Security architect jobs in Union, NY - 1,196 jobs

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you'd like, where you'll be supported and inspired bya collaborative community of colleagues around the world, and where you'll be able to reimagine what's possible. Join us and help the world's leading organizationsunlock the value of technology and build a more sustainable, more inclusive world. The Senior Security Analyst supports the governance of service provider activities in the enterprise security program, monitoring and escalating problems and providing information on security issues. Undertakes security assurance and audit activities to ensure compliance and to identify risks and opportunities. Provides information to senior managers and executives to ensure that they are aware of any security-related risks or opportunities. Provides subject matter expertise, consultancy and training in security-related matters. Must be able to function in a fast-paced, multi-vendor outsourced environment, facilitating conference calls among other subject matter experts and the client. Responsibilities Handles monthly reporting duties for the Information Risk Management team. Facilitates audit planning and audit remediation activities of the service providers, leading calls and documenting and reporting progress. Has familiarity with security technologies and controls; expertise not required, but the ability to escalate to more senior subject matter experts is important. Develops work plans to structure solutions and communications. Involves client and vendor staff appropriately in resolving security problems. Participates effectively within the business' security governance framework. Tracks the corrective and preventive actions being taken to improve security to closure. Possesses strong communication skills to communicate technical and security risk information to management. Experience Ability to self-manage with little interaction from other management staff. Flexible and able to adapt to manage a fast‑changing environment. Ability to solve complex issues and provide recommendations and advice regarding remediations. Experience with security architecture, security software, or security policy. Ability to organize agendas, lead conference calls, and track action items to completion. Security and Audit certifications such as SSCP, CISSP, CISA, CISM, CGEIT, CRISC, Security+ are preferred. Job Description - Grade Specific The base compensation range for this role in the posted location is: $65,586-121,980. Capgemini provides compensation range information in accordance with applicable national, state, provincial, and local pay transparency laws. The base compensation range listed for this position reflects the minimum and maximum target compensation Capgemini, in good faith, believes it may pay for the role at the time of this posting. This range may be subject to change as permitted by law. The actual compensation offered to any candidate may fall outside of the posted range and will be determined based on multiple factors legally permitted in the applicable jurisdiction. These may include, but are not limited to: Geographic location, Education and qualifications, Certifications and licenses, Relevant experience and skills, Seniority and performance, Market and business consideration, Internal pay equity. It is not typical for candidates to be hired at or near the top of the posted compensation range. In addition to base salary, this role may be eligible for additional compensation such as variable incentives, bonuses, or commissions, depending on the position and applicable laws. Capgemini offers a comprehensive, non‑negotiable benefits package to all regular, full‑time employees. In the U.S. and Canada, available benefits are determined by local policy and eligibility and may include: Paid time off based on employee grade (A-F), defined by policy: Vacation: 12‑25 days, depending on grade, Company paid holidays, Personal Days, Sick Leave Medical, dental, and vision coverage (or provincial healthcare coordination in Canada) Retirement savings plans (e.g., 401(k) in the U.S., RRSP in Canada) Life and disability insurance Employee assistance programs Other benefits as provided by local policy and eligibility Important Notice: Compensation (including bonuses, commissions, or other forms of incentive pay) is not considered earned, vested, or payable until it becomes due under the terms of applicable plans or agreements and is subject to Capgemini's discretion, consistent with applicable laws. The Company reserves the right to amend or withdraw compensation programs at any time, within the limits of applicable legislation. Disclaimers Capgemini is an Equal Opportunity Employer encouraging inclusion in the workplace. Capgemini also participates in the Partnership Accreditation in Indigenous Relations (PAIR) program which supports meaningful engagement with Indigenous communities across Canada by promoting fairness, accessibility, inclusion and respect. We value the rich cultural heritage and contributions of Indigenous Peoples and actively work to create a welcoming and respectful environment. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodation does not pose an undue hardship. Capgemini is committed to providing reasonable accommodation during our recruitment process. If you need assistance or accommodation, please reach out to your recruiting contact. Ref. code 385096-en_US Posted on 05 Jan 2026 Contract type Permanent Location Atlanta, Austin, Bellevue, Berwyn, Bridgewater, Brooklyn, Burlington, Chicago, Columbia, Dallas, Dayton - Sogeti US, Guaynabo, Houston, Irving, Mclean, Nashville, New York, San Francisco, Santa Clara, Seattle, Southfield, Tampa, Westerville #J-18808-Ljbffr

A leading crypto platform is seeking a Senior IAM Security Engineer to secure identity and access management systems. The role involves developing IAM services, collaborating with engineering teams, and ensuring secure authentication patterns. Candidates should have solid software development skills in Python or Go, experience with PKI and secrets management, and a strong understanding of identity protocols. This position offers a competitive salary and a hybrid work approach, with office presence required twice a week in San Francisco or New York City. #J-18808-Ljbffr

A fast-paced MCA company is seeking an AI & Automation Developer to enhance the underwriting process through innovative automation solutions. This role involves building systems to streamline data capture and analysis. The ideal candidate will have strong technical skills, experience in automation, and the ability to create efficient workflows. A detail-oriented approach and problem-solving mindset are essential. The role offers a competitive salary of $150k/year and an opportunity to work on impactful projects that improve operational efficiency. #J-18808-Ljbffr

12+ years of experience working with the ServiceNow platform in multiple roles (Architect / Developer / Business Analyst etc.) Proven track record in independently managing end-to-end ServiceNow implementations for at least two application suites (ITSM / ITOM / SecOps etc.) Proven track record as a platform owner / lead for mid/large ServiceNow deployments for global organizations Minimum 5 years of experience in supporting ServiceNow sales; with hands on experience in with solution design, pricing, effort estimation, solution defense and drafting Statement of work. Strong understanding of ServiceNow versions, features and licensing models. Must have good communication and articulation skills with experience interacting with C-Suite stakeholders Experienced working in an onsite - offshore model; managing offshore teams remotely. Must have experience in independently driving discovery, design and ‘art of possible' workshops with customers and can identify and map business requirements against platform capabilities. Strong domain expertise in two or more of the following areas: IT Service Management Customer Service Management Security Operations Governance, Risk and Compliance Strong working knowledge of some or all of the below ServiceNow application suites: ITSM ITOM IRM SecOps ITAM Must be ServiceNow certified

Define Martech architecture AEM Marketo Target Analytics CDP and integration patterns Orchestrate personalization marketing automation and measurement frameworks Partner with business marketing to translate use cases into scalable designs and roadmaps Guide implementation teams establish standards for quality security and performance Support presales POVs evangelize best practices across stakeholders

