Security architect jobs in Wilmington, NC

Title: Information Security Engineer (IAM-SSO) Duration: 12-24 months Pay Range:- 55-60$/hr on W2 (No C2C) In this contingent resource assignment, you will consult on or participate in moderately complex initiatives and deliverables within Information Security Engineering. You will contribute to large-scale planning related to Information Security Engineering deliverables, review and analyze moderately complex challenges requiring in-depth evaluation of variable factors, and collaborate with client personnel to meet deliverables while adhering to policies, procedures, and compliance requirements. Responsibilities: Consult on or participate in moderately complex initiatives and deliverables within Information Security Engineering. Contribute to large-scale planning related to Information Security Engineering deliverables. Review and analyze moderately complex Information Security Engineering challenges requiring in-depth evaluation of variable factors. Collaborate with client personnel in Information Security Engineering to meet deliverables. Ensure compliance with function policies, procedures, and requirements. Qualifications: 4+ years of Information Security Engineering experience or equivalent demonstrated through work, consulting experience, training, military experience, or education. Experience in installing, configuring, and supporting SSO platforms such as Okta or Ping. Proficient in Agent-Based, Web-Based, and Federated Authentication and Authorization standards. Strong hands-on experience with industry-standard SSO technologies and protocols (OAuth, OpenID Connect, FIDO, SAML 2.0). Demonstrated ability to support applications in a distributed, highly available, mission-critical environment. Desired Qualifications: Strong verbal, written, and interpersonal communication skills. Knowledge of LDAP and Active Directory services, MFA, Risk-based authentication, and privileged access management. Familiarity with deployments and integration of IAM solutions within the cloud (Azure, AWS, or Google Cloud). Knowledge and understanding of complex enterprise systems and frameworks, including frontends, middleware, services layer, database, backend, and downstream interfaces. Knowledge and understanding of technical writing: storage, middleware, or virtualization. Strong negotiation and leadership abilities. Knowledge of Kubernetes containerization strategy. About PTR Global: PTR Global is a leading provider of information technology and workforce solutions. PTR Global has become one of the largest providers in its industry, with over 5000 professionals providing services across the U.S. and Canada. For more information visit ***************** At PTR Global, we understand the importance of your privacy and security. We NEVER ASK job applicants to: Pay any fee to be considered for, submitted to, or selected for any opportunity. Purchase any product, service, or gift cards from us or for us as part of an application, interview, or selection process. Provide sensitive financial information such as credit card numbers or banking information. Successfully placed or hired candidates would only be asked for banking details after accepting an offer from us during our official onboarding processes as part of payroll setup. Pay Range: $55 - $60 The specific compensation for this position will be determined by a number of factors, including the scope, complexity and location of the role as well as the cost of labor in the market; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. Our full-time consultants have access to benefits including medical, dental, vision and 401K contributions as well as any other PTO, sick leave, and other benefits mandated by appliable state or localities where you reside or work. If you receive a suspicious message, email, or phone call claiming to be from PTR Global do not respond or click on any links. Instead, contact us directly at ***************. To report any concerns, please email us at *******************

We are seeking a skilled Security Engineer with strong Networking and Compliance experience to join our team in Millennia. This position is required to reside in the vicinity of our Durham, NC Data Center. In this role, you will be crucial in maintaining the integrity and security of our network systems, ensuring privacy and security controls within processes, assets, and data flow within our healthcare-focused environment Responsibilities: · Maintain and manage all processes systems supporting Millennia's security posture. · Monitor, manage, and implement security infrastructure to support organizational needs · Monitor logs and alerts to identify incidents. Perform and or document Root Cause Analysis and remediation on Security Incidents. · Monitor network performance and troubleshoot issues and Security Incidents. · Plan, manage, and execute system upgrades and weekly patches to all endpoints. · Develop and enforce security policies to protect sensitive patient data. · Conduct regular system audits and vulnerability assessments. · Provide technical support for network-related issues to staff and clients. · Maintain documentation of network configurations and procedures. · Stay updated on industry trends and emerging technologies · Collaborate with IT teams to integrate new technologies into existing systems. · Provide hand-on support to our offices and data center. Qualifications: · Strong knowledge of network and security administration, controls, protocols, and best practices. · Experience with SOC2 or HITRUST, and HIPAA Security and Privacy Rule. · Proven experience as a Network Administrator or similar role. · Proficiency in configuring firewalls, routers, and switches, encryption protocols, and certificates. · Familiarity with cybersecurity principles and incident response strategies. · Excellent problem-solving skills and attention to detail. · Exceptional communication skills and ability to work independently and collaboratively in a team-oriented environment. · Experience with cloud computing platforms (AWS, Azure) is a plus. Relevant certifications (e.g., CCNA, CompTIA Security+) are preferred

