Security architect jobs in Yucaipa, CA

**Job Title:** Architecture, Cloud, and Engineering Lead **Duration:** 12 Month W2 Contract **Pay Range:** $65.50/hr **Role Summary:** The Architecture, Cloud, and Engineering Lead provides strategic guidance and direct leadership for the security architecture, cloud, and engineering functions at MNAO. This role is responsible for driving the strategic vision for secure systems and ensuring security is a foundational element in MNAO's technology stack. **Key Responsibilities:** + Provides strategic guidance and direct leadership for the Security Architect, Security Engineer, and AppSec Analyst DAST roles. + Develops and implements MNAO's data security strategy in collaboration with the data security team. + Sets the cybersecurity architecture strategy for MNAO in conjunction with MNAO's Enterprise Architect. + Ensures new architectures and engineering initiatives are inherently resilient and recoverable (Resilience and Recoverability in Design). + Ensures MNAO's cybersecurity strategy is built with Global Mazda team considerations. + Interfaces with MNAO's key infrastructure, platform, and application development teams. **Qualifications:** + Bachelor's degree in Computer Science, Information Security, or a related field. + 8+ years of experience in security architecture and engineering, with at least 3 years in a leadership role. + Deep expertise in cloud security (e.g., AWS, Azure, GCP), network security, and application security. + Strong understanding of Security-by-Design principles and enterprise architecture. + Experience with secure SDLC methodologies. + Relevant certifications such as CISSP, CCSP, or TOGAF. **Reports to:** Chief Information Security Officer (CISO) If this is a role that interests you and you'd like to learn more, click apply now and a recruiter will be in touch with you to discuss this great opportunity. We look forward to speaking with you! **About ManpowerGroup, Parent Company of:** **Manpower, Experis, Talent Solutions, and Jefferson Wells** _ManpowerGroup (NYSE: MAN), the leading global workforce solutions company, helps organizations transform in a fast-changing world of work by sourcing, assessing, developing, and managing the talent that enables them to win. We develop innovative solutions for hundreds of thousands of organizations every year, providing them with skilled talent while finding meaningful, sustainable employment for millions of people across a wide range of industries and skills. Our expert family of brands -_ **_Manpower, Experis, Talent Solutions, and Jefferson Wells_** _-_ creates substantial value for candidates and clients across more than 75 countries and territories and has done so for over 70 years. We are recognized consistently for our diversity - as a best place to work for Women, Inclusion, Equality and Disability and in 2022 ManpowerGroup was named one of the World's Most Ethical Companies for the 13th year - all confirming our position as the brand of choice for in-demand talent. ManpowerGroup is committed to providing equal employment opportunities in a professional, high quality work environment. It is the policy of ManpowerGroup and all of its subsidiaries to recruit, train, promote, transfer, pay and take all employment actions without regard to an employee's race, color, national origin, ancestry, sex, sexual orientation, gender identity, genetic information, religion, age, disability, protected veteran status, or any other basis protected by applicable law.

**About Us** We are a global leader in outdoor sports, golf simulation, and cycling/ power sports equipment, delivering innovative products and digital experiences to athletes and enthusiasts worldwide. Our technology ecosystem spans retail, e-commerce, connected devices, SaaS platforms, and manufacturing systems. Protecting our customers, intellectual property, and operations is essential to maintaining trust and enabling innovation. **Role Overview** We are seeking a Principal Security Architect who will own enterprise security architecture strategy and execution across a complex global landscape. This is not a maintenance role-it's a change leadership position for someone who thrives on solving complex problems, challenging assumptions, and driving transformation. You will work alongside senior IT and business leaders to design and implement enterprise and security architectures that enable innovation and accelerate top-line growth. This role demands autonomy, influence, and the ability to lead engineers through discovery, design, and delivery. **Key Responsibilities** **Enterprise Architecture Leadership** + Define anddrive enterprise-wide security architecture strategy, ensuring alignment with business objectives and growth initiatives. + Influencenetwork and compute architecture decisions to embed security into foundational design. + Champion acloud-first strategy, guiding migration and