Security architect jobs in Westwood, NJ

JOB FUNCTION The Cybersecurity Engineer will be responsible for implementing and maintaining the firm's cybersecurity technology solutions, monitoring for security incidents and vulnerabilities, coordinating end user activities, and participating in the investigation and response of any breaches or attacks. The ideal candidate will be a self-starter who can work both independently and collaboratively with diverse technical and business teams. He or she will report to the Chief Information Security Officer. Additional responsibilities include: Managing the vulnerability management program, including internal and external scanning, monitoring threat feeds, news sources, and vendor bulletins for risks and tracking remediation Maintaining and monitoring control baselines, hardening standards, asset/coverage metrics, and configuration compliance Monitoring and documenting key performance indicators (KPIs) and governance, risk, and compliance (GRC) evidence Suggesting and evaluating new technologies Educating employees on security best practices to reduce the risk of human error Collaborating with the Cloud, Systems, Network, Database, Desktop, and Development engineering teams on risk identification, analysis, and remediation Assisting with vendor due diligence Assisting with physical security infrastructure projects, maintenance, and updates QUALIFICATIONS The ideal candidate should have the following experience: 3+ years of experience in a Security Engineer role Proficiency with managing EDR solutions, SIEM, network security, cloud security, mobile security, vulnerability management, identity and access management, encryption, and a solid understanding of operating systems like Windows and Linux Strong ability to analyze security data, identify threats, and create effective solutions Ability to document and communicate technical information clearly to both technical and non-technical audiences Scripting/automation experience a plus The ideal candidate possesses the following traits: Creativity: the ability to deploy different approaches and be resourceful. Intellectual curiosity: passion for learning and investigating a broad range of subject matter; satisfaction derived from the consumption and understanding of information and increasing knowledge base. Accountability: ownership of individual responsibilities and work product. Strong people skills: ability to build relationships internally and externally and to be versatile in engaging with different constituents.

Chief Information Security Officer (CISO) 📍 💰 Base Salary: Up to $325,000 + Bonus + Equity 🏢 Our Client: A Blockchain & Digital Asset Infrastructure Company About Our Client Our client is a fast-growing organization building infrastructure, software, and services that support the next generation of blockchain and digital asset ecosystems. They power secure transactions, institutional-grade solutions, and high-performance platforms used across the crypto economy. As the business scales, they are expanding their leadership team with a Chief Information Security Officer (CISO) who will own the strategic direction, operations, and continuous improvement of all information and cybersecurity initiatives. Role Overview The CISO will set the long-term vision for security across the entire organization, covering infrastructure, products, employee environments, and customer-facing systems. This leader will ensure that the company's digital asset capabilities, blockchain networks, APIs, and cloud environments meet the highest standards of protection, resilience, and regulatory readiness. This role requires an executive who can operate across technical, operational, and strategic levels-partnering with engineering, legal, compliance, product, and leadership teams. Key Responsibilities Design and drive a holistic security strategy covering infrastructure security, application security, product security, data governance, and operational risk. Safeguard digital asset environments, including wallets, key management systems, consensus mechanisms, and blockchain-based services. Build and lead an advanced threat detection, monitoring, and incident response program, ensuring rapid response and clear communication pathways. Collaborate with engineering teams to integrate secure development practices into blockchain, smart contract, and cloud-native workflows. Establish and maintain security controls, audits, and certifications, ensuring alignment with industry frameworks and regulatory expectations. Oversee vendor security, supply-chain risk management, and third-party assessments. Develop a culture of security throughout the business, including training, policy development, and ongoing risk awareness. Provide regular reports and briefings to the executive team on emerging threats, risk posture, and security roadmap progress. Experience & Qualifications 15+ years of experience in cybersecurity, with at least 5 years leading security organizations or programs at scale. Strong experience in blockchain security, digital asset custody, exchange or infrastructure security, or related crypto-native environments. Demonstrated success leading enterprise security programs that span cloud infrastructure, distributed systems, and high-availability environments. Skilled in working with frameworks such as SOC 2, ISO 27001, NIST, and global data protection standards. Expertise in cloud security (AWS, GCP, Azure), network security architecture, identity management, and DevSecOps. Comfortable operating in fast-moving, engineering-driven environments. Professional certifications (CISSP, CISM, CCISO, etc.) are a strong plus.