We are At Synechron, we believe in the power of digital to transform businesses for the better. Our global consulting firm combines creativity and innovative technology to deliver industry-leading digital solutions. Synechron's progressive technologies and optimization strategies span end-to-end Artificial Intelligence, Consulting, Digital, Cloud & DevOps, Data, and Software Engineering, servicing an array of noteworthy financial services and technology firms. Through research and development initiatives in our FinLabs we develop solutions for modernization, from Artificial Intelligence and Blockchain to Data Science models, Digital Underwriting, mobile-first applications and more. Over the last 20+ years, our company has been honored with multiple employer awards, recognizing our commitment to our talented teams. With top clients to boast about, Synechron has a global workforce of 14,500+, and has 58 offices in 21 countries within key global markets. Our challenge We are seeking an experienced AI Architect to define and lead the development of our AI/ML strategy and implementation roadmap. The ideal candidate will have deep expertise in traditional and generative AI, leading the design of scalable, secure, and ethical AI solutions that align with business objectives. Additional Information* The base salary for this position will vary based on geography and other factors. In accordance with law, the base salary for this role if filled within Charlotte, NC is $130k - $140k/year & benefits (see below). The Role Responsibilities: Define and drive the AI/ML architecture and roadmap, including both traditional machine learning and Generative AI (GenAI) use cases. Design comprehensive end-to-end AI solutions covering data ingestion, feature engineering, model training, inference pipelines, and monitoring frameworks. Lead the integration of Large Language Models (LLMs) and Retrieval-Augmented Generation (RAG) frameworks, utilizing tools such as LangChain, LangGraph, or similar. Collaborate with business stakeholders to translate requirements into scalable AI-driven technical solutions. Evaluate and select appropriate AI/ML tools, cloud services, frameworks, and libraries based on use case needs and industry best practices. Ensure models adhere to governance, security, explainability, and regulatory compliance, embedding ethical AI principles into system design. Guide engineering teams in the implementation of AI components, emphasizing scalability, reliability, and performance optimization. Partner with DevOps teams to establish CI/CD pipelines for AI, including model versioning, deployment automation, and ongoing A/B testing. Keep abreast of the latest industry research, breakthroughs, and emerging trends in AI, recommending adoption of best practices and innovative solutions. Requirements: Proven experience 10+ years, excel in leading AI/ML architecture and strategy in enterprise environments. Strong expertise in designing and deploying large-scale AI/ML solutions, including LLMs and RAG frameworks. Experience with AI/ML tools and frameworks such as TensorFlow, PyTorch, Hugging Face, LangChain, LangGraph, or similar. Deep understanding of data workflows, feature engineering, model training, evaluation, and deployment. Knowledge of cloud platforms (AWS, Azure, GCP) and services tailored for AI deployment. Familiarity with model governance, security, explainability, and ethical AI standards. Experience in developing CI/CD pipelines for AI/ML, including model versioning, monitoring, and performance tuning. Strong problem-solving, communication, and stakeholder management skills. Preferred, but not required: Advanced degree (Ph.D., Master's) in Computer Science, Data Science, AI, or related fields. Publications or practical contributions to AI research and open-source projects. Experience working in regulated industries or environments requiring compliance and governance. Familiar with project management and Agile practices. We offer: A highly competitive compensation and benefits package. A multinational organization with 58 offices in 21 countries and the possibility to work abroad. 10 days of paid annual leave (plus sick leave and national holidays). Maternity & paternity leave plans. A comprehensive insurance plan including medical, dental, vision, life insurance, and long-/short-term disability (plans vary by region). Retirement savings plans. A higher education certification policy. Commuter benefits (varies by region). Extensive training opportunities, focused on skills, substantive knowledge, and personal development. On-demand Udemy for Business for all Synechron employees with free access to more than 5000 curated courses. Coaching opportunities with experienced colleagues from our Financial Innovation Labs (FinLabs) and Center of Excellences (CoE) groups. Cutting edge projects at the world's leading tier-one banks, financial institutions and insurance firms. A flat and approachable organization. A truly diverse, fun-loving, and global work culture. S YNECHRON'S DIVERSITY & INCLUSION STATEMENT Diversity & Inclusion are fundamental to our culture, and Synechron is proud to be an equal opportunity workplace and is an affirmative action employer. Our Diversity, Equity, and Inclusion (DEI) initiative ‘Same Difference' is committed to fostering an inclusive culture - promoting equality, diversity and an environment that is respectful to all. We strongly believe that a diverse workforce helps build stronger, successful businesses as a global company. We encourage applicants from across diverse backgrounds, race, ethnicities, religion, age, marital status, gender, sexual orientations, or disabilities to apply. We empower our global workforce by offering flexible workplace arrangements, mentoring, internal mobility, learning and development programs, and more. All employment decisions at Synechron are based on business needs, job requirements and individual qualifications, without regard to the applicant's gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.

Job Title: IT Architect Design & Implementation specialist (PKI, Security) Hybrid Duration: Long-Term Renewable Contract Job ID - 5243 Work Authorization: W2 Only (No C2C or subcontracting) Position Purpose/Scope: What are the key objectives of the position? This role leads the architecture, design, implementation, and management of enterprise-level Public Key Infrastructure (PKI) solutions, ensuring high availability, scalability, and security across global Group locations. Drives strategic PKI initiatives, including the adoption of new technologies and best practices. Position Responsibilities/Accountabilities: List the major duties/accountabilities to achieve the position's key objectives. Architects and deploys Microsoft Active Directory Certificate Services (AD CS) components, including Certificate Authorities (CAs), Online Responders (OCSP), Certificate Revocation Lists (CRLs) and Network Device Enrollment Service (NDES). Manages the full certificate lifecycle using advanced Certificate Lifecycle Management (CLM) platforms and Hardware Security Modules (HSMs). Develops and implements automation scripts (PowerShell, Python) for PKI operations, certificate issuance, revocation, and monitoring. Implements proof of concepts for PKI solutions. Provides expert-level (Tier 3) support for complex PKI and Certificate Management incidents, performing root cause analysis and implementing permanent solutions. Collaborates with cross-functional teams, including Product Owners, DevOps, and IT Security, to integrate PKI solutions into various applications and services. Contributes to the overall security architecture, providing expert guidance on cryptographic standards, key management, and secure communication protocols. Conducts comprehensive risk assessments for PKI deployments and develop mitigation strategies to ensure compliance with industry regulations and internal security policies. Creates and maintains high-quality technical documentation, including design specifications, operational procedures, and test plans. Conducts research on existing systems and devise solutions that work within those systems. Responds to questions regarding PKI and Certificate Management capabilities and requirements. Maintains a high-level understanding of the organization's IT-Security processes and requirements. Works on the delivery of DevOps User Stories within specified functional area(s). Supports the roll-out and operation of global Public Key Infrastructure (PKI) and Certificate Management initiatives within the Group for multiple departments and all global locations. Understands and models VPS (Value Added Production System) Principles and concepts of Standard Work and Problem Solving. Adheres to 5S and Safety Standards and Principles. Performs other duties as assigned by Group Operations Supervisor. Education: Bachelor's or Master's degree in Computer Science, Information Security, or a related technical field. Licenses and/or Certifications: Relevant industry certifications (or equivalents) such as CISSP, SANS GIAC (e.g., GSEC, GCWN), or Microsoft Certified: Azure Security Engineer Associate (preferred). Experience: 10+ years of hands-on experience with Microsoft Active Directory Certificate Services (AD CS) -OR Equivalent platform, including design, deployment, and troubleshooting of Certificate Authorities (CAs), Online Responders (OCSP), and Network Device Enrollment Service (NDES). 3+ years of expertise in certificate lifecycle management (CLM) platforms (e.g., Venafi, AppViewX, Keyfactor) and Hardware Security Modules (HSMs) (e.g., Thales, nCipher, Utimaco). 5+ years of proven track record of successfully delivering complex PKI projects in large- scale enterprise environments. 5+ years of experience driving products from concept and ideation through successful launch. 5+ years of experience working on a team employing standardized project delivery methods (Agile/Scrum development methods preferred). 5+ years of experience in understanding of and working with non-functional requirements. 5+ years of experience of working in an enterprise environment. Knowledge/Skills/Abilities: Intermediate proficiency in PowerShell for AD Certificate Services administration and automation; experience with Python for security tool development is a plus. Intermediate knowledge of (functional) testing methodologies and tools, including test automation. Intermediate knowledge of root cause analysis, debugging methods, and diagnostic tools. Intermediate knowledge of Databases and query language (e.g., SQL). Intermediate knowledge of modern operating systems (especially but not limited to MS Windows and Unix/Linux derivates). Intermediate knowledge of IT Security and risk assessment. Intermediate knowledge of certificate lifecycle management and Public Key Infrastructure. About our Company DataSoft Technologies is a highly recognized provider of professional IT Consulting services in the US. Founded in 1994, DataSoft Technologies, Inc. provides staff augmentation services for Information Technology and Automotive Services. Our team member benefits include: Paid Holidays/Paid Time Off (PTO) Medical/Dental Insurance Vision Insurance Short Term/Long Term Disability Life Insurance 401 (K)