modernization efforts across hybrid and on-prem environments. + Develop reference architectures, standards, and design patterns that embed security into every layer of our technology stack. **Engineering & Technical Execution** + Lead engineers throughdiscovery and design workshops, translating business priorities into actionable security solutions. + Provide hands-on technical leadership in solution selection and integration (IAM, PAM, SIEM, EDR, cloud security, data security, DevSecOps pipelines). + Oversee proof-of-concept and pilot deployments of new security technologies, ensuring scalability and performance. **Business Partnership & Influence** + Collaborate with senior IT and business leaders toalign security architecture with revenue-driving initiatives. + Influence stakeholders by clearly articulating trade-offs between security, usability, and cost. + Act as a trusted advisor to product, engineering, and business teams during digital transformation efforts. **Governance & Risk Alignment** + Translate regulatory and compliance requirements (PCI-DSS, SOC2, ISO 27001, GDPR, CCPA) into practical security controls. + Participate in security design reviews, risk assessments, and threat modeling for critical projects. + Ensure architectural alignment with enterprise risk management and business continuity objectives. **What We're Looking For** + Relentless problem-solver who thrives in ambiguity and challenges the status quo. + Someone that can envision an effective and efficient technical landscape and then align resources to deliver. + Ability toinfluence without authority and rally teams around a bold vision. + Comfortable makinghigh-impact decisions and owning outcomes. **Qualifications** + Proven track record ofleading enterprise security transformations and delivering measurable improvements. + Deep expertise in cloud-native (AWS, Azure, GCP), hybrid, and on-prem environments. + Strong understanding of identity & access management, zero-trust models, DevSecOps, and container security. + Familiarity with MITRE ATT&CK, NIST CSF, and security design principles. + Excellent communication and stakeholder management skills. **Preferred Experience** + Security leadership in global manufacturing, retail, e-commerce, or supply chain environments. + Hands-on experience with API security, payment security (PCI-DSS), and secure mobile applications. + Knowledge of security automation and orchestration (SOAR) and infrastructure-as-code security (Terraform, CloudFormation). + Simplification of complex legacy landscapes. **Certifications** Certifications are valued but demonstrated experience in driving change and leading architecture at scale is essential. **Why This Role Matters** This is a strategic leadership position that will shape the future of our security posture and enable innovation across the enterprise. Your work will directly impact customer trust, operational resilience, and top-line growth. **Location** This role will be in either Orange County or San Diego County in California. Out of the area candidates will not be considered. \#LI-CD1 **Pay Range:** $123,200.00 - $162,800.00 The actual annual salary offered to a candidate will be based on variables including experience, geographic location, education, and skills/achievements, and will be mutually agreed upon at the time of offer. We offer a highly competitive salary, comprehensive benefits including: medical and dental, vision, disability and life insurance, 401K, PTO, paid holidays, gear discounts and the ability to add value to an exciting mission! Our Postings are not intended for distribution to or use in any jurisdiction, country or territory where such distribution or use would violate local law or would subject us to any regulations in another jurisdiction, country or territory. We reserve the right to limit our Postings in any jurisdiction, country or territory. Equal Opportunity Employer Minorities/Females/Protected Veteran/Disabled **Revelyst is a collective of makers that design and manufacture performance gear and precision technologies. Our category-defining brands leverage meticulous craftsmanship and cross-collaboration to pursue new innovations that redefine what is humanly possible in the outdoors. Portfolio brands include Foresight Sports, Bushnell Golf, Fox, Bell, Giro, CamelBak, Bushnell, Simms Fishing and more.** Revelyst is an equal opportunity employer. All applicants are considered for employment without regard race, color, religion, sexual orientation, gender identity, national origin, disability, veteran status, and any other characteristics protected by law. The EEO Law poster is available here: **************************************************************** If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to ******************** . Please note that this email address is for accommodation purposes only. Revelyst will not respond to inquiries for other purposes.