A financial firm is looking for a Chief Information Security Officer (CISO) to join their team in New York, NY. Compensation: $150-200K Responsibilities: Define and maintain the enterprise information security strategy, roadmap, and governance framework, aligned with business objectives and regulatory requirements Draft, maintain, and periodically review security-related policies and procedures Establish and chair/co-chair an Information Security / Cyber Risk Committee and contribute to Board-level reporting on cyber risk Develop and maintain the firm's information security governance framework Lead the firm's SOC 1 (Type 1/Type 2) and SOC 2 (Type 1/Type 2) readiness and ongoing attestation efforts Own the control catalog, control testing coordination, evidence collection, and remediation tracking across technology, operations, and third parties Act as primary security point of contact for external auditors, assessment firms, and key institutional partners Ensure security program alignment with SEC Regulation S-P, Reg S-ID, Reg SCI, SEC / Client cybersecurity expectations, and NYDFS 23 NYCRR 500 Partner with Compliance and Legal to interpret new regulations, assess impact, and implement necessary control and policy changes Maintain and periodically test the Incident Response Plan, Business Continuity and Disaster Recovery (BC/DR) from a security perspective Provide security oversight for cloud (AWS) and on-prem infrastructure, including network security, endpoint security, identity and access management (IAM), and data protection Work with Infrastructure/DevOps and application teams to embed secure SDLC practices, including code review, security testing, and secure deployment pipelines Oversee vulnerability management, including patch management processes, penetration testing, and remediation programs Define and oversee Security Operations Center (SOC) / XDR usage, log management, SIEM, threat detection, and incident handling Design and enforce data classification, data loss prevention (DLP), encryption, and key management controls Partner with business and product teams to ensure client data privacy and secure data flows, including with third-party vendors and partners Own the vendor security risk management program, including security due diligence, contract security clauses, and ongoing monitoring Evaluate and manage key security vendors Build and lead a small but high-impact security team, scaling capabilities over time Promote a security-first culture through training, awareness programs, and regular communication with staff at all levels Qualifications: Required Bachelor's degree in Computer Science, Information Security, Engineering, or related field; or equivalent experience 7+ years of progressive experience in information security, including at least 3 years in a leadership role (Head of Security, Deputy CISO, CISO, or equivalent) Hands-on experience leading SOC 1 and/or SOC 2 attestation projects at a financial institution, fintech, or SaaS provider Strong background in financial services or capital markets (broker-dealer, clearing firm, trading platform, or similar) Understanding of Information security frameworks (e.g., NIST CSF, NIST 800-53, ISO 27001) Understanding of Regulatory landscape for U.S. financial firms (e.g., SEC, Client, possibly NYDFS 500) Experience with Identity & access management, network security, endpoint security, and cloud security (preferably AWS) Experience building and maintaining incident response, BC/DR, and vulnerability/patch management programs Strong track record of cross-functional leadership, communicating complex security and risk topics to non-technical executives and boards Preferred Experience as CISO, Deputy CISO, or security leader at a broker-dealer, clearing firm, exchange/ATS, or large fintech Professional certifications such as CISSP, CISM, CISA, CRISC, CCSP or similar Experience with AWS security services Familiarity with DevSecOps practices and secure CI/CD pipelines Experience managing data localization and cross-border data separation initiatives

You will provide guidance and technical support to clients deploying security integrations. You'll act as the technical partner, providing strategic guidance around complex systems to secure a digital environment. Interacting directly with the client, you'll partner closely with client personnel to guide and suggest integrations to better serve their success. Your thorough understanding of our product integrations contributes to the development of new principles and concepts - providing detailed analysis around what's working, what's not, and what could be better. You enjoy implementation work, are proactive about resolving potential concerns, and operate well around strict best practices that enable our clients on their road to a more secure digital world. You're creative, innovative, and you love a challenge - learning how integrations might work better around new products and technologies. Responsibilities Communicate with the customer(s), sales teams, peers, engineering and support teams as appropriate Understand the customer environment, requirements, and security roadmap to implement the appropriate security solution Configure, implement, and maintain Security Operating Platform Optimize and migrate policies and objects from the existing environment to our Next-Gen Firewall Test and validate the migration environment Coordinate and execute cutover to production Provide guidance on code upgrades Facilitate the development of new application and threat signatures Interact with our Technical Assistance Center (TAC) to understand and diagnose support cases Some travel may be required, dependent on customer request You work with the customer's security & network teams to build confidence across the business units impacted by the change Experience High level of experience with Panorama and log collectors NGFW Global Protect BS in Computer Science, MIS, business, or equivalent education/training/experience Minimum of 5 years' experience with network/security solutions and technologies (BGP, SD-WAN concepts, VXLAN and general routing and switching) Minimum of 3 years' experience leading security solutions in large environments) Detailed technical experience in the installation, configuration, and operation of high-end firewall appliances, ideally Palo Alto Networks products You're experienced in internetworking, LAN, and WAN technologies You have a good understanding of Internet protocols and applications Any of the following industry certifications or equivalent experience is a plus: CISSP, CCNA, PCNSE, JNCIE-SEC You effectively handle multiple projects and work calmly in high pressure You're an excellent writer, with strong verbal communication skills, with demonstrable ability to communicate to senior leaders and technical peers

This young and agile company, providing identity risk solutions is currently seeking a Senior Cloud Security Engineer with a focus on Infrastructure and Security to join their growing team. You will assist with the continuous maturation of their Cloud Security services within the Security division. This is an excellent opportunity for an experienced Cloud Security Engineer with experience in both Infrastructure and Security to take the next step into a challenging position with a company offering significant growth potential. About the Company: Founded in the last 10 years, they are one the fastest growing companies in their space. They are a fast-growing company that have built a platform that allows finance organisations and fintechs to strengthen their security defences. Their mission is to allow companies to manage their identity and fraud risk. Everything they do is entrenched in achieving engineering excellence. Their culture is not corporate, and they like to trust their employees to take on a lot of responsibility and have input into the shape of growth of the organisation. About the Senior Cloud Security Engineer (Infrastructure and Security) Vacancy: What you will be doing: • Serve as a cloud security subject matter expert, advise on and implementing best practices • Respond to security incidents and provide timely and appropriate solutions • Conduct cloud security risk assessments and audits • Conduct investigations into security incidents and potential threats • Take part in on call rotations for incident response and remediation • Assist with policy management, security audits, and due diligence for cloud security concerns • Advise on, configuring, and managing a variety of security tools • Keep informed about and respond to emerging security threats and vulnerabilities • Assist with cloud security reviews of potential vendors Ideal Requirements for the Senior Cloud Security Engineer (Infrastructure and Security) Vacancy: • Several years of experience working in a similar role with a focus on Cloud Security in AWS • Experience provisioning infrastructure in AWS using Terraform, CloudFormation, CDK, or similar tools • Experience configuring VPCs, route tables, NACLs, Security Groups, iptables, Web Application Firewall, Config, GuardDuty, Inspector, KMS, IAM, etc. • In depth knowledge of AWS security best practices around systems hardening, monitoring, and incident response • Experience taking part in an on-call rotation • You are passionate about securing infrastructure, reducing risk, and protecting data! • You are a subject matter expert on cloud security in AWS • You have a solid understanding of network architecture and protocols • You can advise on cloud security policies and procedures Apply to the Role: Roles like these are snapped up very quickly, so act now if you do not want to miss out! Reply to this advert or email your CV to **********************