Responsibilities: · Lead the architectural design and implementation of scalable, generative AI-powered solutions for business automation, leveraging both Azure and Google Cloud platforms. · Architect end-to-end AI model workflows, utilizing Azure AI, and Google AI tools. Focus will be on applications involving complex document intelligence, multi-modal data analysis, and advanced image processing tasks. · Design and oversee the development of optimized RAG (Retrieval Augmented Generation) pipelines that incorporate varied data sources and formats to improve prompt execution. · Establish best practices for prompt engineering and iterative refinement to maximize the accuracy and relevance of outputs across diverse data types. · Collaborate with cross-functional teams (engineering, data science, business) to translate complex business requirements into robust, scalable AI component designs. · Champion the integration of the client's proprietary generative AI tools into the architecture and development lifecycles. · Direct the implementation of robust API management strategies using Apigee for secure and efficient access to AI models and related services. · Ensure all solution designs adhere to stringent data governance policies and use cloud-native security mechanisms and compliance tools. · Provide architectural guidance and design patterns for leveraging generative AI within critical business processes like License Audit and Product Approval, emphasizing scalable and verifiable outcomes. · Establish and automate DevOps pipelines for model deployment, testing and iterative enhancements. Skills: · Deep expertise with Azure AI services (including Cognitive Services) and Google Cloud AIML platform. · Extensive knowledge and practical experience with document processing using Azure Document Intelligence and alternative OCR technologies. · Mastery of Snowflake for data modeling, warehousing, and integrating with advanced analytics workflows. · Proficiency with cloud orchestration tools, like GKE Scheduler, and asynchronous communication services (e.g., Google PubSub). · Advanced expertise in API management using Apigee and related security best practices. · Proven ability to design and implement Kubernetes-based AI model deployments, including model optimization techniques. · Strong command of Python for development and automation tasks. · Demonstrated experience converting business needs into scalable and maintainable technical designs. · Experience working with and extending custom Generative AI tooling. · Deep understanding of Retrieval Augmented Generation (RAG) concepts and its applications. -- Thanks & Regards, Trayambkeshwer Dwivedi (Trayam), Sr. Technical Recruiter Raas infotek corporation 262 Chapman road, Suite 105A, Newark, DE-19702 Direct number: ********** | 132 Text Now: ************** Email: **************************************

WorkForce Unlimited is searching for a proactive Security Analyst to analyze vulnerabilities, optimize security tools, and help our client stay ahead of emerging threats. The Security Analyst is responsible for independently managing third-party vulnerability data sources, executing scans using proprietary tools, and collaborating with IT teams to prioritize mitigation efforts. The role involves leveraging vulnerability management tools to generate metrics and reports that track progress and effectiveness. Additionally, the Security Analyst may contribute to reviewing project scopes to recommend security benchmarks, optimizing security tool alerts and policies, and integrating logs and large data sets into existing systems. Role Responsibilities Analyze vulnerabilities from various sources and input them into the vulnerability management tool using approved methods to ensure a complete overview of exposures. Evaluate existing vulnerabilities to identify problem areas or opportunities for mass-mitigation. Communicate with cross-functional teams to explain risks, opportunities, or required actions. Escalate vulnerabilities that exceed defined time-to-resolve thresholds. Configure vulnerability scanning tools and manage ongoing scan schedules. Collect and maintain departmental metrics and KPIs. Identify opportunities to apply AI technologies to improve vulnerability management processes. Technical Qualifications Strong familiarity and prior experience with: HTTP, PKI, digital signatures/encryption, SMTP, DNS, CWEs, CVEs, and related security frameworks. Vulnerability and security scanning tools such as Nessus, NMAP, ZAP, BurpSuite, Invicti, Nuclei, or similar. Web application scanning and web application firewalls (WAFs). Containers and associated security considerations. CIS Benchmarks, STIGs, or other security hardening standards. Additional desirable skills or experience: Authentication and identity protocols: SAML, Kerberos, OAuth, OIDC, LDAP. Scripting and automation using PowerShell and Python. CI/CD tools such as Jenkins. Splunk data onboarding (indexes, sourcetypes, data models, forwarders, apps, HECs). Log ingestion and transport technologies: Azure Event Hubs, Kafka, syslog. EDR/XDR tools such as Microsoft Sentinel, Microsoft Defender, CrowdStrike, or similar. General Qualifications Ability to conduct independent research, analyze data, and produce clear plans of action. Strong systematic thinking and troubleshooting skills. Ability to create clear and detailed documentation of designs and processes for diverse technical audiences. Excellent communication skills, including the ability to clearly articulate requirements, priorities, and project status. Education Requirements Bachelor's Degree in Information Technology or a related field is preferred but not mandatory.

The Tools Architect will lead the design, implementation, and optimization of enterprise-grade IT Operations Management (ITOM) and observability solutions. This includes integrating and orchestrating tools such as Dynatrace, SolarWinds, AlertSite, and ServiceNow modules (CMDB, Event Management, CSDM). The role is pivotal in working with the customer to drive Event management, Service Now CMDB accuracy, CI Mapping, automation across hybrid environments. Key Responsibilities Strategic Leadership • Be the primary point of contat for all AIOPs & Automation related discussions • Identify new business opportunities related to AIOPs automation & Tools • Define and drive the AIOps and automation roadmap/strategy aligned with business goals. • Collaborate with senior stakeholders to prioritize automation & AIOPs initiatives and ensure alignment with enterprise architecture. • Evaluate and recommend appropriate tools, platforms, and frameworks for AIOps and Automation Technical Implementation • Oversee the analysis and identification of automatoin opportunities • Drive development & deployment of automation scripts/workflows • Lead the analysis, recommendation and deployment of AIOps solutions (e.g., anomaly detection, predictive analytics, root cause analysis). • Integrate AIOps platforms with existing ITSM, monitoring, and observability tools. - Document recommendations & lead as required • Architect and maintain a governed CMDB aligned with CSDM best practices • Ensure accurate service mapping and CI relationships to support impact analysis and change risk predictions • CMDB health remediation efforts including completeness, staleness, and orphaned records Data & Analytics • Ensure effective data ingestion, normalization, and correlation from multiple sources (logs, metrics, events). • Work with CG & LPL teams to Fine-tune Event Thresholds • Monitor performance of AIOps models and continuously improve accuracy and relevance. Weekly & Monthly Performance Tracking Team & Stakeholder Management • Conduct training and enablement sessions to build automation capabilities across teams. • Collaborate with Teams in implemenation & driving AIOPs & Automation Governance & Compliance • Define and enforce governance policies for automation and AI usage. • Ensure security, compliance, and auditability of automated processes. •Track KPIs and ROI of AIOps and automation initiatives. Skills & Qualifications • 7+ years of experience in ITOM architecture, preferably with ServiceNow. • Deep expertise in CMDB, Discovery, Service Mapping, Event Management, and CSDM • Hands-on experience with Dynatrace, SolarWinds, AlertSite, and other observability platforms • Strong understanding of ITIL, ITSM, and Change Management processes. • Certified in one or more areas of ServiceNow/Observability Tools Tools Ecosystem Tool Function Dynatrace -Application & infrastructure monitoring, anomaly detection SolarWinds Orion/DPA -Network & database performance monitoring AlertSite - Synthetic monitoring ServiceNow ITOM - Discovery, orchestration, event management CMDB & CSDM - Configuration and service data governance LiveNX, ELK, CloudWatch - Supplemental observability tools? Regards Rahul Bansiwaal ********************************************** ************ | Office: ************** EXT: 444 rahulb@net2source>com www>net2source>com 270 Davidson Ave, Suite 704, Somerset, NJ 08873, USA Knowledge is Power>