Sr. Information Security Engineer External Description: Alignment Healthcare is a data and technology driven healthcare company focused on partnering with health systems, health plans and provider groups to provide care delivery that is preventative, convenient, coordinated, and that results in improved clinical outcomes for seniors. We are experiencing rapid growth (backed by top private equity firms), and our team is looking for the best and brightest individuals. We love our customers and understanding them better makes it possible to provide the best clinical outcomes and care experience. Are you an Information Security Engineer with experience in automation, cloud technologies, and endpoint security? Would you like to work in an environment where your skills can be utilized effectively, and you have opportunities to make significant impact? If you are passionate about security and can reduce risk in practical ways that scale, we want to hear from you! Major Responsibilities Contributes to the daily operational aspects of the Information Security Team, primarily from a technical implementation perspective. Assists with break/fix of tools and automation that are owned by the Information Security Team. Works with internal and external customers on a variety of issues, from a simple security review of a mundane and routine ask, to a complex deep dive into a new feature implementation in O365, Azure, or AWS. Balances operational work (approximately 70% of the day) to help meet team SLAs, and project work (approximately 30% of the day) to meet assigned team deliverables. Contributes to the design, implementation, and documentation of new security tools. Collaborates with other internal information technology teams (networking, cloud, traditional architecture, developers, and data scientists) to support internal and external systems. Utilizes scripting and DevOps to provide automation and orchestration between: information security tools, such as the SIEM (Logstash, FortiSIEM, IBM QRadar, etc.); endpoint protection (Symantec, McAfee, Cylance, CrowdStrike Falcon, etc.); vulnerability scanners (Rapid7, Nessus, etc.); patch management (SCCM, Altiris, PDQ, etc.); other applications; OS' (Windows, MacOS, Linux, iOS, Android); cloud platforms (AWS, Azure); and IAM platforms (Active Directory, Okta, Auth0, PingIdentity, SAML, OIDC). Clearly documents designed automation and system relationships. Contributes and participates in the Information Security Team daily stand-ups and other meetings as necessary. Participates in regular reporting, maintaining accountability and transparency within the Information Security Team. Remains current on industry trends in cyber risk with industry standards (ISO 27001/2, NIST, CIS) and regulatory requirements (HIPAA, HITECH, HITRUST, etc.) Technical knowledge of common information security tools and systems: DLP, MAM/MDM, Firewall/VPN, endpoint protection, PKI, RBAC, IAM, etc. Demonstrated practical experience with one or more programming or scripting languages. (PowerShell, Python, C#, VB, VBA, Ruby, NodeJS, SQL, etc.) We're not picky, but you must be able to deliver practical automation! Demonstrated practical experience with one or more of the major cloud providers (AWS, Azure, GCP). Excellent oral and written communication skills, and an ability to present and discuss technical information in a way that establishes rapport and trust. Detail orientated, with an ability and desire to build to 100%, but being ok with building to 90% as tasked. An ability to be productive as an individual contributor with little supervision to meet agreed upon deliverables. Preferred Prior experience in the healthcare or a related HIPAA regulated industry. A working knowledge of the NIST CSF and/or CIS Critical Security Controls (CSC). A working knowledge of Git and GitHub. Previous experience contributing to projects using agile tools (Jira, Azure DevOps, Pivotal) and processes (Scrum, Kanban). One or more cloud security certifications. Education Bachelor's degree in Computer Science, Computer Engineering, or related technical discipline, and/or equivalent work experience. 3+ years' experience working in a technical, hands-on, information security role. One or more current security related certifications (e.g., CISSP, SANS GIAC, etc.) City: Orange State: California Location City: Orange Schedule: Full Time Location State: California Community / Marketing Title: Sr. Information Security Engineer Company Profile: Alignment Healthcare was founded with a mission to revolutionize health care with a serving heart culture. Through its unique integrated care delivery models, deep physician partnerships and use of proprietary technologies, Alignment is committed to transforming health care one person at a time. By becoming a part of the Alignment Healthcare team, you will provide members with the quality of care they truly need and deserve. We believe that great work comes from people who are inspired to be their best. We have built a team of talented and experienced people who are passionate about transforming the lives of the seniors we serve. In this fast-growing company, you will find ample room for growth and innovation alongside the Alignment community. EEO Employer Verbiage: On August 17, 2021, Alignment implemented a policy requiring all new hires to receive the COVID-19 vaccine. Proof of vaccination will be required as a condition of employment subject to applicable laws concerning exemptions/accommodations. This policy is part of Alignment's ongoing efforts to ensure the safety and well-being of our staff and community, and to support public health efforts. Alignment Healthcare, LLC is proud to practice Equal Employment Opportunity and Affirmative Action. We are looking for diversity in qualified candidates for employment: Minority/Female/Disable/Protected Veteran. If you require any reasonable accommodation under the Americans with Disabilities Act (ADA) in completing the online application, interviewing, completing any pre-employment testing or otherwise participating in the employee selection process, please contact ******************.