About Company:: Bristlecone is a supply chain and business analytics advisor, serving customers across a wide range of industries. Rated by Gartner as among the top ten system integrators in the supply chain space, we are uniquely positioned to solve contemporary business problems, with supply chain and analytics focus as our advantage. We have been a trusted partner and advisor to many leading, globally recognized companies such as Applied Materials, Exxon Mobil, Flextronics, LSI Logic, Mahindra, Motorola, Nestle, Palm, Qatar Petroleum, Ranbaxy, Unilever and Whirlpool and many others. Role Overview: The SAP IBP IO Architect is responsible for designing, implementing, and optimizing SAP Integrated Business Planning (IBP) solutions with a strong focus on the Inventory Optimization (IO) with knowledge of R&S module. This role combines deep technical expertise with strong business process knowledge to deliver advanced supply chain planning capabilities that drive inventory efficiency, service level improvements, and cost reduction. The ideal candidate will have extensive hands on experience in SAP IBP architecture, configuration, integration with S/4HANA or ECC, and strong knowledge of supply chain planning processes (inventory, demand, supply, and S&OP). Key Responsibilities: Lead the design and architecture of SAP IBP-IO solutions aligned with business objectives. Determine success criteria Define and maintain the solution architecture, data flows, and integration points with SAP ECC/S4HANA, APO, or non-SAP systems. Configure and implement SAP IBP Inventory Optimization models (e.g., safety stock calculation, multi-echelon inventory optimization). Set up key figures, planning areas, master data, and planning operators relevant to IO. Optimize algorithms and parameters to balance inventory levels, service targets, and cost objectives. Collaborate with business stakeholders, process owners, and IT teams to translate business requirements into functional and technical designs. Conduct workshops and training sessions for key users and planners. Travel to various client slides to work with planners . Required Qualifications: Bachelor's degree in Supply Chain Management, Information Systems, Engineering, or related field. 12- 15 years years of experience in SAP Supply Chain Planning solutions. 5+ years of hands-on experience with SAP IBP, with at least 2 Implementations focused on Inventory Optimization (IO). Experience integrating SAP IBP with S/4HANA, ECC, or non-SAP ERP systems using CPI-DS or other middleware tools. Familiarity with SAP Best Practices for IBP and Supply Chain Planning KPIs. Strong analytical and problem-solving skills with attention to detail. Excellent communication and stakeholder management abilities.

What We're Doing: Lockheed Martin's, Rotary & Mission Systems (LM RMS), Security and Emergency Services department invites you to step up to one of today's most daunting challenges: the protection of exquisite government capabilities leading to warfighter supremacy against our peer and near peer adversaries. As a security professional at Lockheed Martin, you'll safeguard the sensitive information and warfighting capabilities that our citizens and the world depend upon to protect U.S. and ally interests. Here, you'll work alongside other security experts and military members to support their military operational objectives by providing them with a safe and secure operating environment. In this fast-paced, real-world environment, you'll draw on all your education and experience as well as the resources of Lockheed Martin to keep these exquisite capabilities protected. The Work: This position is located in Owego, NY and will support multiple programs. As a Classified Cyber Security /ISSO, you will be responsible for overseeing day-to-day information system security operations, including auditing and compliance with internal LM and customer security requirements. You will also be responsible for technical administration of IS in accordance with internal LM and customer security requirements, primarily Risk Management Framework (RMF). Your responsibilities will include: - Oversee day-to-day information system (IS) security operations including hardware and software implementations. - Carry out technical administration of IS in accordance with internal LM and customer security requirements, primarily Risk Management Framework (RMF). - Auditing of the IS. - Upkeep, monitor, analyze, and respond to network and security events. - Document compliance actions within the approved automated compliance tracking system or develop a plan of actions and milestones (POA&M) with the Information Systems Security Manager (ISSM) to address non-compliance in the allotted time frame. - Ensure systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the security plan. - Ensure configuration management (CM) for security-relevant IS software, hardware, and firmware is maintained and documented in accordance with baseline. - Ensure all information system security-related documentation is current and accessible to properly authorized individuals. - Evaluate proposed changes or additions to the information system, and advise the ISSM of their security relevance. - Assist and conduct IS security education. - Participate in internal/external security audits/inspections; perform risk assessments. - Inform ISSM on technical IS security matters. - Assist in conducting investigations of computer security violations and incidents, reporting as necessary to both the Program Security Representative (PSR) and Program Managers. - Ensure proper protection and/or corrective measures have been taken when an incident or vulnerability has been discovered. - Communicate, implement and manage a formal Information Security/Information Systems Security Program together with ISSM and PSR. - Implement and enforce Information Security Policies and Procedures together with ISSM and PSR. - Review and oversee RMF Package authorizations with the ISSM. Who we are: In support of our US Marine Corps, US Navy, and US Air Force customers, the ISSO will support all aspects of the information security program and continue a strong history of success. Why Join Us: Your Health, Your Wealth, Your Life With our employees as our top priority, we provide unique career opportunities designed to propel development and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. At Lockheed Martin, we place an emphasis on empowering our employees by fostering innovation. Basic Qualifications - 5 years of Cybersecurity/Information Assurance experience - Keen attention to detail and adherence to established security policies - Excellent verbal and writing skills - Experience managing and implementing the ATO Lifecyle utilizing eMASS or other technologies - First-hand experience performing Information System audits - Experience with system certification and continuous monitoring - Information System account and asset management experience - Knowledge of and previous use of NIST SP 800-37 Risk Management Framework (RMF), and/or NIST SP 800-53 Security and Privacy Controls requirements - IAT II Level Certification (e.g., COMPTIA Security +) Desired skills -Prior Information System Security Officer (ISSO), or administrator experience. -Experience working with DCSA RMF implementation. -Hands-on experience with industry standard Information Assurance tools such as STIG Viewer, SCC Tool, and Splunk. -Experience performing security system hardening, analysis, vulnerability management, DISA STIGs. -Proven ability to build and maintain effective relationships with multiple customers, including Government & other groups within LM. Lockheed Martin is an equal opportunity employer. Qualified candidates will be considered without regard to legally protected characteristics. The application window will close in 90 days; applicants are encouraged to apply within 5 - 30 days of the requisition posting date in order to receive optimal consideration. * At Lockheed Martin, we use our passion for purposeful innovation to help keep people safe and solve the world's most complex challenges. Our people are some of the greatest minds in the industry and truly make Lockheed Martin a great place to work. With our employees as our priority, we provide diverse career opportunities designed to propel, develop, and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. We place an emphasis on empowering our employees by fostering an inclusive environment built upon integrity and corporate responsibility. If this sounds like a culture you connect with, you're invited to apply for this role. Or, if you are unsure whether your experience aligns with the requirements of this position, we encourage you to search on Lockheed Martin Jobs, and apply for roles that align with your qualifications. Other Important Information By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings. Ability to work remotely Onsite Full-time: The work associated with this position will be performed onsite at a designated Lockheed Martin facility. Work Schedule Information Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits. Security Clearance Information This position requires a government security clearance, you must be a US Citizen for consideration. Pay Rate: The annual base salary range for this position in California, Massachusetts, and New York (excluding most major metropolitan areas), Colorado, Hawaii, Illinois, Maryland, Minnesota, New Jersey, Vermont, Washington or Washington DC is $93,200 - $164,450. For states not referenced above, the salary range for this position will reflect the candidate's final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. (Washington state applicants only) Non-represented full-time employees: accrue at least 10 hours per month of Paid Time Off (PTO) to be used for incidental absences and other reasons; receive at least 90 hours for holidays. Represented full time employees accrue 6.67 hours of Vacation per month; accrue up to 52 hours of sick leave annually; receive at least 96 hours for holidays. PTO, Vacation, sick leave, and holiday hours are prorated based on start date during the calendar year. This position is incentive plan eligible. Pay Rate: The annual base salary range for this position in most major metropolitan areas in California, Massachusetts, and New York is $107,300 - $185,840. For states not referenced above, the salary range for this position will reflect the candidate's final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. This position is incentive plan eligible.