This role is for a mid-to-senior Security Engineer who thrives in a lean, high-performance environment and takes a hands-on, engineering-first approach to security. You will operate as a generalist within a small security team, owning the design, build, and evolution of security systems that protect a highly technical organization with many proprietary platforms. This is not an analyst role; the focus is on building, integrating, and improving security capabilities end to end, with a strong emphasis on problem solving, automation, and how systems work together. You will design and implement enterprise-grade security monitoring, detection, and response solutions, integrating commercial tools and developing custom capabilities tailored to the environment. While the role includes reviewing and triaging alerts from detection and response platforms, the core responsibility is continuously improving detection quality, response workflows, and overall security posture. You will engineer and tune detections using structured data and JSON-based queries, develop automated response and orchestration workflows, and drive improvements across the full incident lifecycle. The position requires close collaboration with teams across the organization, translating security risks and technical concepts into clear, practical language for non-security stakeholders. You will partner with engineering, infrastructure, and product teams to embed security into systems and workflows, applying strong security principles that are portable across technologies rather than tied to a single toolset. The environment is fast-moving and production-heavy, with ongoing adoption of AI-driven technologies and modern development practices. The ideal candidate has several years of experience in security engineering, preferably in a fintech, startup, or similarly high-tech environment, and is accustomed to operating outside of large, siloed security teams. You bring strong hands-on experience with cloud and endpoint security platforms such as Azure, Microsoft Defender, and Elastic, with exposure to tools like Zscaler and Purview considered a plus. You are comfortable coding and scripting, particularly in Python, working with Git-based workflows, and applying infrastructure-as-code concepts. Experience building and operating detection and response systems, security orchestration and automation platforms, and threat-informed defenses is essential. They'll need someone who's fully authorized to work in the US without any sponsorship / visa (cannot support H1B).

Lead Security Engineer - Hands-On Role with Leadership Opportunity We're looking to hire a senior-level Security Engineer who's ready to step up and take the lead. Someone who's still very hands-on technically but also enjoys mentoring others, setting direction, and building scalable solutions that make a real difference. Title: Lead Security Engineer Salary: $160,000 to 190,000 +Bonus Location: Queens, NY (Hybrid) This role sits at the center of engineering, operations, and security-you'll be working directly with software and infrastructure teams to make sure security is embedded into everything we do. You won't just be managing tools; you'll help shape how security is done across the company. If you're based in the NYC area and looking for the next serious step in your career-where your ideas are heard and your work actually drives change-this is worth a conversation. What the Role Looks Like: You'll lead and mentor a small but growing team of security engineers, helping them grow while staying deep in the tech yourself. Work with internal teams to design and implement security solutions-cloud security, PAM, app and system hardening, etc. You'll be the one connecting the dots between development, infrastructure, and security-building relationships across teams and making sure security is part of the process from the start. Help optimize and improve the tools we already have, and figure out what's missing. What We're Hoping You Bring: A few years of experience leading or mentoring other security engineers-you don't need to have managed huge teams, but you've helped others level up. Solid technical background (5+ years in security engineering) and experience with on-prem and cloud security solutions (AWS or Azure). Hands-on knowledge of privileged access, identity management, system hardening, and network security. Strong instincts for risk, practical problem-solving, and keeping systems both secure and usable. Someone who communicates clearly, doesn't get lost in buzzwords, and works well with people across teams. Nice to Have, But Not Dealbreakers: Certifications like CISSP, CEH, CISM Experience with Linux security or scripting Familiarity with CI/CD pipelines and how security fits into DevOps Why This Role Might Be Right for You: You're ready for more responsibility and leadership, but don't want to give up the technical side of the work. You want to be part of a stable company with real backing and complex challenges to work on.

Type : Contract f2f Interview is must We are seeking an experienced AWS Security Engineer to design, implement, and manage security controls across Snowflake and Databricks environments. The ideal candidate will have strong expertise in AWS security, data platform governance, and Python-based automation to ensure secure, compliant, and efficient operations within our cloud ecosystem. Key Responsibilities: Implement, monitor, and enhance security controls across network, application, and data layers for Snowflake and Databricks environments. Manage user access, roles, and permissions in Snowflake or Databricks to ensure compliance with least privilege and governance policies. Configure and manage AWS security components, including IAM roles/policies, S3 bucket policies, EC2, Lambda, and CloudWatch for monitoring and event response. Collaborate with data engineering and platform teams to ensure secure data ingestion, storage, and access controls. Automate security monitoring and configuration management using Python scripting and AWS SDKs. Identify and remediate security vulnerabilities, ensuring continuous compliance with internal and external standards. Contribute to security documentation, audits, and process improvements for data platform security posture.

The Team: The Security Engineering Lead will be responsible for designing, building, and maintaining the organization's security infrastructure. This role requires a highly skilled professional who can lead a team of engineers, implement innovative security solutions, and ensure the resilience of the organization's systems and networks. The ideal candidate will have extensive experience in security engineering, a strong technical background, and the ability to manage and deliver complex security projects. **This Role does NOT provide sponsorship** Salary: $150k-$190k base w/ 20% bonus Responsibilities: Leadership and Management: Lead and mentor a team of security engineers, fostering a culture of continuous learning and innovation. Build and scale a global team to meet organizational needs. Architecting Security Solutions: Assist teams in designing and implementing advanced security solutions, including cloud security, privilege access management and application/system security. Collaboration: Partner with software development, infrastructure, and operations teams to embed security into the development lifecycle and operational processes. Performance Optimization: Regularly evaluate and optimize existing security tools and technologies to ensure maximum efficacy and efficiency. Training and Knowledge Sharing: Develop and deliver technical security training to engineers and other staff, ensuring a strong organizational security posture. Documentation and Reporting: Create detailed documentation for security systems and processes, and provide regular project reports senior management. Required Skills and Experience: Experience (3+ year) in people leadership roles, nurturing security engineers into high-performing teams. Experience (5+ years) in a security engineering role, focusing on designing and implementing security solutions and managing security infrastructure, both on-premise and cloud. Experience working with privilege and identity management solutions. Experience with operating system security and system hardening. Knowledge of network security principles, protocols, and technologies. Strong analytical and problem-solving skills, with the ability to assess risks and develop appropriate security controls. Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders. Ability to work independently, prioritize tasks, and manage multiple projects simultaneously. Strong leadership skills, with the ability to mentor and guide junior team members. Skills and Experience That Would Help You Stand Out: A bachelor's degree in Computer Science, Information Security, or a related field. A master's degree is a plus. Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM) are highly desirable. Linux security experience Familiarity with DevSecOps and integrating security into CI/CD pipelines. Scripting experience.