Sr. Cloud Security Architect - (250000OA) Description Who We AreThrough our service brands Hyundai Motor Finance, Genesis Finance, and Kia Finance, Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai, Genesis, and Kia customers and dealerships. We provide vehicle financing, leasing, subscription, and insurance solutions to over 2 million consumers and businesses. Embodying our commitment to grow, innovate, and diversify, we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a values-driven company dedicated to supporting both internal and external communities through volunteering, philanthropy, and the empowerment of our Employee Resource Groups. Together, we strive to be the leader in financing freedom of movement. We Take Care of Our PeopleAlong with competitive pay, as an employee of HCA, you are eligible for the following benefits:· Medical, Dental and Vision plans that include no-cost and low-cost plan options· Immediate 401(k) matching and vesting· Vehicle purchase and lease discounts plus monthly vehicle allowances· Paid Volunteer Time Off with company donation to a charity of your choice· Tuition reimbursement What to ExpectThe Sr. Cloud Security Architect is a strategic technical leader responsible for designing and implementing secure cloud architecture across multiple platforms and service models. This role ensures that enterprise cloud environments-including SaaS, PaaS, and IaaS-are resilient, compliant, and aligned with cybersecurity standards. The architect will work closely with the IT Infrastructure Platform team to integrate security into infrastructure services and cloud-native platforms, including securing the Microsoft 365 (M365) ecosystem. This role will champion the adoption of Zero Trust principles and industry best practices, working cross-functionally to elevate the organization's cloud security posture. What You Will Do1. Cloud Security Architecture & Design:· Design Secure Cloud Infrastructure Environments: design and implement secure cloud architecture across AWS, OCI, GCP and other platforms. · Assess and Secure IaaS, PaaS, SaaS solutions: Identify cybersecurity risk and remediation activities to ensure our SaaS solutions such a Salesforce, M365, and other solutions are aligned with industry's best practices to ensure the security of our data stored and processed within these services. · Secure AI Utilization: design and implement security controls for AI/ML workloads in cloud environments, including securing model training pipelines, protecting sensitive data, and mitigating risks associated with adversarial AI, model drift, and generative AI misuse. · Develop reference architectures and security patterns that align with Zero Trust principles. · Lead threat modeling and risk assessments for cloud and hybrid workloads. 2. Cloud Security Engineering, Implementation and Operations Support:· Cloud Security Solution Management: manage and monitor our cloud native security solutions and monitoring tools to ensure optimal performance and visibility. · Provide Support and Guidance for Security Operations: Provide technical leadership and guidance to our Security ops teams and lead incident responses related to Cloud security events. · Review, monitor and Optimize: review current Cloud solution implementations, optimize cloud security utilization and improve efficiency and integration when possible. Create continuous monitoring of Cloud Security Compliance. · Collaborate with infrastructure and DevOps teams to implement security controls including IAM, encryption, segmentation, and monitoring. · Integrate cloud security tools (CSPM, CWPP, CIEM) into CI/CD pipelines and runtime environments. · Drive automation and infrastructure-as-code (IaC) practices using tools. · Define cloud security monitoring requirements and integrate with SIEM and SOAR platforms. · Support incident response and forensic investigations related to cloud and hybrid environments. · Conduct root cause analysis and recommend architectural improvements to prevent recurrence. 3. Collaboration and Innovation:· Cross-Functional Collaboration: Partner with IT Infrastructure and IT Application teams, DevOps, IAM, DLP, Security Operations, Information Protection Governance and business units to integrate security into digital transformation initiatives, such as cloud migrations, fintech innovations, and core banking systems. · Technology Evaluation: Research and evaluate emerging cybersecurity technologies (e. g. , AI-driven threat detection, PasswordLess authentication) to enhance architectural resilience and efficiency. · Automation and Orchestration: Design automated security workflows using tools like SOAR platforms (e. g. , Splunk SOAR, Palo Alto Cortex) to improve incident response and operational efficiency. · Knowledge Sharing: Mentor junior architects and engineers, sharing best practices and fostering a culture of security awareness across the organization. · Act as a subject matter expert (SME) for cloud and hybrid security across the enterprise. · Influence strategic decisions around cloud adoption, migration, and modernization with a security-first mindset. 