Provide proven expertise and knowledge in Governance, Risk and Compliance (GRC), internal and external audit and assessment support and Information Security assurance initiatives. A firm knowledge of security compliance controls i.e NIST 800-53r4, HIPAA, HITECH, ISO27001 and other security standard frameworks is an absolute requirement. Gather and analyze metrics, key risk indicators and maintain scorecards defined within the area of information security to ensure the information security program is meeting governance expectations and maturity. This candidate must be familiar with general security risk management principals, healthcare and government-designed security control standards and best practices for security and privacy. Candidate should be familiar with documented security plans, procedures, supporting evidence and risk rating standards based on NIST and other risk management frameworks. Assist with evaluation and testing as well as work with the applicable teams to track, address, and remediate audit and assessment findings to closure. Candidate must be familiar with threats and vulnerabilities, latest trends and risks and be able to understand the technical remediation action steps or plans and communicate them effectively to teams within the organization. Manage policy exceptions with requestors and coordinate the annual exception review process. Requires working directly with various teams to document exceptions, identify compensating controls, and remediation action plans accordingly. Provide process improvement suggestions for more effective management and review of exceptions. Support and help mature the overall security management program. Should be familiar with general governance, risk and compliance (GRC) programs with specific knowledge of government practices, and security risk and policy management. Provide support for ongoing BAA, third party risk reviews, including initial inherent risk, ongoing residual risk, and attestation campaigns. Support and help maintain risk appetite frameworks focused on security and business continuity risks. Additionally, support and maintain other general regulatory risk assurance program functions. Support and address regular IT general controls (ITGC) activity reviews and be able to rate and score maturity and compliance to standard control objectives. A knowledge of security architectures including SDLC, cloud or multi-tenant infrastructure and environments and network/boundary architectures. Should be familiar with SIEM, DLP, and other reporting and protection capabilities. Qualifications This position requires: BS or BA degree in a related field or equivalent work experience. Minimum 5 years in information security, Risk Management, IT compliance, or security/IT risk related field. Strong oral and written communication, as well as good interpersonal skills. Knowledge and experience in standard security and regulatory frameworks including HIPAA, HITECH, NIST 800-53, other NIST standards, ISO 27001/31000, FFIEC and PCI. Possess the ability to solve a wide range of complex problems, requiring ingenuity and innovation. Preferred/Nice-to-haves: Experience using GRC platforms or rating scorecards to show compliance levels and maturity. Experience with SharePoint administration, including workflow and process design. Current Certified Information Systems Security Professional CISSP certification (or similar security profession certificate). Current Certified Information Systems Auditor CISA certification (or similar). Additional Information PlanIT Group, LLC is an Equal Opportunity/Affirmative Action (M/F/D/V) Employer. All your information will be kept confidential according to EEO guidelines.

Outcomes. Delivered. Voyatek, formerly GCOM Software and OnCore Consulting, delivers outcome-driven technology solutions to public sector agencies and higher education institutions nationwide. For example, our technology: Facilitates access to nutritious food for children of mothers participating in the WIC program Supports first responders in reducing opioid overdoses within their communities Empowers colleges and universities to identify and thwart financial aid fraud Equips teachers with valuable insights to identify students requiring additional support Enhances efficiency for state tax agencies, leading to 99% faster return processing and quicker refunds for taxpayers With a focus on Tax & Revenue, Health & Human Services, and Justice & Public Safety, Voyatek combines the scale to support large complex projects with the agility and accessibility of a boutique solutions provider. Together, Voyatek and its customers work to improve population wellbeing, create safer communities, and foster a thriving economy. We're more than a technology company -- we're an outcomes company. We encourage our employees to think differently, ask tough questions, and relentlessly pursue what's best for our customers and the residents they serve. We believe that the value of technology is defined by its human impact. If you agree, you've come to the right place. Voyatek is seeking applicants to occupy the position of SAP Security Analyst within our team. Client Details: The New York Power Authority (NYPA) is the largest state public power organization in the United States, renowned for its role in providing clean, affordable, and reliable energy. NYPA's mission is to power New York with clean energy while driving economic growth and sustainability. It focuses on reducing greenhouse gas emissions, modernizing the state's energy infrastructure, and promoting energy efficiency and innovation across sectors. New York Power Authority's (“NYPA”) current on-premise Enterprise Resource Planning (“ERP”) system, SAP ECC 6.0, is almost 20 years old and is approaching technological obsolescence. Systems Application and Products (“SAP”) has already released its statement of intent to end new development on that platform and is planning on removing it from standard support on December 31, 2027. Project Luminate is a program to replace NYPA's current on-premise ERP system with a cloud-based system to ensure an adaptable environment able to meet NYPA's needs. In 2023, NYPA awarded a contract to Gartner Inc. to perform a detailed readiness assessment to define key requirements that the new system has to meet and to identify current business process improvements that are critical to be addressed as a precursor to the transition to a cloud-based platform. Key Responsibilities: Participate in SAP GRC project, enhancement and support and other relevant assignments (as needed) and provisioning across various ERP application environments following the organizational guideline and procedure and perform the below activities. Configure and maintain SAP GRC tools, including Access Control, Risk Management, and Process Control and IAG. Provision and manage user accounts and access to SAP systems, ensuring that all access is granted in accordance with established policies. Design, configure, and maintain roles, authorizations, and user access within S/4HANA, ensuring appropriate access levels for users. Generate reports and conduct audits to monitor SAP security & ITGC controls and ensure compliance including SOD management and configuration. Investigate and resolve GRC-related issues, providing timely support to users and other IT teams. Maintain comprehensive documentation of security policies, procedures, and role designs. Work with cross-functional teams, including IT, business users, and auditors, to ensure alignment of security requirements and best practices. Qualifications: SAP ERP (S/4 Hana is added plus), Workday, Active Directory group, GRC AC 10.1 and above, Microsoft Azure, success factor, applicable functional knowledge for SAP security in the area like Finance, MM, ISU billing etc., SAP audit & compliance. Bachelor's degree in engineering, IT, or related field. 7-10 years of hands-on industry experience in SAP GRC AC and PC implementation and administration. Familiarity with SAP S/4HANA system landscapes, including Fiori authorizations in cloud-based environment (SAP RISE). Proficiency in using SAP security tools and configurations. Ability to identify, analyze, and resolve complex security and compliance issues. Strong interpersonal and communication skills, with the ability to effectively collaborate with diverse teams. The wage range for this role reflects the wide array of factors considered in compensation decisions. These factors include, but are not limited to, skill sets, experience, training, licensure and certifications, and geographic location. Compensation decisions are based on the unique facts and circumstances of each case. A reasonable estimate of the hourly range is $74.00 - $84.00. At Voyatek, we believe in supporting our employees with a comprehensive benefits package designed to enhance their well-being and professional growth. Please note that eligibility for certain benefits may vary based on your role and employment status. Health, Dental, and Vision Insurance Medical, Limited, & Dependent Flexible Spending Accounts (FSA) Health Savings Account (HSA) with Employer Contributions Company-Paid and Voluntary Life Insurance Long and Short-Term Disability Insurance Accident, Critical Illness, & Hospital Indemnity Insurance 401(k) Retirement Plan with Company Match and Immediate Vesting Wellhub Fitness and Wellness Platform Pet Insurance Training Opportunities Employee Referral Bonus Program We are committed to fostering a workplace that supports both your personal and professional aspirations. As part of our commitment to maintaining a compliant workplace, all final candidates will undergo and must pass a comprehensive background screening prior to starting work. This screening may include, but is not limited to, verification of employment history, education, criminal records, and other relevant checks. For certain positions, additional client-specific background screenings may be required in the future, in accordance with client requirements. Voyatek does significant work with Federal and State tax and revenue authorities. If applicable to this role, all hires will be required to obtain a Federal Public Trust Clearance (Moderate Background Investigation). This clearance process may start upon offer acceptance; and must be cleared prior to working on these projects. If you think you are a good fit for us, we encourage you to apply. Check out our career website for all open positions! Voyatek provides equal employment opportunities to all employees and applicants for employment. Voyatek will make employment decisions without regard to race, color, creed, ancestry, national origin, citizenship, sex or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status or domestic violence victim status, religion, age, disability, genetic information, service in the military, or any other characteristic protected by applicable federal, state, or local laws and ordinances. Employment decisions include all terms and conditions of employment, including recruitment and hiring, job assignment/placement, promotion, upgrading, demotion, termination, layoff, recall, transfer, leave of absence, rates of pay or other compensation, internship, and training.