Job Title: Sr. Cybersecurity Risk Analyst Duration: 24+Months Responsibilities: Build new risk processes and implement risk frameworks to enable better monitoring and evaluation of risks across the City; Manage complex, cross-functional projects, pushing through ambiguity and challenges which may arise; Work with stakeholders across various divisions, soliciting input and working through feedback; Evaluate risk of third parties used by New York City agencies; Document and track remediation of risks in the Risk Register; Review and analyze various cybersecurity risk cases, justification, and exceptions documents submitted by agencies; Assist in the development of cybersecurity risk assessment procedures and testing methodologies based on established frameworks and guidelines; Initiating corrective actions to remediate vulnerabilities or weaknesses where necessary; Engage in communications with NYC Agencies; Handle special projects and initiatives as assigned. Required Sklls: A minimum of 4 years of experience in risk management or cybersecurity risk assessment or 4 years of experience evaluating and managing third parties in a cybersecurity team. DESIRABLE SKILLS/EXPERIENCE: BS/BA degree in Cybersecurity, Risk Management, Information Systems, Computer Science, or a related field. One or more of the following certifications are a plus: Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Certified Information Security Manager (CISM) CompTIA Security+ CompTIA Network+ CompTIA A+ CompTIA CySA+ Cisco Certified Network Associate - CCNA CEH: Certified Ethical Hacker GIAC Information Security Fundamentals (GISF) GIAC Security Essentials (GSEC) (ISC)2 Systems Security Certified Practitioner (SSCP) Ability to work effectively in a team environment. Being highly organized, motivated and a self-directed professional. Knowledge of hardware, software, data, and network principles and systems related to Private and/or Public Sectors services. Understanding of commonly used computer operating systems, databases, network structures. Familiarity with cybersecurity framework(s) (NIST, SANS, PCI, ISO 27001/27002, or CIS) Investigative and analytical skills. Excellent oral and written communication skills; Knowledge of the current and evolving cyber threat landscape; Knowledge of laws, regulations, policies, and ethics related to cybersecurity and information privacy;

We are seeking a highly experienced Network Security Manager to lead the design, implementation, and oversight of network security controls across a complex, multi-cloud, and multi-client environment. This role sits within the Information Security organization and partners closely with Infrastructure, Cloud, DevOps, and Client-Facing Technology teams. The ideal candidate brings deep technical expertise in enterprise network security combined with the leadership and communication skills required to support diverse client environments, regulatory requirements, and evolving threat landscapes. This position plays a critical role in shaping network security strategy while remaining hands-on with architecture, tooling, and incident response. Key Responsibilities Network Security Strategy & Architecture Lead the design and evolution of enterprise network security architecture across on-prem, cloud, and hybrid environments. Define and enforce network security standards for firewalls, segmentation, VPNs, zero-trust networking, and secure connectivity. Support multi-cloud environments (AWS, Azure, GCP) with varying client architectures and risk profiles. Evaluate and implement next-generation network security technologies aligned with industry best practices. Cloud & Hybrid Security Partner with Cloud and Infrastructure teams to ensure secure network design for cloud-native and hybrid deployments. Oversee security controls for: Cloud networking (VPC/VNET design, routing, peering) Secure connectivity (site-to-site VPN, client VPN, private links) Internet ingress/egress and cloud firewalling Ensure consistency of network security posture across diverse client environments. Operations, Monitoring & Incident Response Oversee network security monitoring, detection, and response capabilities. Lead response efforts for network-related security incidents, coordinating with SOC, IR, and infrastructure teams. Conduct root-cause analysis and drive long-term remediation and control improvements. Guide vulnerability management and remediation efforts related to network and perimeter security. Leadership & Cross-Functional Collaboration Act as a senior technical leader and subject-matter expert within the InfoSec organization. Collaborate with: Security Engineering Infrastructure & Network Engineering Cloud & DevOps teams Application Security and GRC Mentor senior engineers and contribute to security roadmaps and long-term strategy. Communicate complex technical risks clearly to leadership and non-technical stakeholders. Governance, Risk & Compliance Ensure network security controls align with regulatory, compliance, and client security requirements. Support audits, assessments, and client security reviews. Develop documentation, standards, and procedures related to network security operations. Required Qualifications 10+ years of experience in network security, infrastructure security, or security engineering roles. Proven experience managing and securing enterprise-scale, multi-cloud environments. Deep hands-on expertise with: Next-generation firewalls (e.g., Palo Alto, Fortinet, Check Point) Network segmentation and zero-trust architectures VPNs, secure remote access, and private connectivity Network security monitoring and detection tools Strong understanding of cloud networking and security in AWS, Azure, and/or GCP. Experience supporting multiple client environments with varying architectures and risk tolerances. Demonstrated ability to lead technically while influencing cross-functional teams. Excellent communication skills with both technical and executive audiences. Preferred Qualifications Prior experience in professional services, law firm, financial services, or regulated enterprise environments. Experience leading or contributing to large-scale network security transformations. Familiarity with SASE, ZTNA, and modern zero-trust security models. Security certifications such as CISSP, CCSP, or equivalent cloud/security credentials. Why This Role High-impact leadership role within a sophisticated InfoSec organization. Exposure to diverse, complex client network environments across industries. Influence long-term security strategy while remaining hands-on technically. Competitive compensation up to $270K base plus strong benefits and growth opportunities.