DNI is on the lookout for a Senior Cyber Security Analyst - Information Systems Security Manager (ISSM) to deliver expert guidance in Information Systems Security and cybersecurity support for the Enterprise Information Services at the Department of Energy (DOE) Savannah River Operations Office (DOE-SR), located at the Savannah River Site (SRS) in Aiken, SC. Requirements Reports to the Chief Information Security Officer (CISO) and Program Manager. Oversee the Authority to Operate (ATO) lifecycle, manage risk assessments, develop and monitor Plan of Action and Milestones (POAMs), ensuring compliance with security standards and timely mitigation of organizational boundary security risks. Actively participate in the bi-weekly accreditation boundary meetings and keep the AODR informed of any changes/updates to eRAMS/POA&Ms/STAR items or any new VPM and CM issues that may arise. Provide technical and procedural cyber security advice to DOE, associate contractor partners, and Industrial Control Systems (ICS) teams as necessary. Oversee operational information systems security implementation programs. Coordinate with Information System Security Officer (ISSO) or PSO on approval of External Information Systems (e.g. guest systems, interconnected system with another organization). Oversee ISSOs to ensure they follow established policies and procedures and timelines. Ensure CM policies and procedures for authorizing the use of hardware/software on an IT system are followed. Any additions, changes or modifications to hardware, software, or firmware must be coordinated with the AODR prior to the addition, change or modification. ISSM shall have authority to veto any proposed change they feel is detrimental to security in boundaries under their purview. Appeals on an ISSM/ISSO veto may be taken to the AODR. Ensure approved procedures are used for sanitizing and releasing system components and media as necessary. Ensure proper measures are taken when cyber security incident or vulnerability is discovered. Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures. Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance. Manage, maintain, and execute the information security continuous monitoring plan. Ensure a record is maintained of all security-related vulnerabilities and ensure serious or unresolved violations are reported to the AODR; and assess changes to the system, its environment, and operational needs that could affect the security authorization. Other related tasks as assigned. Support information technology (IT) security goals and objectives and reduce overall organizational risk; Advise senior management (e.g., Chief Information Security Officer [CISO] and Chief Information Officer [CIO] on risk levels and security posture.); Advise appropriate senior leadership of changes affecting the organization's cybersecurity posture; Communicate the value of information technology (IT) security. Knowledge, Skills, and Abilities: Highly organized individual with exceptional communication skills, ensuring all stakeholders are consistently informed and updated as required. Excellent written and oral communication skills (writing samples may be requested). Attention-to-detail is critical, proven ability to look closely at your work to identify and correct errors, spot and improve weaknesses and produce a near-perfect end-result. Ability to identify problems, brainstorm and analyze answers, and implement the best solutions. Ability to develop and review security related procedures or processes and reports. Demonstrated ability to provide clear, precise, and factual information to senior leaders, team members, and external stakeholders. Capable of attending all customer-required meetings and promptly providing responses as requested. Familiarity with applicable regulations affecting Cyber Security NIST 800 Series Standards. Clearance: Must possess (or be able to obtain) a “Q” level security clearance. Education: A bachelor's degree in information technology systems, computer science, or related field and experience in information technology systems or related area. Relevant experience may be substituted for education on a year-for-year basis. Experience: 7+ years in IT security or related field. Authority to Operate Life Cycle (ATO), Risk Management, POAMS & Milestones Certification: Highly desired certifications: Certified Information System Security Professional (CISSP) Certified Information Security Manager (CISM) Benefits Covers 100% of employee benefit premiums, including Medical (PPO or HDHP Option), Vision, Dental Matching 401K Short- and Long-Term Disability Pet Insurance Professional Development/Education Reimbursement Parking and Transit Benefits for NY, NJ, ATL, and DC Metro areas Other Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