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: * Secure the Magic by protecting information systems and platforms. * Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. * Strengthen the business through optimizing execution, application, and technology used to protect the Company. * Innovate by investing in core capabilities to enhance operational efficiency. Team Description: Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. What You'll Do: * Independent audit support for: * SOX 404 ITGCs * PII * PCI * ISPS * Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. * Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. * Develop and lead the Control Assurance Programs (ISPS and SOX). * Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. * Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. * This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. * Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. * Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) * Ensure for timely management response of audit findings into our corporate SOCD/SAD. * Oversee ISPS Management Audit coordination and open action plans. * Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. * Management of GRC workflows around coordination of certifications and attestations. * Partner with leadership to support the PCI-DSS compliance program. * Develop training materials, coordinate training sessions, and monitor compliance with training requirements. * Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. * Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. * Provide executive level updates on Compliance programs Must Haves (Years of Experience, languages, programs, tools, etc.): * Minimum of 8 years of related work experience, with 3 in management roles * IT SOX experience and proven experience in supporting IT audit/compliance functions * Experience in managing people * Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives * Interpersonal skills with the ability to work with teams cross-functionally * Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators * Detail-oriented but able to understand the big picture. Highly organized and efficient * Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments * Experience with cloud-based services, specifically AWS Nice To Haves (see above): * Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR * Experience working with companies that have a heavy microservice architecture Education: Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. About The Walt Disney Company (Corporate): At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe. About The Walt Disney Company: The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate). Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information or disability, or any other basis prohibited by federal, state or local law. Disney champions a business environment where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a constantly evolving world. Apply Now Apply Later Current Employees Apply via My Disney Career Explore Location

About This Role Who We Are: CAE Vision: Our vision is to be the worldwide partner of choice in defense and security, and civil aviation by revolutionizing our customers' training and critical operations with digitally immersive solutions to elevate safety, efficiency and readiness. CAE Defense & Security Mission: CAE's Defense and Security business unit focuses on helping prepare military customers to develop and maintain the highest levels of mission readiness. CAE Values: Empowerment, Innovation, Excellence, Integrity and OneCAE make us who we are and we strive to make a difference in the world while helping each other succeed. What We Have to Offer: Comprehensive and competitive benefits package and flexibility that promotes work-life balance A work environment where all employees are valued, respected and safe Freedom to succeed by enabling team members to deliver, take initiatives and make decisions Recognition, professional development, advancement and having fun! Summary As an Information Systems Security Manager (ISSM) you will join the CAE USA, Inc. Classified Cyber Security Team supporting Department of Defense (DoD) programs to ensure classified information systems meet cyber security requirements and government directives. Essential Duties and Responsibilities Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Integrate the Classified Cyber Security Program function with the Program Management leadership team in order to execute the strategic cyber security goals of the assigned portfolio Assist program personnel at offsite locations to ensure they meet USG certification requirements and are properly trained to execute the cybersecurity program effectively and maintain security compliance Provide direct leadership and mentorship to Cyber Security Professional team members executing on tactical milestones, ensuring success for both portfolio programs and the Cyber Security organization Serves as the primary liaison with various government Authorizing Officials (AO) for business within their area of responsibility. The successful candidate will have a background in cyber security, project management, leadership, collaborative teaming and process improvement initiatives. Interpret the Joint Special Access Program Implementation Guide (JSIG) in determining technical Information Assurance (IA) requirements, conduct cyber risk assessment activities including vulnerability analysis, analysis of mitigation solutions and ensure proper security implementation of the Risk Management Framework (RMF). Develop system documentation for information system authorization, security management, and continuous monitoring of both networked and standalone information systems. Ensure that selected security controls are implemented and operating as intended during all phases of the information system lifecycle. Coordinate and drive continuous monitoring activities in accordance with DoD requirements by monitoring security infrastructure and security alarm devices for Indicators of Compromise (IOC) utilizing SIEM and cybersecurity toolsets. Perform hardware/software configuration management Conduct technical investigative activities, data integrity containments and assist with reports of investigation for IA related security events. Coordinate with cyber systems security engineers, system architects, and developers to provide oversight in the development of secure technical solutions. Participate in implementation of current and future security domains and architectures including those which may introduce new service areas. Qualifications and Education Requirements Graduate Degree and a minimum of 2 years of prior related experience, OR Bachelor's Degree in discipline (STEM) and minimum 7 years of prior relevant experience Currently possess an active DoD 8570.01-M IAM level III certified credentials (e.g. CISSP, CISM, GSLC) Subject matter expert regarding security standards and frameworks, rules and regulations, and system trust principals, such as, FIPS, NIST SP 800 Series, JSIG, DAAPM, and/or ICD. Experience managing cybersecurity requirements and /or team(s) operating in collateral, Special Access Programs (SAP) and /or Specialized Compartmentalized Information (SCI) environments for an enterprise/major business portfolio of programs. Experience successfully interfacing with internal/external customers (DCSA, AO/DAO, GCAs, IT, Program Managers, Program Engineering, Cyber Architects/Engineers, etc.) Experience leading the authorization and approval (A&A) of classified information systems Experience managing people and technical resources Excellent communications skills, oral and written Demonstrated strong critical thinking and problem-solving skills Self-motivated and possesses good written, verbal, listening and presentation skills, particularly in documenting evaluation results Confident personality with the ability to effectively prioritize multiple projects Ability to work with people in a team environment and deal effectively with changing project priorities Due to U.S. Government contract requirements, only U.S. citizens are eligible for this role. Preferred Skills Working knowledge of Windows and Linux environments Experience with SIEM and Compliance scanning tools (e.g. Splunk, Nessus, ACAS, SCC SCAP, Solar Winds, STIG Viewer, Vulnerator, etc.) Self-driven and results-oriented capable of effectively working multiple tasks concurrently and across an ambiguous and uncertain landscape Ability to motivate, inspire, grow Cybersecurity Team members Project management experience Self-driven and results-oriented capable of effectively working multiple tasks concurrently and across an ambiguous and uncertain landscape Security Responsibilities Must comply with all company security and data protection / usage policies and procedures. Personally responsible for proper marking and handling of all information and materials, in any form. Shall not divulge any information, or afford access, to other employees not having a need-to-know. Shall not divulge information outside company without management approval. All government and proprietary information will be accessed and stored electronically on company provided resources. Incumbent must be eligible for DoD Personal Security Clearance. Due to U.S. Government contract requirements, only U.S. citizens are eligible for this role. Work Environment This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines. Some travel may be required. Physical Demands The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Ability to operate a personal computer and sit at workstation for extended periods of time Ability to lift 50 pounds Salary Range: $128,200 to $168,300 The actual compensation rate is subject to the evaluation of the following factors (but not limited to): the candidate's work experience, qualifications, skills, internal equity, and market. OTHER DUTIES Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for their job. Duties, responsibilities, and activities may change at any time with or without notice. CAE USA Inc. is an equal opportunity employer, and all qualified applicants will be considered for employment without regard to any protected characteristic, including disability and protected veteran status, as defined under federal, state, or local laws. Applicants needing reasonable accommodations should contact their recruiter at any point in the recruitment process. If you need assistance to submit your application because of incompatible assistive technology or a disability, please contact us at ******************* Position Type Regular CAE thanks all applicants for their interest. However, only those whose background and experience match the requirements of the role will be contacted. Equal Opportunity Employer CAE is an equal opportunity employer committed to providing equal employment opportunities to all applicants and employees without regard to race, color, national origin, age, religion, sex, disability status, protected veteran status, or any other characteristic protected by federal, state or local laws. At CAE, everyone is welcome to contribute to our success. Applicants needing reasonable accommodations should contact their recruiter at any point in the recruitment process. If you need assistance to submit your application because of incompatible assistive technology or a disability, please contact us a t **************************** .