Job Title: Cyber Security Risk Analyst. Job Type: Contract. IS NOT OPEN TO AGENCIES. The Cyber Security Risk Analyst supports enterprise governance, risk, and compliance (GRC) initiatives by strengthening cyber risk management practices, enhancing third-party risk oversight, and contributing to cybersecurity governance across a complex organizational environment. This role works closely with cybersecurity leadership, internal stakeholders, and partner teams to mature risk assessment processes and ensure consistent, well-documented risk management activities. Key Responsibilities Design, develop, and enhance cybersecurity risk management processes and supporting frameworks Support enterprise cyber risk governance, including risk identification, evaluation, and remediation tracking Perform cybersecurity risk assessments in collaboration with business and IT stakeholders Evaluate and manage third-party and vendor cybersecurity risk throughout the vendor lifecycle Contribute to the development and maintenance of a third-party risk register Review and analyze cybersecurity risk cases, exceptions, and justifications Document risks, mitigations, and remediation actions within a centralized risk register Assist in developing risk assessment procedures, methodologies, and testing approaches aligned with industry frameworks Collaborate with cross-functional teams and subject matter experts to gather risk intelligence Support remediation efforts by helping initiate corrective actions where vulnerabilities or weaknesses are identified Participate in special cybersecurity initiatives and projects as assigned Required Qualifications Minimum of 4 years of experience in one or more of the following areas: Cybersecurity risk management Cybersecurity risk assessment Third-party or vendor risk management within a cybersecurity function Strong understanding of GRC concepts and the cyber risk lifecycle Experience working in large, complex, multi-stakeholder environments Strong analytical, investigative, and documentation skills Excellent written and verbal communication skills Preferred Qualifications Bachelor's degree in Cybersecurity, Risk Management, Information Systems, Computer Science, or a related field Familiarity with one or more cybersecurity frameworks or standards, including: NIST ISO/IEC 27001 / 27002 CIS SANS PCI Relevant certifications are a plus, including but not limited to: CISSP, CISM, CRISC, CISA CompTIA Security+, CySA+, Network+ GIAC certifications Knowledge of cybersecurity laws, regulations, and data privacy principles Ability to work independently in a self-directed and organized manner About Buchanan Technologies Since Buchanan's inception over 30 years ago, we have operated on 5 core values - People Matter, Customers Matter, Principles Matter, Community Matters, and Every Interaction Matters. These values are represented across each facet of the company, from employee relations to client service delivery to corporate social responsibility initiatives and beyond. Why Work at Buchanan? At Buchanan Technologies, we offer a great employment experience with a fun but professional work environment, competitive salary, and various employee career advancement programs that add value to your skills and daily life. If you are excited about being part of an energetic team where your contributions are appreciated and hard work is recognized, Buchanan is the place for you. Things We Are Passionate About We are passionate about providing top-tier technology services to our customers and clients and fostering a culture of continuous learning for our employees. We are a people- centric company, focused on growth and diversity for our workforce. Come join us and let's build something amazing together. Follow Us: LinkedIn: ******************************************************* Website: **************** Buchanan Technologies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, protected veteran status, or genetics. In addition to federal law requirements, Buchanan Technologies complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

We are seeking a highly skilled and motivated CyberArk PAM Administrator to support the deployment, configuration, and ongoing management of privileged access management (PAM) and cybersecurity technologies. This role is ideal for a cybersecurity professional who enjoys working in collaborative environments, driving secure system design, and supporting enterprise-scale security initiatives. The successful candidate will play a key role in implementing new cybersecurity solutions, supporting infrastructure upgrades, and ensuring systems are secure, reliable, and well-documented. This position offers the opportunity to work with modern security platforms while contributing to the organization's overall cyber maturity and growth. Key Responsibilities Implement and support new deployments of cybersecurity technologies, including CyberArk PAM and related security products. Assist with infrastructure upgrades to support application growth and evolving cybersecurity requirements. Configure, deploy, and maintain systems in accordance with security best practices and architectural standards. Troubleshoot and support all aspects of CyberArk Privileged Access Management, including onboarding, vault management, and access controls. Develop and maintain technical documentation, procedures, and runbooks for daily operations and major initiatives. Propose and document system architectures for secure and scalable deployments. Collaborate with internal teams, vendors, and stakeholders to ensure successful technology implementations. Patch, maintain, and monitor security platforms to ensure system stability and compliance. Train team members and end users on new systems and security processes as needed. Follow up promptly with stakeholders to address issues, changes, and enhancements. Required Skills / Education Proven experience as a CyberArk Administrator or in a similar Privileged Access Management role. Hands-on experience troubleshooting and supporting CyberArk PAM components. Strong understanding of cybersecurity principles, access control, and secure system administration. Ability to create clear, detailed technical documentation and operational procedures. Excellent written and verbal communication skills, with the ability to work effectively across technical and non-technical teams. Preferred Qualifications Experience with scripting or programming languages. Hands-on experience with PowerShell. Familiarity with enterprise infrastructure environments and security integrations. Strong interpersonal skills and the ability to collaborate with stakeholders at all organizational levels. About Seneca Resources At Seneca Resources, we are more than just a staffing and consulting firm-we are a trusted career partner. With offices across the U.S. and clients ranging from Fortune 500 companies to government organizations, we provide opportunities that help professionals grow their careers while making an impact. When you work with Seneca, you're choosing a company that invests in your success, celebrates your achievements, and connects you to meaningful work with leading organizations nationwide. We take the time to understand your goals and match you with roles that align with your skills and career path. Our consultants and contractors enjoy competitive pay, comprehensive health, dental, and vision coverage, 401(k) retirement plans, and the support of a dedicated team who will advocate for you every step of the way. Seneca Resources is proud to be an Equal Opportunity Employer and is committed to fostering a diverse and inclusive workplace where all qualified individuals are encouraged to apply.