4. Compliance and Regulatory Alignment:· Regulatory Compliance: Ensure cloud security architecture meets financial regulations (e. g. , PCI DSS, GDPR, Korean SOX, FFIEC, NYDFS) through secure design, documentation, and audit-ready configurations. · Policy Development: Contribute to the development of cybersecurity policies and standards, ensuring architectural designs align with regulatory and organizational requirements. · Vendor Evaluation: Assess third-party vendors and Managed Security Service Providers (MSSPs) for compatibility with architectural designs and compliance needs· Promote and enforce industry best practices for cloud security architecture, operations, and governance. 5. Documentation and Reporting:· Architecture Documentation: Create and maintain detailed architectural diagrams, design documents, standards and runbooks to support implementation, audits, and incident response. · Executive Communication: Present architectural designs, risk assessments, and recommendations to the Director of Cybersecurity, CISO, and senior leadership, articulating business impacts. · Metrics and Validation: Develop metrics to validate architectural effectiveness (e. g. , threat detection coverage, compliance adherence) and drive continuous improvement. Qualifications What You Will Bring· Minimum 8 years progressive experience in cybersecurity with proven knowledge in cloud security architecture or engineering role designing secure cloud native systems. · 3+ years of experience in financial services, with a strong understanding of financial threats (e. g. , fraud, data breaches) and regulations (e. g. , PCI DSS, Korean SOX, GDPR). · Hands-on experience architecting secure network, cloud, and SaaS environments in complex, regulated industries. · Bachelor's degree in computer science, Information Security, or related field; Master's degree preferred· At least one of the following: CISSP, CCSP, CISM, TOGAF, or equivalent. · Hands-on security testing experience in cloud platforms, especially AWS and M365. · Cloud security certifications such as:o AWS Certified Security - Specialtyo Microsoft Azure Security Engineero Microsoft 365 Securityo Google Professional Cloud Security Engineero Other comparable certifications. Technical Skills:· Technical expert with deep experience in financial services, a strategic mindset, and the ability to align cybersecurity architecture with business objectives. · Expertise in network security (e. g. , NGFW, IDS/IPS, VPNs) and cloud security (AWS, Azure, Google Cloud, Oracle Cloud)· Proficiency in Microsoft 365 Security Tools: Microsoft Defender, Intune, Azure AD (Entra), ADFS· Knowledge of security frameworks such as NIST, ISO 27001, and COBIT. · Strong knowledge of Cloud Native Security solutions and monitoring technology - (AWS CloudTrail, SecurityHub, GuardDuty)· Experience with secure software development lifecycles (SDLC) and DevSecOps practices. · Familiarity with automation and scripting (e. g. , Python, PowerShell, Terraform) for infrastructure-as-code and security orchestration. · Hands-on experience with cloud security posture management (CSPM) and workload protection platforms. · Proficiency in IAM frameworks (RBAC, MFA, PAM) and DLP technologies (data classification, policy enforcement). · Strong knowledge of SIEM (e. g. , Splunk), SOAR, and threat intelligence platforms for architectural integration. · Deep experience in the design and implementation of robust security architectures for SaaS platforms, ensuring secure integration, data protection, and compliance with industry standards such as SOC 2, ISO 27001, and others. · Experience designing and implementing security controls for AI/ML workloads in cloud environments. · Knowledge of financial systems (e. g. , core banking platforms, payment gateways) and their security requirements. Soft Skills:· Strong problem-solving skills to address complex architectural challenges. · Excellent communication skills to articulate technical concepts to technical and non-technical stakeholders. · Strategic thinker with the ability to align cybersecurity architectures with business and regulatory goals. Preferred· Experience with AI-driven cybersecurity tools (e. g. , ReliaQuest GreyMatter, Rapid7, etc. ) for threat detection and response. · Familiarity with zero-trust architectures and emerging technologies, such as SASE or decentralized identity. · Knowledge of data encryption, tokenization, and secure API design for financial applications. · Experience working with MSSPs to integrate external security services. · Understanding of threat modeling frameworks. Work EnvironmentEmployees in this class are subject to extended periods of sitting, standing, and walking, vision to monitor and moderate noise levels. Work is performed in an at home and office environment. The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location, and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range. California Privacy NoticeThis notice only applies to our applicants who reside in the State of California. The latest version of our Privacy Policy can be found here. This Privacy Policy provides you with notice, at or before the point of collection, about the categories of personal information to be collected from you, the purposes for which your personal information is collected or used, and whether that information is sold or shared, so that you can exercise meaningful control over our use of your personal information. We are providing this notice to comply with the California Consumer Privacy Act of 2018, as amended as amended by the California Privacy Rights Act of 2020 (“CCPA”). If you have any questions about CCPA regarding California residents or HCA team members, please contact the Privacy Team at Privacy2@hcs. com. Primary Location: United States-California-IrvineWork Locations: Headquarters 1 3161 Michelson Dr. Ste 1900 Irvine 92612Job: IT ApplicationJob Type: RegularOvertime Status: ExemptSchedule: Full-time Minimum Salary: $132,000. 00Maximum Salary: $204,600. 00Job Posting: Dec 1, 2025