At CVS Health, we're building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care. As the nation's leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues - caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day. **Position Summary:** Development & Enforcement + Develop and enforce engineering security policies and standards, specifically with the Illumio Platform: + Illumio PCE (Policy Compute Engine) management + Illumio VEN (Virtual Enforcement Node) deployment + Label-based policy creation and Illumination (visualization) usage + Expertise in creating and managing security policies, segmentation templates and policy objects + Build and understanding of service definitions and rulesets + Leadership of policy creation, testing and validation + Experience with application dependencies and communication patterns + Understanding of workload communication patterns and ability to conduct traffic flow analysis + Strong troubleshooting abilities and experience with monitoring network performance, as segmentation directly impacts traffic flow and application connectivity. + Develop and enforce data security policies and standards. + Drive security awareness across the organization. + Lead the development and enforcement of comprehensive security policies and standards, integrating advanced security practices throughout the software development lifecycle to mitigate risks and align with industry-leading security protocols. Collaboration & Expertise + Collaborate with Engineering and Business teams to develop secure engineering practices. + Act as a pivotal security leader, driving the integration of secure engineering practices across the organization while liaising with senior management to ensure a cohesive security strategy that aligns with business objectives. Analysis & Configuration + Analyze, develop, and configure security solutions across multi-cloud, on-premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data. + Lead security testing, vulnerability analysis, and documentation. + Spearhead the evaluation and strategic deployment of cutting-edge security solutions, emphasizing scalability, performance, and adaptability, to fortify the organization's defense against evolving threats., Operational Support + Participate in operational on-call duties to support a 24/7 infrastructure across multiple regions and environments (cloud, on-premises, colocation). + Lead by example in incident response situations, orchestrating rapid and effective responses while leveraging these experiences to bolster future resilience and response strategies. Mentorship and Training + Demonstrated leadership skills with developing a comprehensive mentorship program for junior engineers, including organizing regular training sessions to elevate the team's technical and security skills. This role requires a commitment to fostering a culture of continuous improvement and knowledge sharing. Innovation and Research + Proven track record with participation in security research and the exploration of next-generation security tools and practices. This includes encouraging the team to engage with the wider security community, contributing to open-source projects, and staying well-informed of emerging threats and innovative defense mechanisms. Strategic Planning + Play a key role in the strategic planning of the organization's security roadmap, including conducting thorough risk assessments, allocating budgets for security initiatives, and aligning long-term security strategies with overarching business goals. This responsibility includes advocating for security within the company and ensuring that security considerations are paramount in all technology decisions. **Required Qualifications:** + 7+ years of experience in developing and deploying security technologies. + 5+ years of experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA). + 5+ years of experience in Public Cloud (AWS/Azure/GCP) and Network Security. + 3+ years of experience with Docker, Kubernetes, Security-as-Code, and Infrastructure-as-Code. + 3+ years of experience with one or more general-purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell. **Preferred Qualifications:** + Proven track record in leading security initiatives from inception through to successful deployment, demonstrating exceptional project management skills and the ability to navigate complex stakeholder landscapes. + Strong technical expertise with Architecting Public Cloud solutions and processes. + Strong technical expertise with Networking and Software-Defined Networking (SDN) principles. + Strong technical expertise with developing and interpreting Network, Sequence, and Dataflow diagrams. + Experience with direct, remote, and virtual teams. + Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA). + Strong technical expertise with security solutions for data warehouses and big data platforms, particularly with technologies like Snowflake. + Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability. + Experience in influencing industry security standards and contributing to open-source projects or security communities, highlighting a broader impact beyond the immediate organization. + Illumio Core: Expert Certifications - On-Premise & SAAS **Education:** + Bachelor's degree or equivalent experience (High School Diploma and 4 years relevant experience) **Pay Range** The typical pay range for this role is: $130,295.00 - $284,280.00 This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above. This position also includes an award target in the company's equity award program. Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong. **Great benefits for great people** We take pride in our comprehensive and competitive mix of pay and benefits - investing in the physical, emotional and financial wellness of our colleagues and their families to help them be the healthiest they can be. In addition to our competitive wages, our great benefits include: + **Affordable medical plan options,** a **401(k) plan** (including matching company contributions), and an **employee stock purchase plan** . + **No-cost programs for all colleagues** including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching. + **Benefit solutions that address the different needs and preferences of our colleagues** including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility. For more information, visit ***************************************** We anticipate the application window for this opening will close on: 01/21/2026 Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws. We are an equal opportunity and affirmative action employer. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