CULTURE SNAPSHOT: Broad River Retail is an organization of integrity, diversity and culture working together for the purpose of ‘ Furnishing Life's Best Memories' . At Broad River, we call all our employees “Memory Makers.” We do this because we know everyone that works for our Company has the power to make positive memories not only for our Guests, but also for their families, co-workers, and communities. We take pride in training and developing our teams so that they can provide a premier customer experience to every Guest. Our Memory Makers are the driving force that has led us to being the largest and fastest growing Ashley licensee in the U.S. and landing us on the Top Places to Work list two years in a row in our industry. AT A GLANCE: The IT Security Manager reports directly to the VP of IT/BI and is part of the IT/BI Department. The IT Security Manager is responsible for safeguarding the organization's digital assets by managing and monitoring, detecting, and responding to security threats. This role involves conducting risk assessments, managing incident responses, and implementing security protocols to ensure the integrity, confidentiality, and availability of enterprise systems and data. DAY IN THE LIFE AS THIS MEMORY MAKER: Monitor security networks and systems for breaches or suspicious activity. Respond to security incidents and conduct thorough investigations. Perform vulnerability assessments and penetration testing. Develop and implement security measures and protocols. Analyze security alerts and determine appropriate response actions. Collaborate with IT teams to ensure secure system configurations. Prepare regular security reports for management. Conduct security awareness training for staff. Lead and manage security-related projects and initiatives. WHAT YOU'LL NEED TO SUCCEED: Bachelor's degree in Computer Science, Information Technology, or related field. 5+ years of experience in cybersecurity or related roles. 3+ years of Information Technology Management or related field Certifications such as CISSP, CISM, CEH, or GIAC preferred. Strong understanding of cybersecurity frameworks (e.g., NIST, ISO-27001, PCI-DSS). Experience with SIEM, IDS/IPS, firewalls, and endpoint protection tools. Excellent analytical, problem-solving, and communication skills. Ability to lead security-related projects and initiatives. Clearly convey ideas, expectations, and feedback to teams, ensuring transparency and alignment across all levels. Build strong relationships and a positive work culture. Address and resolve conflicts within the team, mediating differences and finding mutually beneficial solutions. Inspire and encourage team members, fostering a sense of purpose and driving performance toward shared goals. Respond to change with flexibility and a positive outlook, guiding teams through transitions and unforeseen challenges. Distribute tasks effectively based on team strengths, ensuring optimal workload balance and empowering others to take ownership. Mentor and provide constructive feedback to help team members grow, enhancing their skills and career development. WORKPLACE ENVIRONMENT: While performing the duties of this job the employee is: Prolonged periods sitting at a desk and working on a computer. Must be able to lift up to 15 pounds at a time. WORK SCHEDULE OUTLINED ON SITE, HYBRID, REMOTE WITH EXPECTATIONS Ability to work independently, as well as, in a collaborative team environment within an office setting. Physical requirements such as extended periods of sitting and computer use may be required. Physical requirements such as extended periods of standing may be required. Ability to communicate effectively verbally, in writing, and/or electronically. Ability to use logical reasoning for simple and complex problem solving. Travel up to 20% of your time. In accordance with the Americans with Disabilities Act (ADA), reasonable accommodations may be made to empower individuals with disabilities to undertake the essential duties and responsibilities of the position. MEMORY MAKER PERKS & BENEFITS: Salary Range based on background, skill, and experience Medical, dental, vision, and life insurance options Paid time off and 401K matching contribution Employee discount (40%) at BRR locations Internal Opportunities for career growth and advancement OUR COMMITMENT TO YOU: Broad River Retail is committed to creating a place where everyone feels respected, valued, and able to reach their full potential. Regardless of race, gender, religion, sexual orientation, age, disability, or if you're parenting the next generation of Memory Makers, we firmly believe our work is at its best when everyone feels free to be their most authentic self.

Job Description We are looking for a Lead Information Security Architect who will be responsible for developing and maintaining a comprehensive information security architecture program and representing information security requirements for all technology solutions and business processes covering multiple technical disciplines, such as systems & networking infrastructure, DevOps, security, business applications, cloud security, and data architecture. The role oversees cybersecurity for our company's digital products, including software, firmware or products that contain code. This includes implementing a product security program designed to address cybersecurity across all stages of the product life cycle. This role identifies and oversees the mitigation of technical and operational threats; analyzes the security, supportability, and feasibility of new technology; and ensures conformance with regulatory guidelines and industry best practices. This position requires an extremely high level of analytical problem-solving skills to diagnose and resolve complex technical issues in addition to superlative process management and communication skills. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. To be Successful in this Role Develop an architectural vision to support the continued growth of the product suite Working knowledge of Data Security Best Practices: At Rest, In Flight, In Use Experience with privacy-enhancing technologies and encryption techniques. Working knowledge of cloud security architecture strategies, frameworks, and reference models Proven ability to develop effective partnerships with senior management and peer organizations. Must be able to explain technical concepts and problems to nontechnical senior executives Ability to build Risk Models and analyze security weaknesses in complex technology deployments. Provide security expertise and direction on projects related to cloud architecture and design, implementation, maintenance, governance, and risk management Work with governance teams to establish automated processes and best practices for AWS, Azure IAM policies, roles, identity federation, etc. Conduct automated (preferred) or manual security validation of cloud templates and/or cloud infrastructure Collaborate with business units and corporate partners to ensure they build solutions consistent with the organization's policies, programs, architectural recommendations, and information security standards Develop, establish, enforce, and sustain the Information Security Architecture, including standards and guidelines for infrastructure solutions and technologies, integration methodologies and practices, development processes, hardware platforms, and enterprise data design. Partner with stakeholders in building and implementing a robust, scalable, and agile information security architecture Partner with stakeholders in assessing the IT application & infrastructure portfolios today and design and execute the future state strategy to meet business objectives going forward. Make recommendations on the strategic use of technology for leveraging business results and work with stakeholders to incorporate these recommendations into appropriate roadmaps and life cycle plans. Anticipate and ensure alignment with long-term business requirements, ensuring identified change is reflected in the appropriate roadmaps, providing thought leadership both internally and externally Minimize the number of architectural components and total cost of ownership while maintaining maximum of functional flexibility, reliability, and security. Must be able to balance the role of strategist with urgency while simultaneously managing and delivering results in a growing and fast-paced environment. Must demonstrate the ability to manage via influence and have the credibility and interpersonal skills to become respected as a thought leader. Must be capable of articulating pragmatic, sensible, and simple solutions while executing across multiple business and technical perspectives. Act as a role model for service mentality, building long-term relationships with key internal customers and stakeholders, while remaining receptive to the customer's needs Facilitate and steward the documenting of the architecture design and analysis work, including the capture and mapping of the relationships between architecture components. You Will Have 8+ years' experience dedicated to information security architecture required with expert knowledge in building defense in-depth reference architecture Required industry security certification (e.g., CISSP, CISM, CISA, CCSP, etc.) Familiarity with information management practices, system development life cycle management, IT services management, agile and lean methodologies, infrastructure, and operations. Knowledge of business ecosystems, SaaS, infrastructure as a service (IaaS), platform as a service (PaaS), SOA, APIs, open data, microservices, event-driven IT and predictive analytics. Hands-on experience with Cloud Technologies AWS, Azure & GCP Good understanding of security management solutions, including IDS, IPS, SIEM, Vulnerability Scanning, Denial of Service, and Continued Compliance Experience with attacks and mitigation methods, with experience working in two or more of the following: Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, OS X, Android); Web application and browser security; Security assessments and penetration testing; Authentication and access control; Applied cryptography and security protocols; Security monitoring and intrusion detection, Incident response and forensics; Development of security tools, automation or frameworks Experience in managing and contributing to incident response Extensive experience in developing strategic information security plans, including the development of baseline security standards, information system hardening guides, and information security requirements documentation. Excellent analytical skills, organizational, time management, and problem-solving skills are essential.is work, including the capture and mapping of the relationships between architecture components.

