operations center (PSOC) which keeps our office buildings, disaster recovery sites, and colocation sites secure. You'll take a hands-on role in a wide range of tasks each day, including high-level security design and the building, testing, commissioning, maintenance, and troubleshooting of our security systems. You'll also monitor and maintain our access control, video management, intercom, and visitor management systems. The right person will enjoy working independently on small teams, solving complex problems, and making decisions that have a real and immediate impact on the firm. This role sits within our broader Technology group which designs, deploys, and supports all of the infrastructure underpinning our trading activities. Our firm is growing fast, and with over 2,600 employees across four office locations, our security challenges have become substantially more interesting over the last 10 years. We invest heavily in technology, and your expertise and ideas will help us continue to meet the highest standard of security. About You * Have 5+ years of professional experience in physical security systems, including system administration, installation, design, vendor management, and security project management (experience supporting a PSOC environment is preferred) * Have excellent analytical and creative problem-solving skills * Can manage and monitor access control and video monitoring systems efficiently, and are strongly familiar with relevant enterprise system platforms (i.e., Genetec, Software House, Honeywell, Milestone, Salient Systems); already having an enterprise-level certification in CCURE and Genetec is preferred * Have strong networking knowledge * Experienced in deploying and troubleshooting IP cameras, access control panels, door hardware, and other relevant equipment * Experienced in overseeing the design, development, implementation, and maintenance of multiple security systems (such as access control and CCTV systems) and have a deep understanding of the overarching security principles * Experienced with cloud-based security technologies such as SAAS * Experienced in writing PowerShell scripts * Reliable, collaborative, and flexible team player with a positive attitude * Experienced with IOT cyber programs * Having a working knowledge of access control SDK/API is a plus * Having a background in electrical engineering or low-voltage systems is a plus If you're a recruiting agency and want to partner with us, please reach out to **********************************.