This role is located in New York City and will require a hybrid work schedule of at least 2 days in office per week. This role is for Vice President level candidates. About the Bank: Sumitomo Mitsui Trust Bank, Limited was established through the merger of The Sumitomo Trust and Banking Co., Ltd with Chuo Mitsui Trust and Banking, Ltd. on April 1, 2012. We are one of the largest asset managers in Asia and number one among Japanese financial institutions by AUM, with approximately $850 Billion USD in AUM. The Bank provides an assortment of financial solutions and manages a broad spectrum of financial products across its global branches. Department Overview: The Americas Division (“AD”) was established in the Sumitomo Mitsui Trust Bank, Limited, New York Branch) (“SMTBNY”) to perform corporate functions and supervise U.S. entities. Established under the AD are the “Global Banking Unit (“GBU”), Americas Division” and “Global Markets Unit (“GMU”), Americas Division” which performs business functions. Information Risk Governance (“IRG”) provides oversight to information and cyber security risk by maintaining and improving branch wide framework that is in-line with the Head Office and regulatory requirements and addresses Confidentiality, Integrity, and Availability for information assets. IRG establishes appropriate policies, procedures, measurement, and monitoring processes to proactively assess and evaluate cyber security and information security risks inherent in the Branch Operations. IRG is directly involved in all information and cyber security related projects, matters, and issues. Your Role Overview: To assist the Head of the Department with the day-to-day management and operation of the department. To assume the role of Information Security Officer and take the lead on overseeing the timely completion of the department's critical risk management projects. To provide direct assistance to the Head of the Department with regards to accomplishing the department's goals and objectives. To manage, guide and mentor other staff members with the preparation and completion of their assigned tasks. To contribute significantly to the overall success of the department in all key risk management and cyber security areas. Directly oversee completion of all critical projects, assist the HOD with implementing desired operational strategies and procedures. Recommend ways to improve efficiency, effectiveness, and productivity. Focus on proactive day-to-day operations. As ISO, assist with overseeing all information and cyber security matters. Your Duties and Responsibilities: Maintain and improve the information risk framework with guidance from HOD, address regulatory requirements, residual information risks specific to NY Branch Operations. Provide Information Security subject-matter-expertise to senior management. Work with IRT and coordinate incident responses to cyber security events. Keep abreast of industry wide information risk issues that could potentially have an impact on Branch Operations. Establish processes for communicating data classification guidelines and its governance. Oversee employee information security awareness training. Assesses and evaluates critical risk management projects: Annual Risk Assessment. Semi-annual Vulnerability Assessments. Special Risk Assessments done for a Particular Purpose Trend analysis of key risk management concepts and principles Attend the ISSRM and Branch Risk Management related meetings. Performs key information risk governance related tasks as described below: Provides User Access Control Governance. Monitors, analyzes and follows-up on Information Risk events/issues. Reviews information risk and proactively advises as necessary on: IT Projects/Issues Management process, Change Management Process, significant changes to IT procedures, IT Asset Management Report, key IT Vendor Contracts, IT Disaster Recovery Plan/Process, Record Retention Process, any related audit findings, etc. Establish and maintain Information Risk Key Risk Indicators (KRI). Periodically updates IT resources on Information risk related practices. Manages all information and cyber security policy and procedures manuals. Assist with the management of all matters related to Information Security and Information Risk Management, including directing appropriate Information/Applications Risk Assessments. Your Qualifications: Certification in Information Security (CISSP) required. 8+ years of Information Security related experience, IT Audit experience, preferred. Knowledge of Information Security principles, terminologies, and technologies required. Knowledge of Information Risk Management framework and principles required. Ability to analyze and design information security monitoring procedures and activities preferred. Detailed Knowledge and expertise in Technology Risk Assessments and Risk Analysis required. Excellent written and verbal communication skills, required. Good computer skills in Microsoft Office Excel and Word required. Strong project management and people management skills. preferred Why you should join SuMi Trust: SuMi Trust embraces flexible ways of working when the business and role permits. We provide employees with a hybrid working model, allowing for in-office work and work from home. Our diverse and inclusive environment along with our global presence enables us to collaborate and communicate to meet our business needs. We believe that efficient teams need truth, loyalty, and a strong sense of purpose to balance risk and their targets. We make sustainable business decisions to improve our society and the world. We believe that each person brings a unique value that drives the business though their creativity and passion. The Employee Benefits package includes: Paid Time Off, medical, HSA, vision, dental, FSA, 401(k), profit sharing, legal plan, cancer indemnity plan, disability insurance, life insurance, employee assistance program, commuter benefits, business travel accident, paid volunteer day, paid memberships, paid seminars, and tuition assistance. We offer many socialization opportunities for wellness, financial wellbeing, runs/walks, team building, happy hours, and activities to support the Sustainable Developmental Goals. Check out our LinkedIn for our employee experience: *************************************** We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law. SuMi Trust provides reasonable accommodations for employees and applicants with disabilities consistent with applicable law. If you need a reasonable accommodation during the application

About Us: Piermont Bank is a commercial bank with a mission to serve growth companies. We are entrepreneur-led and tech-forward. We believe in being a partner for enterprising companies, acting as a catalyst for mid-market innovation and growth. Piermont's financial solutions and expertise empower our business community to thrive. At Piermont, we are purpose-driven, practical, and offer fast answers and flexible solutions, creating value for clients in today's fast-changing economy. For more information, visit ********************* The Role: The Information Security Manager is responsible for developing, implementing, and maintaining the bank's information security program to protect sensitive data, systems, and infrastructure. This role ensures compliance with regulatory requirements, manages risk, and leads initiatives to safeguard the bank against cyber threats. The Information Security Manager will collaborate with IT, risk, and business teams to promote a culture of security awareness and drive continuous improvement in security practices. Responsibilities: Design, implement, and manage information security policies, procedures, and controls. Perform initial and annual due diligence on critical vendors and BaaS Third Party vendors. Monitor and respond to security incidents, vulnerabilities, and threats. Conduct risk assessments, security audits, and compliance reviews. Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.Lead security awareness training and education programs for employees. Collaborate with IT and business units to ensure secure system architecture and data protection. Maintain up-to-date knowledge of regulatory requirements (e.g., FFIEC, GLBA) and ensure ongoing compliance. Prepare reports for senior management on security posture, incidents, and risk mitigation activities. Manage relationships with external vendors, auditors, and regulatory agencies. Qualifications: Bachelor's degree in Information Security, Computer Science, or a related field; relevant certifications (CISSP, CISM, or similar) strongly preferred. Minimum of 7 years' experience in information security, preferably within banking or financial services. Strong knowledge of security frameworks, regulatory requirements, and risk management practices. Experience with security technologies, incident response, and vulnerability management. Excellent analytical, problem-solving, and communication skills. Ability to lead cross-functional teams and manage multiple priorities. High ethical standards and commitment to confidentiality and compliance. The hiring range for this position is $140,000 to $175,000 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's job-related knowledge, skills, and experience, among other factors. A bonus and/or incentives may be provided as part of the compensation package, in addition to the full range of medical, dental, vision, 401k, and other benefits. Piermont Bank is an equal-opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based upon race, religion, color, national origin, political affiliation, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability or other applicable legally protected characteristics.

We are seeking a highly skilled Senior Information Security Engineer to join our growing Information Security team. This role is critical to strengthening our security posture as we integrate AI-driven solutions across our organization. The Senior Information Security Engineer is responsible for enabling the business to move rapidly, securely, and with greater agility. You will assess risk, design secure solutions, and ensure technology is implemented with a high level of security and data protection. The Senior InfoSec Engineer will possess the ability to apply advanced risk analysis, threat modeling and secure design concepts along with critical thinking skills to rapidly implement secure technology solutions. You will be expected to lead Information Security projects and participate in business projects as the lead InfoSec Engineer to design, implement, and securely administer business systems and the adoption of new technology. Responsibilities * Security Architecture: Partner with the Senior InfoSec Architect to design, develop, and implement secure solutions for systems, applications, and networks. * Secure SDLC Integration: Collaborate with cross-functional teams to embed security into the system development lifecycle. * DevOps Collaboration: Work with DevOps to configure, operate, and optimize security controls within CI/CD pipelines. * Technology Evaluation: Analyze security tools, products, and services; recommending improvements and deploy enterprise-wide security solutions. * Hardening Standards: Apply industry-standard hardening practices for various new technologies and platforms. * Documentation & Compliance: Develop technical standards, procedures, and process documentation to ensure compliance with regulatory and internal requirements. * Project Leadership: Lead execution of security projects and initiatives, driving timely and effective delivery. * AI Risk Assessment: Identify and mitigate risks associated with AI adoption, including adversarial attacks, model poisoning, and data privacy concerns. * AI Security Controls: Design and implement security controls for AI/ML platforms to safeguard data confidentiality, integrity, and availability. Qualifications * Bachelor's degree in computer science, Information Systems, Engineering, or related field. * 7-10 years of hands-on cybersecurity engineering experience, including application, network, identity, and cloud security. * Excellent communication, analytical, and interpersonal skills. * Strong time management and ability to work independently Certifications: * CISSP (CISSP-ISSE), CCSK, CCSP, CISM, OSCP, CEH preferred; AI security certifications a plus. Technical Expertise: * Secure system integrations using APIs. * Strong knowledge of security frameworks, cloud services, IT infrastructure, and regulatory requirements. * Experience with IAM, Zero-Trust, and identity-centric security practices. * Proficiency in scripting (Python, PowerShell, Bash) for automation and security tooling. * Familiarity with DevSecOps and integrating security into CI/CD pipelines. AI & Emerging Tech: * Understanding of AI security frameworks and risk management principles. Benefits * Medical * Dental * Vision * 401(k) Match * Profit Sharing * Paid Time Off * 11 Holidays * Tuition Reimbursement * Free Parking throughout Tompkins Community Bank * Employee Referrals EEO Statement Tompkins is committed to a policy of Equal Employment Opportunity ("EEO") with respect to all team members and applicants for employment and a work environment free from discrimination (including unlawful harassment) based on race, color, religion, sex, sexual orientation, transgender status, gender non-conformity, gender identity, gender expression, national origin, age, marital status, domestic violence victim status, disability, predisposing genetic characteristics, military or veteran status or status in any group protected by federal, state, or local law. For more information, please click here #communitybank Pay Range USD $120,000.00 - USD $140,000.00 /Yr.