Please note that this position is contingent upon the successful award of a contract currently under bid. A leader in cutting-edge research and technology in the cyber arena, CPMG focuses on using business drivers to guide cybersecurity activities and manage risk. CPMG offers flexible, integrative solutions for Department of Defense (DoD) contractors, among others, and specializes in cybersecurity, information and operational technology, electronic security surveillance, and support services. Summary: The Cybersecurity Architect will provide support at Marine Corps Base Camp Lejeune, NC. This position will assist in overseeing the security, operation, and administration of Industrial Control Systems (ICS) and Operational Technology (OT) solutions within the FRCS Cyber Operations Group. The ideal candidate will have a robust understanding of ICS/OT environments, Risk Management Framework (RMF) processes, and compliance with DoD, DoN, and USMC cybersecurity policies. Responsibilities Essential Job Functions: * Manage the ongoing operation, maintenance, and administration of ICS/OT systems, including Building Automation Systems (BAS), Water & Wastewater (W&WW) systems, HVSCADA, Metering, Lighting, and other systems as defined by CLNC PWD and the FRCS Cyber Operations Group * Conduct inspections and surveys of new and existing physical sites (buildings and locations) for ICS/OT Supervisory Controllers * Deliver survey findings to CLNC PWD to support the addition of new ICS/OT systems into the existing architecture * Assess and verify the installation and configuration of Supervisory Controllers to meet DoD, DoN, and USMC standards * Establish and maintain a model of properly installed ICS/OT Supervisory Controllers in a Testbed environment for reference and testing purposes * Configure Encrypt/Decrypt devices to establish secure connections to firewalls over MCEN using approved IPSec VPNs * Ensure new Supervisory Controllers connect securely via VPN and integrate successfully with the designated server * Monitor and update Encrypt/Decrypt devices to comply with operational and cybersecurity requirements * Design, deploy, and administer Nutanix Hyperconverged Virtual environments * Configure and maintain firewalls in alignment with RMF "Type" ATO/ATC requirements * Perform other duties as assigned Qualifications Necessary Skills and Knowledge: * Strong understanding of DoD, DoN, and USMC cybersecurity policies * Excellent problem-solving and analytical skills * Effective communicator and team collaborator Minimum Qualifications: * Master's Degree or 20 years C&A/A&A experience * Certified USMC Validator * Experience with USMC "Type" accreditations (ATO/ATC) for large architectures * Experienced with writing custom Cybersecurity policies for ICS/OT devices and systems * Expert in the USMC A&A process to include MCCAST 2.0, RMF, DFIA, and CNSSI 1253 * CNSS 4011, 4012, 4015, 4016A (Required) * Experience creating/managing POAMs * Experience with DISA STIGs * Experience interpreting/implementing standards and policies in accordance with NIST 800-53/DoDI 8510.01 * Experience with vulnerability/risk analysis * Experience conducting compliance assessments/validations as well as conceptualizing and implementing security systems and architectures * Expert in the creation and editing of White Papers, Briefs, Training Materials, and other documentation related to the technical solution developed at CLNC Preferred Qualifications: * ICS CERT Training (Desired): - Introduction to Control Systems Cybersecurity (101): * Intermediate Cybersecurity for Industrial Control Systems (201) * Intermediate Cybersecurity for Industrial Control Systems (202) * ICS Cybersecurity (301) * IAM Level 3 (CISSP Desired) Pay and Benefits At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.

Direct Hire REMOTE but must reside within 3 hours of Raleigh US Citizens, Green Card, Perm Resident (no sponsorship) This primarily remote role involves SAP Security Administration tasks of planning, coordination, execution, and production support. Currently on ECC, and should be moving to S4 Hana in the next couple years. The candidate needs to possess a complete understanding of industry practices regarding application principles, concepts, practices, and standards. The candidate will interact with senior internal and external personnel on significant matters often requiring coordination between organizations. Qualifications/Requirements: • Bachelor's degree with 5+ years of professional SAP technical experience • Minimum 5 years of experience in SAP Security • Experience with SAP NetWeaver, ABAP, and related technologies • Knowledge of database management systems (MS SQL Server) • Legal authorization to work in the U.S. (no visa sponsorship). • Experience with GRC Access Control 10.x minimum (with 12.0 preferred). • Strong communication and collaboration skills to work effectively with cross-functional teams. Preferred Qualifications: • Experience with SAP ECC HANA and MSSQL databases. • Some knowledge of SAP Basis (doesn't have to be current or hands on, just enough to interface with our outsourced Basis vendor). • Experience with HANA/FIORI Security. • Strong problem-solving, analytical, and communication skills. • Familiarity with cross-functional team dynamics. • Ability to work independently and with global teams.

360 IT Professionals is a Software Development Company based in Fremont, California that offers complete technology services in Mobile development, Web development, Cloud computing and IT staffing. Merging Information Technology skills in all its services and operations, the company caters to its globally positioned clients by providing dynamic feasible IT solutions. 360 IT Professionals work along with its clients to deliver high-performance results, based exclusively on the one of a kind requirement. Our services are vast and we produce software and web products. We specialize in Mobile development, i.e. iPhone and Android apps. We use Objective-C and Swift programming languages to create native applications for iPhone, whereas we use Android Code to develop native applications for Android devices. To create applications that work on cross-platforms, we use a number of frameworks such as Titanium, PhoneGap and Jquery mobile. Furthermore, we build web products and offer services such as web designing, layouts, responsive designing, graphic designing, web application development using frameworks based on model view controller architecture and content management system. Our services also extend to the domain of Cloud Computing, where we provide Salesforce CRM to effectively manage one's business and ease out all the operations by giving an easy platform. Apart from this, we also provide IT Staffing services that can help your organization to a great extent as you can hire highly skilled personnel's through us. We make sure that we deliver performance-driven products that are optimally developed as per your organization's needs. Take a shot at us for your IT requirements and experience a radical change. Job Description Below is the skillset details. Pls provide profiles ASAP. You may also consider the ones you shared with me on the other thread for PPD to see if there is a match. IT Security professional with at least 10 years of professional experience. Must be at least engineer level with desire to move to or currently at architect skill level. Technical experience and fluency should be in the below areas: • Firewall/UTM/IDPS - Fortigate • client server communication and flow in protocols like FTP, e-mail, web, DNS, etc. • Endpoint Protection - Symantec/TrendMicro • Identity and Access Management and Monitoring - Okta/Azure SSO • Security of data at rest and in motion • Knowledge of implications to security in SaaS, IaaS • Vulnerably and Threat Management - Qualysguard • Security Information and Event Management (SIEM) - HP Arcsight • Mobile device security Good communication skills, collaborative spirit, solid analytical skills, adaptability and flexibility to step into other areas outside of core skill set. Candidate should be passionate about security. Additional Information Thanks and Regards, Ankur Bhatia

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies As a Consultant or Senior Consultant, you will collaborate with cross-functional teams, including IT, security, and business units, to design and implement Google Cloud-based application innovation solutions. You will work alongside experienced cloud architects, data scientists, and other specialists, ensuring the successful delivery of scalable, cloud-native applications and AI-powered solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position the base salary pay ranges are listed below. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. East Bay, San Francisco, Silicon Valley: * Consultant: $120,000-$177,000 * Senior Consultant: $140,000-$203,000 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Consultant: $110,000-$162,000 * Senior Consultant: $130,000-$186,000 All other locations: * Consultant: $105,000-$148,000 * Senior Consultant: $115,000-$171,000 EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. We are accepting applications until 12/31.