“I can succeed as a Lead AI Security Engineer at Capital Group” As a Lead AI Security Engineer, you will be responsible for securing Capital Group's enterprise AI Platforms. You will help enable Capital Group's AI strategy by building and/or procuring solutions to protect a diverse set of enterprise AI platforms being built and deployed at Capital Group. You'll collaborate with platform engineering, security engineering, and risk teams to ensure their solutions support scalable, secure adoption of AI. Additionally, you'll be expected to provide mentoring, advising diverse teams across the organization, and promoting AI Security principles across Capital Group. AI Security Procurement Managements: You will procure and/or build technical solutions to reduce the risk of misconfiguration, exploitation, and other security issues for multiple enterprise AI platforms. Embedding Security in the AI Platform Ecosystem: Working closely with platform teams to integrate security into every component of the AI Platform. Implementing Security Controls & “Guardrails” for GenAI: Designing, deploying, and operating technical controls to prevent misuse of AI systems. Guardrails design includes content filtering systems, usage policies, and safety checks that mitigate issues like prompt injection attacks, unauthorized data extraction, model bias or hallucinations, and other misuse of generative AI platforms. AI Runtime Security: Engineer continually tests and updates to the guardrails, replacing weaker controls with more robust solutions as threats evolve. AI Governance: You will work cross functionally with architecture and platform teams to monitor alignment of solutions to AI Governance processes Contribute to Standards and Policies: You will provide thought leadership for Information Security policies and standards for AI in collaboration with technology risk AI/Agent SME: You will provide AI/Agent subject matter expertise for AI Incidents and Security Reviews, and help develop incident response playbooks for AI-related security incidents “I am the person Capital Group is looking for.” You have 8+ years of experience in information security, application security, platform security, or penetration testing, DevSecOps, network security and other security disciplines. You have experience securing AI platforms, whether internal AI platforms or offerings such as CoPilot Studio, Amazon Bedrock, and/or Azure AI Gateway Proficient in Programming & ML Tool. Strong Python skills required, with experience in AI/ML frameworks. Ability to review and write ML code to implement security measures (e.g., model validation, adversarial testing) is desired. You have 5+ years of relevant professional experience or demonstrated an equivalent level of expertise in security engineering, such as cloud, API, or platform security. You have 3+ years of experience embedded identity, network, and encryption controls into enterprise platforms You can effectively partner and collaborate with stakeholder teams. You have effective communication skills and the ability to outline security risks to leadership. You are familiar with cloud and API security vendors and managed services providers. Preferred Qualifications: You have knowledge and experience with technologies including Kubernetes, Containers, CI/CD, and Cloud Service Providers You are familiar with function and purpose of key AI platform components such as AI gateways (Kong, Databricks Mosaic AI Gateway, custom API orchestration), Model Orchestration (Examples LangChain, LlamaIndex, etc.) You are familiar with key AI regulatory frameworks such as NIST AI RMF, MITRE ATLAS, GDPR, EU AI Act, etc You have information Security certifications (CISSP, SANS GIAC, CISA, etc.) Southern California Base Salary Range: $173,211-$277,138San Antonio Base Salary Range: $142,394-$227,830New York Base Salary Range: $183,613-$293,781 In addition to a highly competitive base salary, per plan guidelines, restrictions and vesting requirements, you also will be eligible for an individual annual performance bonus, plus Capital's annual profitability bonus plus a retirement plan where Capital contributes 15% of your eligible earnings. You can learn more about our compensation and benefits here. * Temporary positions in Canada and the United States are excluded from the above mentioned compensation and benefit plans. We are an equal opportunity employer, which means we comply with all federal, state and local laws that prohibit discrimination when making all decisions about employment. As equal opportunity employers, our policies prohibit unlawful discrimination on the basis of race, religion, color, national origin, ancestry, sex (including gender and gender identity), pregnancy, childbirth and related medical conditions, age, physical or mental disability, medical condition, genetic information, marital status, sexual orientation, citizenship status, AIDS/HIV status, political activities or affiliations, military or veteran status, status as a victim of domestic violence, assault or stalking or any other characteristic protected by federal, state or local law.