Hours: 37.5 Line of Business: Technology Solutions Pay Details: 91,200 - 136,800 CAD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Job Description: TD Bank is seeking a strategic and technically skilled Manager to join our Information Security team, focused on strengthening our fraud detection, authentication, and CIAM (Customer Identity and Access Management) capabilities. This role will lead the expansion of our monitoring and alerting footprint across enterprise platforms, ensuring control effectiveness, regulatory alignment, and rapid incident response in a complex financial environment. Key Responsibilities * Lead the design and deployment of monitoring and alerting strategies using Splunk, Datadog, Dynatrace, and Databricks across TD's digital ecosystem * Define alert thresholds and tuning logic to minimize false positives while maintaining high sensitivity to fraud and access anomalies * Oversee triage workflows for triggered alerts, coordinating with global teams to ensure timely investigation and resolution * Develop governance frameworks for alert lifecycle management, including setup, ownership, escalation, and audit readiness * Monitor control effectiveness across CIAM, authentication, and fraud domains, driving continuous improvement * Collaborate with fraud and cybersecurity teams to support incident investigations and mitigation strategies * Analyze alert trends and performance metrics to inform strategic improvements and risk prioritization * Champion automation and workflow optimization for alert handling, reporting, and compliance documentation * Ensure alignment with TD's enterprise risk management and regulatory obligations (e.g., OSFI, OCC) * Provide mentorship and leadership within the security monitoring team, fostering a culture of accountability and innovation Required Qualifications & Expertise * 5+ years of experience in information security, CIAM/fraud detection, or observability engineering within financial services * Hands-on expertise with Splunk, Datadog, Dynatrace, and Databricks for alert creation, analytics, and dashboarding * Strong understanding of CIAM, authentication protocols, and fraud risk indicators in regulated environments * Experience designing governance frameworks and control monitoring programs aligned with financial compliance standards * Proven ability to lead cross-functional teams and drive incident response processes across geographies * Excellent communication and documentation skills, with a strategic mindset and attention to regulatory detail Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation Your accessibility is important to us. Please let us know if you'd like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process. We look forward to hearing from you! Language Requirement (Quebec only): Sans Objet

About Hofstra Hofstra University is nationally ranked and recognized as Long Island's largest private university located in Hempstead, N.Y. When you work at Hofstra, you join a team of talented professionals committed to preparing students for the challenges of tomorrow, in an environment that cultivates learning through the free and open exchange of ideas for the betterment of humankind. The work we do at Hofstra supports the education and well-being of our students, and the workforce of the future. While working towards this mission, employees can take advantage of many enriching experiences on campus. Whether it's a lunchtime lecture, a Division I NCAA athletics game, a musical concert, a theatre performance, or a visit to one of our two accredited museums, there is always something exciting to do at Hofstra. Enjoy the ease of going to the fitness center, taking a swim, or grabbing a bite to eat without having to leave our beautiful campus! Hofstra University is dedicated to recruiting and retaining a highly qualified and diverse academic community of students, faculty, staff, and administrators respectful of the contributions and dignity of each of its members. We welcome applications from individuals of all backgrounds and experiences and are committed to building a diverse and inclusive community. Position Title Director of Information Security Position Number 896570 Position Category Administration School/Division ITS Information Security (division) Department ITS Information Security Full-Time or Part-Time Full-Time Description Reporting to the Chief Information Officer (CIO), the Director of Information Security is a member of the ITS senior leadership team and works closely with the campus community, including academic and administrative departments. The Director is an advocate for the University's information security needs and is responsible for the development and delivery of a comprehensive information security strategy to optimize the information security posture of the University. The Director leads the development and implementation of a security program that leverages collaborations and campus-wide resources, facilitates information security governance, advises senior leadership on security direction and resource investments, and designs appropriate policies to manage information security risk. The complexity of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a sophisticated ability to work with other leaders to set the best balance between security strategies and other priorities at the campus level. Information Security Program Leadership * Responsible for the strategic leadership of the University's information security program. * Provide guidance and counsel to the CIO and key members of the University's leadership team, working closely with senior administration, academic leaders, and the campus community in defining objectives for information security, while building relationships and goodwill. * Manage institutional information security governance processes. * Lead information security planning to establish an inclusive and comprehensive information security program for the entire institution in support of academic, research, and administrative information systems and technology. * Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services, and create maturity models and a roadmap for continual program improvements. * Stay current with information security issues and regulatory changes affecting higher education at the state, national, and global levels. Participate in policy and practice discussions and communicate to campus on a regular basis about those topics. Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position. * Provide leadership philosophy for the ITS Information Security team (currently two staff, in addition to the director), create and maintaining strong working relationships with other teams, build respect for the contributions of all and bring groups together to share information and resources and create better decisions, policies, and practices for the University. * Provide mentorship to Information Security team members and implement professional development plans for all members of the team. * Special projects and other duties as assigned. Policy, Compliance, and Audit * Participate in the development and implementation of effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation. * Lead efforts to internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the University's information and technology systems. * Work with Internal Audit, outside auditors, and other consultants as appropriate to complete security assessments and audits. * Coordinate and track all information technology and security related audits including scope of audits, units involved, timelines, participants, and outcomes. Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the institution in its best light. Provide guidance, evaluation, and advocacy on audit responses. * Work with University leadership and relevant responsible compliance department leadership to build cohesive security and compliance programs for the University to effectively address applicable statutory and regulatory requirements. Outreach, Education, and Training * Work closely with other ITS leaders, technical experts, and academic and administrative leaders across campus on a wide variety of security issues that require an in-depth understanding of the IT environment in their units, as well as the research landscape and regulations that pertain to their unit's research areas. * Create education and awareness programs and advise academic and administrative units at on security issues, best practices, and vulnerabilities. * Work with campus groups to build awareness and a sense of common purpose around information security. * Pursue student security initiatives to address unique needs in protecting identity theft, mobile social media security, and online reputation program. Risk Management and Incident Response * Keep abreast of security incidents and act as primary control point during significant information security incidents. Convene a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidences that arise. * Develop, implement, and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk. * Provide leadership, direction, and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies. * Examine impacts of new technologies on the University's overall information security. Establish processes to review implementation of new technologies to ensure security compliance. Qualifications * Bachelor's degree required. * Minimum five years of full-time professional experience in information technology, including evidence of successful and progressively responsible roles in information security or related area (including growth in levels of responsibility, complexity of work, numbers, and sophistication of employees) related to the essential responsibilities listed. * Demonstrated fluency in written and spoken English with the sophistication necessary to effectively communicate technical details to both technical and non-technical individuals. * Demonstrated willingness and ability to carry out the essential responsibilities listed with humility, grace, and optimism. * Demonstrated understanding of, sensitivity to, and respect for the academic, cultural, and social diversity in the Hofstra University community. Preferred Qualifications * Advanced degree in computer science, computer engineering, information security, or related field strongly preferred. * One or more relevant professional certifications (e.g., CISSP, CISM/A, etc.) strongly preferred. * Experience with state and federal information security regulatory requirements (GLBA, FERPA, HIPAA, etc.) and other compliance requirements (PCI, etc.). * Knowledge of and experience applying industry-standard IT security frameworks (NIST, IHECF, etc.). * Significant experience in computing and information security, network security issues, and security incident response and recovery in a higher education environment. * Significant experience in communicating information security principles and concepts to non-technical stakeholders, and success in improving cybersecurity awareness in a higher education environment. * Working knowledge of the information security policy and regulatory environment of information security, particularly in higher education. * Demonstrated experience and success in advising and collaborating with key stakeholders relevant to the essential responsibilities listed, including senior leadership, Internal Audit, outside auditors, and consultants. * Professional experience in a leadership role in a higher education institution. Special Instructions Deadline Open Until Filled Date Posted 09/18/2023 EEO Statement Hofstra University is an equal opportunity employer and is committed to extending equal opportunity in employment to all qualified individuals without regard to race, color, religion, sex, sexual orientation, gender identity or expression, age, national or ethnic origin, physical or mental disability, marital or veteran status or any other characteristic protected by law. Salary/Salary Range $160,000 - $170,000 Additional Information Hofstra University provides the above salary* as a good faith estimate of the starting pay range which considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience and education. In addition to the salary offered, we offer a collegial and inclusive culture, and a benefits program which includes generous paid time off, paid holidays, tuition remission for employees and eligible dependents, and a retirement plan with University contributions. * Salary ranges indicated for positions covered under a Collective Bargaining Agreement are in accordance with the CBA.