E*Pro Consulting service offerings include contingent Staff Augmentation of IT professionals, Permanent Recruiting and Temp-to-Hire. In addition, our industry expertise and knowledge within financial services, Insurance, Telecom, Manufacturing, Technology, Media and Entertainment, Pharmaceutical, Health Care and service industries ensures our services are customized to meet specific needs. For more details please visit our website ****************** Job Description FULL TIME PERM JOB-GC/GC EAD/US Citizens As a key contributor of the Finance Systems Roadmap Security and Controls team, individual will be responsible for working with project teams to obtain security and control requirements for an end state SAP ERP solution. Business requirements will be used to configure a role based security design within various SAP applications. These SAP applications include ECC, BI, BPC, PI, Enterprise Portal, CE, Bank Analyzer, Solution Manager, and GRC. Individual will be responsible for day to day system security configuration tasks and user administration throughout all project lifecycles and production support. Individual should have strong communication skills, ability to lead or participate in project workshops, and ability to share or transfer technical knowledge to less experienced team members Qualifications Relevant Years of Experience: 4+ Total IT experience: 5-7 years (or lesser with technical knowledge) Must Have Technical Qualifications: - Strong communication skills to facilitate working in a dynamic project environment - Role design, configuration, testing, and deployment methodology within SAP application architecture - Detailed knowledge of ABAP and Java based authorizations within SAP applications - SAP ECC Profile Generator (single roles, master / derived roles, composite roles) - SAP BI analysis authorization concepts - SAP BPC security and administration - SAP Central User Administration configuration and administration - SAP GRC configuration and administration - SAP Enterprise Portal UME administration Additional Information All your information will be kept confidential according to EEO guidelines.

Piper Companies is seeking an Information Security Manager who will be responsible for developing, implementing, and maintaining the organization's information security program. This role ensures the confidentiality, integrity, and availability of data and systems by managing security policies, risk assessments, compliance initiatives, and incident response processes. The candidate will sit 3 days a week on-site in Raleigh, NC. Responsibilities for the Information Security Manager: * Develop and enforce security policies, standards, and procedures aligned with industry best practices * Lead risk assessments and vulnerability management programs * Manage security tools such as firewalls, SIEM, endpoint protection, and DLP solutions * Monitor and respond to security incidents, coordinating investigations and remediation * Lead and mentor a team of security analysts and engineers * Collaborate with IT, DevOps, and business units to integrate security into processes and Qualifications for the Information Security Manager include: * Bachelor's degree in computer science, Information Technology, Cybersecurity, or related field * 7+ years in information security roles, with at least 1-2 years in a leadership position * Certifications such as CISSP, CISM, or equivalent preferred * Strong knowledge of security frameworks (NIST, ISO 27001) * Expertise in network security, cloud security, and IAM Compensation of the Information Security Manager: * $120,000-$165,000 * Comprehensive Benefits: Medical, Dental, Vision, 401K, PTO, Sick Leave as required by law, and Holidays This job opens for applications on 12/12/2025. Applications for this job will be accepted for at least 30 days from the posting date. Information Security Manager, Risk Assessment, CISSP, CISM, NIST, network security, IAM, cloud security, leadership, firewall, DLP, Compliance, Hybrid #LI-HL1 #LI-HYBRID

Mount Laurel, New Jersey, United States of America **Hours:** 40 **Pay Details:** $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. **Line of Business:** Technology Solutions **:** The Manager Information Security manages / leads a team of Technology Controls / Information Security experts in the development and/ or management of relevant strategies, programs, tools, frameworks and policies and provides specialized oversight / control / governance activities for a key business line/segment or transformational (change the bank) strategic initiative / program, liaising across the organization and primarily interfacing with executive and/or functional stakeholders to minimize overall technology risks to the Bank for own area. **Job Description:** This position manages junior level penetration testers, vendor coordination for multiple testing services, processes, procedures and scheduling for penetration, dynamic scanning, and manual code review testing services. **Responsibilities:** + **Vendor Management:** Manage and coordinate penetration testing engagements with vendors. + **People Management:** Manage a team of Junior level penetration testers and their development. + **DAST:** Manage the DAST program and tooling. Familiarity with current industry tooling and technologies and those being introduced. + **Facilitate Penetration Tests:** Perform thorough and methodical penetration testing. + **Evaluate and Assign:** penetration tests to appropriate resources. + **Vulnerability Assessment:** Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. + **Report Findings:** Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. + **Develop Test Procedures:** Design and execute detailed test requirements. + **Stay Current:** Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. + **Collaborate with Teams:** Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements; work closely with advisory and SDLC pipeline teams to ensure compliance; work closely with PCS team to manage PCI testing requirements. This position will collaborate with many application security teams. + **Perform Risk Assessments:** Evaluate and assess potential security risks related to new and existing systems and technologies. + **Compliance:** Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies. + **Incidents:** Act as a testing SME on incident calls; support testers on the calls. **Depth & Scope:** + Advanced knowledge of Bank, technology standards and managing people / projects + Leads a small team of IT professionals; coaches/ educates, monitors and manages team members + Strong communication, negotiation and organizational skills specifically including the ability to present options in business terms to both IT and business staff including executives **Education & Experience:** + Bachelor's degree preferred + Information security certification / accreditation an asset + 7+ years of relevant experience **Preferred Qualifications :** + **Technical Skills:** + Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. + Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. + Penetration testing, DAST, Manual Code Review knowledge. + **Analytical Skills:** Strong analytical and problem-solving abilities with attention to detail. + **Organizational Skills:** Manage documents and procedures for testing team. + **Multi-tasking** : This job requires exceptional ability to multi-task with multiple workstreams to manage daily. + **Communication:** Excellent verbal and written communication skills, with the ability to convey complex technical concepts to non-technical stakeholders. + **Ethical Standards:** Demonstrated understanding of ethical hacking principles and a commitment to maintaining high ethical standards. + Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. + Familiarity with security standards and frameworks. + Previous experience managing and developing teams. + **Certifications:** Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. + Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities + Participate in computer security incident responses relevant to business (or enterprise wide) and represent respective function and Enterprise position to the business, and business needs to incident response team \#TDCyberSecurity #Hybrid **Physical Requirements:** Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% + Domestic Travel - Occasional + International Travel - Never + Performing sedentary work - Continuous + Performing multiple tasks - Continuous + Operating standard office equipment - Continuous + Responding quickly to sounds - Occasional + Sitting - Continuous + Standing - Occasional + Walking - Occasional + Moving safely in confined spaces - Occasional + Lifting/Carrying (under 25 lbs.) - Occasional + Lifting/Carrying (over 25 lbs.) - Never + Squatting - Occasional + Bending - Occasional + Kneeling - Never + Crawling - Never + Climbing - Never + Reaching overhead - Never + Reaching forward - Occasional + Pushing - Never + Pulling - Never + Twisting - Never + Concentrating for long periods of time - Continuous + Applying common sense to deal with problems involving standardized situations - Continuous + Reading, writing and comprehending instructions - Continuous + Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. **Who We Are:** TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. **Our Total Rewards Package** Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more (*************************************** **Additional Information:** We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. **Colleague Development** If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. **Training & Onboarding** We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. **Interview Process** We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. **Accommodation** TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at *************** . Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process. Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.