Senior Manager, Information Security Office Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. As a Senior Manager, You will play a leading role in delivering product security advisory services for a fast moving project within a line of business portfolio, working closely with other professionals as required. You have the ability to lead complex problem solving in partnership with multiple stakeholders in a fast-paced environment, driving results with critical impact. You will work with the other Information security consultants, business, technology and risk partners to achieve time sensitive goals and objectives in a secure manner with a heavy forward lean on modern software and technology architectures. Responsibilities: Act as an Information Security point of contact for a business function within the Card line of business Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Leverage strong technical acumen and be security SME reviewing architecture, providing risk mitigation solutions and driving overall risk management. Partner closely with engineers, product managers, and other cross-functional partners to help break down complexity and organizational silos to problem solve. Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have experience in securing large-scale e-commerce platforms, with deep understanding of payments systems, customer data protection across high transaction environments ensuring protection of user data across internal and partner ecosystems. You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: High School Diploma, GED or equivalent certification At least 6 years of experience working in cybersecurity or information technology At least 5 years of experience providing guidance and oversight of Security concepts At least 5 years of experience performing security risk assessments and security architecture reviews At least 5 years of experience with architecture, software design, networking, and cloud infrastructure At least 4 years of experience with cloud security engineering Preferred Qualifications: Bachelor's Degree 6+ years of experience Application Security, Threat Modeling, Penetration Testing, Vulnerability Management 4+ years of experience in securing a public cloud environment (e.g. AWS, GCP, Azure) 2+ years experience in e-commerce industry 2+ years of experience building software utilizing public cloud (e.g. AWS, GCP, Azure) 1+ years of experience in security integration for Mergers and Acquisitions 1+ years of experience with Cloud patch management practices such as system rehydration and image management 1+ years of experience utilizing Agile methodologies 1+ years of experience with Software Security Architecture 1+ years of experience with Application Security 1+ years of experience with Threat Modeling 1+ years of experience with Penetration Testing and/or Vulnerability Management 1+ years of experience with integrating SaaS products into an Enterprise Environment 1+ years of experience with securing Container services 1+ years of experience with Splunk-Fu and Enterprise Monitoring experience 1+ years of experience in a Financial services industry experience 1+ years of experience with Offensive or Defensive Security techniques AWS Certified Solutions Architect or Certified Information Systems Security Professional (CISSP) certification At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Plano, TX: $204,900 - $233,800 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Outcomes. Delivered. Voyatek, formerly GCOM Software and OnCore Consulting, delivers outcome-driven technology solutions to public sector agencies and higher education institutions nationwide. For example, our technology: Facilitates access to nutritious food for children of mothers participating in the WIC program Supports first responders in reducing opioid overdoses within their communities Empowers colleges and universities to identify and thwart financial aid fraud Equips teachers with valuable insights to identify students requiring additional support Enhances efficiency for state tax agencies, leading to 99% faster return processing and quicker refunds for taxpayers With a focus on Tax & Revenue, Health & Human Services, and Justice & Public Safety, Voyatek combines the scale to support large complex projects with the agility and accessibility of a boutique solutions provider. Together, Voyatek and its customers work to improve population wellbeing, create safer communities, and foster a thriving economy. We're more than a technology company -- we're an outcomes company. We encourage our employees to think differently, ask tough questions, and relentlessly pursue what's best for our customers and the residents they serve. We believe that the value of technology is defined by its human impact. If you agree, you've come to the right place. Voyatek is seeking applicants to occupy the position of SAP Security Analyst within our team. Client Details: The New York Power Authority (NYPA) is the largest state public power organization in the United States, renowned for its role in providing clean, affordable, and reliable energy. NYPA's mission is to power New York with clean energy while driving economic growth and sustainability. It focuses on reducing greenhouse gas emissions, modernizing the state's energy infrastructure, and promoting energy efficiency and innovation across sectors. New York Power Authority's (“NYPA”) current on-premise Enterprise Resource Planning (“ERP”) system, SAP ECC 6.0, is almost 20 years old and is approaching technological obsolescence. Systems Application and Products (“SAP”) has already released its statement of intent to end new development on that platform and is planning on removing it from standard support on December 31, 2027. Project Luminate is a program to replace NYPA's current on-premise ERP system with a cloud-based system to ensure an adaptable environment able to meet NYPA's needs. In 2023, NYPA awarded a contract to Gartner Inc. to perform a detailed readiness assessment to define key requirements that the new system has to meet and to identify current business process improvements that are critical to be addressed as a precursor to the transition to a cloud-based platform. Key Responsibilities: Participate in SAP GRC project, enhancement and support and other relevant assignments (as needed) and provisioning across various ERP application environments following the organizational guideline and procedure and perform the below activities. Configure and maintain SAP GRC tools, including Access Control, Risk Management, and Process Control and IAG. Provision and manage user accounts and access to SAP systems, ensuring that all access is granted in accordance with established policies. Design, configure, and maintain roles, authorizations, and user access within S/4HANA, ensuring appropriate access levels for users. Generate reports and conduct audits to monitor SAP security & ITGC controls and ensure compliance including SOD management and configuration. Investigate and resolve GRC-related issues, providing timely support to users and other IT teams. Maintain comprehensive documentation of security policies, procedures, and role designs. Work with cross-functional teams, including IT, business users, and auditors, to ensure alignment of security requirements and best practices. Qualifications: SAP ERP (S/4 Hana is added plus), Workday, Active Directory group, GRC AC 10.1 and above, Microsoft Azure, success factor, applicable functional knowledge for SAP security in the area like Finance, MM, ISU billing etc., SAP audit & compliance. Bachelor's degree in engineering, IT, or related field. 7-10 years of hands-on industry experience in SAP GRC AC and PC implementation and administration. Familiarity with SAP S/4HANA system landscapes, including Fiori authorizations in cloud-based environment (SAP RISE). Proficiency in using SAP security tools and configurations. Ability to identify, analyze, and resolve complex security and compliance issues. Strong interpersonal and communication skills, with the ability to effectively collaborate with diverse teams. The wage range for this role reflects the wide array of factors considered in compensation decisions. These factors include, but are not limited to, skill sets, experience, training, licensure and certifications, and geographic location. Compensation decisions are based on the unique facts and circumstances of each case. A reasonable estimate of the hourly range is $74.00 - $84.00. At Voyatek, we believe in supporting our employees with a comprehensive benefits package designed to enhance their well-being and professional growth. Please note that eligibility for certain benefits may vary based on your role and employment status. Health, Dental, and Vision Insurance Medical, Limited, & Dependent Flexible Spending Accounts (FSA) Health Savings Account (HSA) with Employer Contributions Company-Paid and Voluntary Life Insurance Long and Short-Term Disability Insurance Accident, Critical Illness, & Hospital Indemnity Insurance 401(k) Retirement Plan with Company Match and Immediate Vesting Wellhub Fitness and Wellness Platform Pet Insurance Training Opportunities Employee Referral Bonus Program We are committed to fostering a workplace that supports both your personal and professional aspirations. As part of our commitment to maintaining a compliant workplace, all final candidates will undergo and must pass a comprehensive background screening prior to starting work. This screening may include, but is not limited to, verification of employment history, education, criminal records, and other relevant checks. For certain positions, additional client-specific background screenings may be required in the future, in accordance with client requirements. Voyatek does significant work with Federal and State tax and revenue authorities. If applicable to this role, all hires will be required to obtain a Federal Public Trust Clearance (Moderate Background Investigation). This clearance process may start upon offer acceptance; and must be cleared prior to working on these projects. If you think you are a good fit for us, we encourage you to apply. Check out our career website for all open positions! Voyatek provides equal employment opportunities to all employees and applicants for employment. Voyatek will make employment decisions without regard to race, color, creed, ancestry, national origin, citizenship, sex or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status or domestic violence victim status, religion, age, disability, genetic information, service in the military, or any other characteristic protected by applicable federal, state, or local laws and ordinances. Employment decisions include all terms and conditions of employment, including recruitment and hiring, job assignment/placement, promotion, upgrading, demotion, termination, layoff, recall, transfer, leave of absence, rates of pay or other compensation, internship, and training.