The Systems Engineer position is responsible for providing full cycle implementation and support of customer systems, while working across multiple company departments to ensure full client satisfaction. Under the direction of a manager or dispatcher, coordinates the design and maintenance of all access control, intrusion, and video surveillance systems. Incumbent receives and evaluates work orders and requests, investigates requests and troubleshoots problems where appropriate, establishes priorities and coordinates with contractors, when required. Requirements Essential functions and responsibilities: Assists with security systems integration, mapping and software updates and helps train personnel in the use of these systems. Assists on new projects in both existing areas and new construction helping with security assessments, vendor selection, technology upgrades, product selections, testing, field verification of systems and inspection of work in progress for compliance with standards Assess work sites, conditions, and logistics for each project; Develop Method of Procedure based on pre-project assessment. Design, develop and provide documentation of systems, configurations, and other pertinent information for the customer. Communicate with clients to resolve issues in a professional and confidential manner; Develop and execute client specific solutions. Manage the allocation of project resources, including software, hardware, tools, and related items specific to each customer and/or project. Direct the work responsibilities of union labor personnel based on specific project needs. Design and oversee training programs for new and existing customers; Determine which customers receive training. Collaborate with Customer Relationship Managers on demonstrations for new and potential clients. Perform installation, configuration, programming, and final commissioning of customer systems. Work collaboratively with installation, project management and engineering teams. Perform infrastructure services, including pulling cables, installing wall, and ceiling cabling, and installing surface mounted devices, as required. Perform system wiring and terminations services, as required. Deliver on-going remote and on-site technical support for existing customers and systems. Additional responsibilities may be required as necessary, including but not limited to: Provide internal support for basic trouble shooting. Organizes and manage parts stock and tools. Perform other duties as needed. Success factors/job competencies: Effectively communicate both in writing and verbally Work independently and prioritize multiple tasks and adapt to needed change Analysis Mechanical aptitude Comprehend technical language and read and interpret blueprints, wiring diagrams, and schematics Safety orientation Customer Focus Attention to Detail Teamwork/Collaboration Stay abreast of changes in security technology Physical demands and work environment: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Individual will be required to travel to customer sites as needed. While performing the duties of this job, the employee is occasionally exposed to moving mechanical parts. The employee is occasionally exposed to outside weather conditions and risk of electrical shock. Individual will regularly be required to lift, push, pull, and carry up to 50 pounds, and occasionally up to 75 pounds. Incumbent will be required to use a computer with keyboard, telephone, or handheld mobile device for extended periods of time, and office machinery as needed. Incumbent must be able to read, see, hear, and speak. Workdays and Shifts: Position works Monday-Friday, daylight hours, and additional time as needed to complete work. Education/Certification(s)/License(s) required: Bachelor's Degree in Electronics, Information Technology or related field, or equivalent experience. May be required to participate in safety trainings and/or certifications provided by the Company or customers. Valid driver's license, as employee will be required to travel to local and overnight client sites as needed. Manufacturer specific certifications, as required. Responsible to maintain active certifications and obtain new and updated certifications as required by the Company. Experience/Other required: Position requires two (2) to three (3) years of relevant experience in the electronic services. Strong knowledge of Microsoft Office. Strong computer skills with advanced software aptitude. Security systems to include, service and maintenance across a broad spectrum of access control, intrusion and video surveillance systems such as, Genetec, Milestone, Bosch, and DMP. Applicants must be currently authorized to work in the United States on a full-time basis. Visa sponsorship is not available for this position. This is a full-time, in-person position, and candidates must be able to work from our office located in Pittsburgh, Pennsylvania.

Triple Cities Network Solutions (TCNS) is seeking an experienced Cybersecurity Engineer to strengthen our internal and client-facing security posture. This role plays a key part in designing, implementing, and maintaining cybersecurity solutions across multiple client environments while ensuring compliance with frameworks such as CMMC, NIST 800-171, CIS Controls, and other relevant standards. You will act as both a technical security expert and compliance advisor, working closely with our internal IT, service delivery, and client success teams to ensure that TCNS and its customers maintain the highest levels of security maturity. Key Responsibilities Security Engineering & Operations Design, deploy, and maintain security tools and infrastructure for both internal and client environments (e.g., EDR, SIEM, MFA, patch management, vulnerability scanning, email security, and firewalls). Lead threat detection and response efforts-analyzing alerts, investigating incidents, and coordinating remediation activities. Perform regular security assessments and penetration tests to identify and mitigate vulnerabilities. Develop and maintain secure configurations and baselines across systems, applications, and network equipment. Compliance & Risk Management Serve as the primary technical lead for CMMC, NIST 800-171, and other compliance initiatives for internal systems and managed clients. Build and maintain compliance documentation, SSPs, and POAMs. Conduct internal and client security audits, risk assessments, and readiness reviews. Support clients in achieving and maintaining compliance with federal and industry security frameworks. Automation & Tools Implement and manage security automation across monitoring and compliance systems. Manage integrations between cybersecurity and MSP toolsets. Develop dashboards and reporting mechanisms for ongoing compliance and security metrics. Collaboration & Education Work with internal teams to embed cybersecurity best practices into all MSP services and projects. Provide technical leadership and mentorship to technicians and engineers on cybersecurity processes. Educate customers on cybersecurity hygiene and participate in client-facing meetings or security reviews as needed. Required Skills & Qualifications 3-5+ years of hands-on cybersecurity or systems engineering experience (preferably in an MSP or multi-tenant environment). Strong understanding of security frameworks: CMMC, NIST 800-171, and CIS. Experience with security solutions such as EDR, SIEM, email filtering, DLP, IDS/IPS, and MFA. Familiarity with Microsoft 365 Defender, Azure, and Intune is highly preferred. Knowledge of scripting/automation (PowerShell, or equivalent). Experience producing compliance documentation, audit evidence, and risk assessments. Excellent communication and documentation skills with both technical and non-technical stakeholders. Preferred Certifications CompTIA Security+, CySA+, or CASP+ Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Why Join TCNS Work with a fast-growing MSP supporting diverse clients in regulated industries. Be part of a team that values innovation, automation, and continuous improvement. Opportunity to lead and shape cybersecurity programs across multiple organizations. Competitive compensation, benefits, and ongoing professional development opportunities.