FLSA Status: Exempt Immediate Supervisor: CISO Date Revised: February 18, 2025 The Information Security Manager is a hands-on/ working manager position that defines, implements and monitors security policy for on-prem, cloud, and remote access deployments. The primary duty of the job is to maintain a security posture that allows the business to thrive while preventing a security breach. The IS Manager hires, retains, and trains an IS Engineer to assist with day-to-day duties. The IS team maintains on-premises firewall rules and active directory as well as overseeing vulnerability management. In the cloud, the IS Manager is responsible for designing security measures, and the IS team is responsible for their implementation and monitoring. The IS team also designs, implements, and maintains a remote access VPN for associates when working outside the corporate offices. Essential Functions: Demonstrate an understanding of all applications deployed, and data stored within the enterprise. Demonstrate an understanding of security measures that are in place and their role in securing the enterprise. Assess the threat of zero-day vulnerabilities and third-party risk to the enterprise. Take action to remediate such vulnerabilities. Effectively report status to executive management in terms of the threat level and associated risk. Assess risks related to general threat landscape. Identify, design and implement controls to mitigate those threats and prevent security breaches. Measure, monitor, and report on vulnerabilities that have been identified within the enterprise. Maintain on-premises firewall rules; maintain cloud security settings and restrictions; maintain remote access rules and restrictions. Identify new security related vendors as needed and assist in evaluating new and existing vendors from a security perspective. Participate and communicate effectively in external audits, third-party vulnerability scans, and regulatory examinations. Maintain, comply with, and develop Infovisa's policies, procedures, and strategies to provide a safe and efficient environment for Infovisa software to run and associates to work. Liaison with IT-ISAC, InfraGard, and other industry groups. Manage projects and create detailed technical documentation. Hire, train, mentor and manage associates on the security team. Qualifications: 10 years of information security experience required. Three years of management experience. Displays strong technical aptitude with IT Security, VPN, Endpoint Detection and Response, IIS, networking concepts and technologies, and other third-party and internally developed tools and technologies. Prefer familiarity with Check Point technologies. Prefer one or more applicable network security certifications. Valid driver's license. Four-year degree in information technology / systems, or computer science. Preferred Talents: Analytical and detailed. Effective communicator technically, in the board room, and with customers and coworkers. Organized. Independent with good judgment. Proven ability to multitask and prioritize projects. Self-directed and takes initiative. Working Environment: Mostly indoor work with occasional exposure to outdoor elements or hazards. Medium workload - lifting and/or carrying up to 20 pounds frequently and exerting up to 75 pounds of force occasionally. Some travel required. Weekend, evening and on-call. About Infovisa Infovisa is a leading provider of financial technology solutions delivered to forward-thinking trust, wealth management, and retirement professionals. Infovisa's solutions empower its clients to acquire new customers, invest assets effectively, manage trust and investment portfolios efficiently, and flexibly report results to customers. For more information about Infovisa, visit ***************** Follow us on LinkedIn. We are interested in every qualified candidate who is lawfully eligible to work in the United States. However, we are unable to sponsor visas. Infovisa, Inc. is an Equal Opportunity Employer.

Job Description FLSA Status: Exempt Immediate Supervisor: CISO Date Revised: February 18, 2025 The Information Security Manager is a hands-on/ working manager position that defines, implements and monitors security policy for on-prem, cloud, and remote access deployments. The primary duty of the job is to maintain a security posture that allows the business to thrive while preventing a security breach. The IS Manager hires, retains, and trains an IS Engineer to assist with day-to-day duties. The IS team maintains on-premises firewall rules and active directory as well as overseeing vulnerability management. In the cloud, the IS Manager is responsible for designing security measures, and the IS team is responsible for their implementation and monitoring. The IS team also designs, implements, and maintains a remote access VPN for associates when working outside the corporate offices. Essential Functions: Demonstrate an understanding of all applications deployed, and data stored within the enterprise. Demonstrate an understanding of security measures that are in place and their role in securing the enterprise. Assess the threat of zero-day vulnerabilities and third-party risk to the enterprise. Take action to remediate such vulnerabilities. Effectively report status to executive management in terms of the threat level and associated risk. Assess risks related to general threat landscape. Identify, design and implement controls to mitigate those threats and prevent security breaches. Measure, monitor, and report on vulnerabilities that have been identified within the enterprise. Maintain on-premises firewall rules; maintain cloud security settings and restrictions; maintain remote access rules and restrictions. Identify new security related vendors as needed and assist in evaluating new and existing vendors from a security perspective. Participate and communicate effectively in external audits, third-party vulnerability scans, and regulatory examinations. Maintain, comply with, and develop Infovisa's policies, procedures, and strategies to provide a safe and efficient environment for Infovisa software to run and associates to work. Liaison with IT-ISAC, InfraGard, and other industry groups. Manage projects and create detailed technical documentation. Hire, train, mentor and manage associates on the security team. Qualifications: 10 years of information security experience required. Three years of management experience. Displays strong technical aptitude with IT Security, VPN, Endpoint Detection and Response, IIS, networking concepts and technologies, and other third-party and internally developed tools and technologies. Prefer familiarity with Check Point technologies. Prefer one or more applicable network security certifications. Valid driver's license. Four-year degree in information technology / systems, or computer science. Preferred Talents: Analytical and detailed. Effective communicator technically, in the board room, and with customers and coworkers. Organized. Independent with good judgment. Proven ability to multitask and prioritize projects. Self-directed and takes initiative. Working Environment: Mostly indoor work with occasional exposure to outdoor elements or hazards. Medium workload - lifting and/or carrying up to 20 pounds frequently and exerting up to 75 pounds of force occasionally. Some travel required. Weekend, evening and on-call. About Infovisa Infovisa is a leading provider of financial technology solutions delivered to forward-thinking trust, wealth management, and retirement professionals. Infovisa's solutions empower its clients to acquire new customers, invest assets effectively, manage trust and investment portfolios efficiently, and flexibly report results to customers. For more information about Infovisa, visit ***************** Follow us on LinkedIn. We are interested in every qualified candidate who is lawfully eligible to work in the United States. However, we are unable to sponsor visas. Infovisa, Inc. is an Equal Opportunity Employer. Powered by JazzHR RoeJ7o0DcN