ABOUT THE JOB The ACLU seeks applicants for the full-time position of Application Security Architect in the Information Security Department of the ACLU's National office in New York, NY . This is a hybrid role that has in-office requirements of two (2) days per week or eight (8) days per month. This role will define how secure applications are designed, integrated, and maintained across the ACLU's cloud, SaaS, and hybrid environments. You'll lead efforts to embed security throughout our software development lifecycle (SDLC), own our internal Security Architecture Review (SAR) process, and guide secure integration practices for highly customized platforms and other third-party applications critical to our civil liberties mission. The AppSec Architect will partner closely with product and platform teams, Tech Engineering, Devops, IT, and affiliates to assess and mitigate risks associated with application design, data flows, integrations, and third-party software usage. You'll help set and enforce security standards, perform hands-on threat modeling, define secure development and deployment patterns, and directly support high-impact systems involving donor data, legal case workflows, and internal operational apps. This hands-on technical leadership role will own and drive the ACLU's application security efforts across both internally developed and externally adopted applications. This position is part of a collective bargaining unit. It is represented by ACLU Staff United (ASU). WHAT YOU'LL DO Reporting to the Director, Security Architecture & Engineering, the Application Security Architect will define and drive the ACLU's application security roadmap-from code to cloud, and everything in between. YOUR DAY TO DAY Lead the ACLU's Application Security Program, owning the InfoSec SDLC strategy and continuous improvement of application-layer security across cross-functional teams. Own the Security Architecture Review (SAR) process, including intake, risk evaluation, documentation, and partner engagement. Perform and guide threat modeling for new applications, integrations, and high-risk workflows-including financial systems, legal platforms, and supporter/donor tools. Define secure design patterns for authentication (OAuth/OIDC), secrets management, API authorization, session handling, and data flow protections across internal and third-party systems. Evaluate, deploy, and maintain AppSec tooling such as SAST, DAST, SCA, API security tools, and secrets detection platforms, based on risk and developer stack alignment. Partner with stakeholders to assess internal cloud apps, low-code tools, and internal workflow automations for security risks. Oversee application-layer vulnerability triage, analysis, and escalation-including issues from internal testing, coordinated disclosure, and external penetration testing. Collaborate with platform owners of high-risk SaaS platforms to validate that application-level security controls-authZ, audit logging, IP allowlists, token lifetimes, etc.-are in place and enforced. Ensure application-layer security extends across data ecosystems, including ETL and reverse ETL pipelines, data warehouse platforms (e.g., Redshift, Snowflake), and high-risk integrations that move or transform sensitive donor, legal, or supporter data between internal systems and external SaaS tools. Identify and reduce emerging application-layer risks related to AI adoption, including prompt injection, model abuse, insecure integrations with LLM APIs, and exposure of sensitive data through AI-powered features or automations. FUTURE ACLU'ERS WILL Be committed to advancing the mission of the ACLU Center and embed the principles of equity, inclusion and belonging in their work by demonstrating commitment to diversity with an approach that respects and values multiple perspectives Be committed to work collaboratively and respectfully toward resolving obstacles and conflicts WHAT YOU'LL BRING Extensive experience in application or product security, secure software development, or DevSecOps architecture. Practical experience designing and implementing secure SDLC, AppSec testing workflows, or automated CI/CD security gates. Deep understanding of common software vulnerabilities (e.g., OWASP Top 10), secure coding practices, and threat modeling methodologies. Familiarity with GitHub Actions, modern SaaS stacks, and secure API design principles. Familiarity with CMS tooling (e.g., Drupal, WordPress), cloud computing platforms (e.g., GCP, Azure, AWS), and containerization environments (e.g., Kubernetes, Docker, ECS). Experience securing data pipelines and warehouse environments, with a focus on protecting structured data. Experience partnering directly with developers and product teams to influence secure outcomes. Excellent communication skills, especially when translating technical issues into business risk language. COMPENSATION The ACLU is committed to equity, transparency, and clarity in pay. Consistent with our compensation philosophy, there is a set salary for each role based on geographic work location. The annual salary for this position is $161,123 (Level - E), reflecting the salary of a position based in New York, NY. Salaries are subject to a regional pay adjustment if authorization is granted to work outside of the location listed in this posting. For details on our pay structure, please visit: ************************************************************************ WHY THE ACLU For over 100 years, the ACLU has worked to defend and preserve the individual rights and liberties guaranteed by the Constitution and laws of the United States. Whether it's ending mass incarceration, achieving full equality for the LGBTQ+ community, establishing new privacy protections for our digital age, or preserving the right to vote or the right to have an abortion, the ACLU takes up the toughest civil liberties cases and issues to defend all people. We know that great people make a great organization. We value our people and know that what we offer is essential not just their work, but to their overall well-being. At the ACLU, we offer a broad range of benefits, which include: Time away to focus on the things that matter with a generous paid time-off policy Focus on your well-being with comprehensive healthcare benefits (including medical, dental and vision coverage, parental leave, gender affirming care & fertility treatment) Plan for your retirement with 401k plan and employer match We support employee growth and development through annual professional development funds, internal professional development programs and workshops OUR COMMITMENT TO ACCESSIBILITY, EQUITY, DIVERSITY & INCLUSION Accessibility, equity, diversity and inclusion are core values of the ACLU and central to our work to advance liberty, equality, and justice for all. For us diversity, equity, accessibility, and inclusion are not just check-the-box activities, but a chance for us to make long-term meaningful change. We are a community committed to learning and growth, humility and grace, transparency and accountability. We believe in a collective responsibility to create a culture of belonging for all people within our organization - one that respects and embraces difference; treats everyone equitably; and empowers our colleagues to do the best work possible. We are as committed to anti-oppression, anti-ableism, and anti-racism internally as we are externally. Because whether we're in the courts or in the office, we believe ‘We the People' means all of us. With this commitment in mind, we strongly encourage applications from all qualified individuals without regard to race, color, religion, gender, sexual orientation, gender identity or expression, age, national origin, marital status, citizenship, disability, veteran status and record of arrest or conviction, or any other characteristic protected by applicable law. The ACLU is committed to providing reasonable accommodation to individuals with disabilities. If you are a qualified individual with a disability and need assistance applying online, please email ************************ . If you are selected for an interview, you will receive additional information regarding how to request an accommodation for the interview process.

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: * Secure the Magic by protecting information systems and platforms. * Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. * Strengthen the business through optimizing execution, application, and technology used to protect the Company. * Innovate by investing in core capabilities to enhance operational efficiency. Team Description: Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. What You'll Do: * Independent audit support for: * SOX 404 ITGCs * PII * PCI * ISPS * Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. * Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. * Develop and lead the Control Assurance Programs (ISPS and SOX). * Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. * Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. * This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. * Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. * Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) * Ensure for timely management response of audit findings into our corporate SOCD/SAD. * Oversee ISPS Management Audit coordination and open action plans. * Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. * Management of GRC workflows around coordination of certifications and attestations. * Partner with leadership to support the PCI-DSS compliance program. * Develop training materials, coordinate training sessions, and monitor compliance with training requirements. * Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. * Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. * Provide executive level updates on Compliance programs Must Haves (Years of Experience, languages, programs, tools, etc.): * Minimum of 8 years of related work experience, with 3 in management roles * IT SOX experience and proven experience in supporting IT audit/compliance functions * Experience in managing people * Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives * Interpersonal skills with the ability to work with teams cross-functionally * Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators * Detail-oriented but able to understand the big picture. Highly organized and efficient * Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments * Experience with cloud-based services, specifically AWS Nice To Haves (see above): * Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR * Experience working with companies that have a heavy microservice architecture Education: Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. About The Walt Disney Company (Corporate): At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe. About The Walt Disney Company: The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate). Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information or disability, or any other basis prohibited by federal, state or local law. Disney champions a business environment where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a constantly evolving world. Apply Now Apply Later Current Employees Apply via My Disney Career Explore Location

SAP Security administrator who should have at least 5 years of experience with the below skillset. Strong communication skills to facilitate working in a dynamic project environment Role design, configuration, testing, and deployment methodology within SAP application architecture Detailed knowledge of ABAP and Java based authorizations within SAP applications SAP ECC Profile Generator (single roles, master / derived roles, composite roles) SAP BI analysis authorization concepts SAP BPC security and administration Qualifications SAP Central User Administration configuration and administration SAP GRC configuration and administration SAP Enterprise Portal UME administration SAP BOBJ Security and administration Additional Information Share the Profiles to mahesh(@)techtammina(dot)com Contact: ************ Job Type: W2 Contract Eligibility: EAD Green Card/Green Card/US Citizens Keep the subject line with Job Title and Location

E*Pro Consulting service offerings include contingent Staff Augmentation of IT professionals, Permanent Recruiting and Temp-to-Hire. In addition, our industry expertise and knowledge within financial services, Insurance, Telecom, Manufacturing, Technology, Media and Entertainment, Pharmaceutical, Health Care and service industries ensures our services are customized to meet specific needs. For more details please visit our website ****************** Job Description SAP Security & GRC Additional Information All your information will be kept confidential according to EEO guidelines.