Job DescriptionDescription: Aspire General Insurance Company and its affiliated general agent, Aspire General Insurance Services, are on a mission to deliver affordable specialty auto coverage to drivers without compromising outstanding service. Our company values can best be described with ABLE: to always do the right thing, be yourself, learn and evolve, and execute. Join our team where every individual takes pride in driving their role for shared success. JOB SUMMARY: Aspire General Insurance, a leader in non-standard auto insurance, is seeking a hands-on and strategic Director of Information Security to develop, implement, and maintain the company's information security program. This role is responsible for protecting sensitive customer data, ensuring compliance with regulatory standards, and strengthening our overall cyber risk posture in a cloud-native, AI-enabled environment. Key Responsibilities: Develop and lead the enterprise-wide information security strategy, including governance, risk management, threat detection, and incident response. Manage and mature security operations, vulnerability management, and access controls. Own compliance with regulatory frameworks (e.g., NAIC Model Law, GLBA, PCI-DSS, SOC 2) relevant to the insurance industry. Collaborate with IT, legal, and claims teams to embed security into infrastructure, applications, and third-party vendor relationships. Oversee risk assessments, penetration testing, and security audits; prioritize and remediate findings. Lead response to security incidents, including detection, containment, communication, and recovery. Evaluate and implement modern security technologies, particularly in cloud environments (e.g., Azure security tools). Educate employees on security awareness and develop policies for secure use of systems and data. Supervise and grow a small but high-performing InfoSec team and contractors. Requirements: Qualifications: 8+ years in information security roles, with at least 3 years in a leadership capacity. Deep knowledge of cybersecurity principles, risk frameworks, and regulatory requirements. Experience with cloud security (AWS or Azure), identity and access management (IAM), SIEM tools, endpoint protection, and zero trust architectures. Track record of managing security programs in regulated industries such as financial services or insurance. Familiarity with third-party risk management and secure SDLC practices. Excellent communication and incident-handling skills. Knowledge of SOC 2, ISO 27001, and/or NIST frameworks. Bachelor's degree in Information Security, Computer Science, or related field (CISSP, CISM, or similar certification strongly preferred). Preferred Experience: Experience working with or securing AI/ML platforms and data pipelines. Experience with security considerations in insurance claims and policy systems (e.g., PII, policy documents). Benefits: Medical, Dental, Vision, HSA*, PTO, 401k, Company Observed Holidays Individuals seeking employment at Aspire General Insurance Services LLC are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation in accordance with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements. *Dependent on plan selected

_corporate_fare_ Google _place_ Alberta, CA; British Columbia, CA; +3 more; +2 more _laptop_windows_ Remote eligible **Mid** Experience driving progress, solving problems, and mentoring more junior team members; deeper expertise and applied knowledge within relevant area. _info_outline_ XNote: Google's hybrid workplace includes remote roles. By applying to this position you will have an opportunity to share your preferred working location from the following: **Remote locations: Alberta, CA; British Columbia, CA; Ontario, CA; Quebec, CA.** **Minimum qualifications:** + Bachelor's degree in Computer Science, Information Systems, Cybersecurity, related technical field, or equivalent practical experience. + 5 years of experience assessing and developing cybersecurity solutions across multiple security domains. + 2 years of experience with techniques and tools used for web application, and network security testing. + Experience delivering end-to-end offensive security testing engagements. **Preferred qualifications:** + Certifications related to offensive security including OSWE, BSCP, CWEE, OSCP or relevant SANS courses. + 2 years of experience with bug bounty programs. + Experience in four or more of the following: application security, offensive security testing, developing applications, source code review, exploit development, network protocols, system and network administration, security consulting. + Experience implementing or assessing information security implementation or assessment of security controls. + Experience in software or web development. **About the job** As a Security Consultant, you will be responsible for helping clients effectively prepare for, proactively mitigate, and detect and respond to cyber security threats. Security Consultants have an understanding of computer science, operating system functionality and networking, cloud services, corporate network environments and how to apply this knowledge to cyber security threats. As a Security Consultant, you could work on engagements including assisting clients in navigating technically complex and high-profile incidents, performing forensic analysis, threat hunting, and malware triage. You may also test client networks, applications and devices by emulating the latest techniques to help them defend against threats, and will be the technical advocate for information security requirements and provide an in-depth understanding of the information security domain. You will also articulate and present complex concepts to business stakeholders, executive leadership, and technical contributors and successfully lead complex engagements alongside cross functional teams. As a Mandiant proactive services team member, you will be responsible for assessing and advising clients on both technical and process-based controls for all manner of environments. You will perform web application security assessments as well as other technical cyber assessments including external pen testing, and mobile application testing. You will expand the team's capabilities through tool creation, research on offensive techniques, incorporation of threat actor intelligence, internal presentations, and knowledge sharing. Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone. (British Columbia & Canada-Remote Only*) The British Columbia base salary range for this full-time position is CAD 152,000-156,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. *Note: Disclosure as required by Bill 13 Please note that the compensation details listed in Canada role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more aboutbenefits at Google (************************************************************ . **Responsibilities** + Conduct high quality external network and web application assessments in an independent manner. Take an active role in cloud and mobile application testing. + Develop comprehensive and accurate reports and presentations for both technical and executive audiences. + Recognize and safely utilize attacker tactics, techniques, and procedures. + Communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel. + Travel up to 20% of the time as needed. Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google'sApplicant and Candidate Privacy Policy (./privacy-policy) . Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy (******************************************************* ,Know your rights: workplace discrimination is illegal (**************************************************************************** ,Belonging at Google (******************************** , and How we hire (**************************************** . If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form (*************************************** . Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting. To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes. Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also ******************************* and ************************************************************* If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form: ***************************************

This role is Hybrid, 3 days a week to any local, US based UL Solutions Office. We are seeking a highly skilled Cloud Security Engineer with strong Application Security expertise to join our security architecture team. This role will be responsible for designing, implementing, and maintaining secure cloud environments and applications across multi-cloud platforms, with a focus on Azure. The ideal candidate will have hands-on experience with cloud-native security tools, DevSecOps practices, and compliance frameworks such as NIST 800-53, SOC 2, and CIS Controls. Cloud Security Engineering + Design and implement security controls for cloud infrastructure (Azure, AWS, GCP). + Develop and maintain security architecture patterns (e.g., hub-and-spoke, Zero Trust). + Integrate security tools such as Wiz, Microsoft Defender for Cloud, Silverfort, and Terraform. + Conduct threat modeling and risk assessments for cloud-native services. + Collaborate with IAM, SOC, and GRC teams to align cloud security with enterprise policies. Application Security + Perform secure code reviews, static/dynamic analysis, and vulnerability assessments. + Integrate security into CI/CD pipelines using tools like Snyk, Checkmarx, or Veracode. + Guide development teams on secure coding practices and OWASP Top 10. + Design and implement API security strategies including OAuth2, OpenID Connect, and mTLS. + Support remediation of application vulnerabilities and provide technical guidance. Compliance & Governance + Map cloud and application security controls to compliance frameworks (NIST 800-53, SOC 2, CIS). + Assist in audits and evidence collection for regulatory compliance. + Maintain documentation of security architecture, policies, and procedures. + Bachelor's degree in Computer Science, Cybersecurity, or related field. + 3-4 years of experience in cloud security engineering and application security. + Strong understanding of Azure security services and architecture. + Experience with infrastructure-as-code (Terraform, Bicep). + Familiarity with Snowflake security features and data protection strategies. + Knowledge of identity and access management (Azure AD, Conditional Access, MFA). + Hands-on experience with DevSecOps tools and practices. Preferred Qualifications + Certifications: Azure Security Engineer Associate, CISSP, CCSP, OSCP, or GIAC. + Experience with multi-subscription Azure environments. + Familiarity with Zero Trust architecture and implementation. + Experience with security automation and orchestration. Soft Skills + Strong analytical and problem-solving skills. + Excellent communication and collaboration abilities. + Ability to work independently and in cross-functional teams. + Passion for continuous learning and staying current with security trends. What you'll experience working for ULS UL Solutions has been pioneering change since 1894 and we're still leading the way. From day one, we've blazed a trail protecting the planet and everyone on it. Our teams have influenced billions of products, plus services, software offerings and more. We break things, burn things and blow things up. All in the name of safety science. That's where you come in - because none of it could happen without you. It takes passion to protect people, problem-solving to safeguard personal data and conviction to make the world a more sustainable place. It takes bold ideas and brilliant minds to build a better world for future generations across the globe. This is more than a job. It's a calling. A passion to use our expertise and play our part in creating a more secure, sustainable world today - and tomorrow. As a member of our safety science community, you'll use your ideas, your energy and your ambition to innovate, challenge and ultimately, help create a safer world. Everyone here is unique. But we're also a global community, working together to help create a safer world. Join UL Solutions and you can connect with the brightest minds in the business, all bringing their distinct perspectives and diverse backgrounds together to deliver real change. Empowering our customers to keep the world safe means thinking ahead. It means investing in training and empowering our people to learn and innovate. At UL Solutions, we help build a better future - one where everyone benefits. Join UL Solutions to be at the center of safety. To learn more about us and the work we do, visit UL.com Total Rewards: We understand compensation is an important factor as you consider the next step in your career. The estimated salary range for this position is $95,000 to $120,000 and is based on multiple factors, including job-related knowledge/skills, experience, geographical location, as well as other factors. This position is eligible for annual bonus compensation with a target payout of 10% of the base salary. This position also provides health benefits such as medical, dental and vision; wellness benefits such as mental and financial health; and retirement savings (401K) commensurate with the standard rewards offered in each individual location or country. We also provide full-time employees with paid time off including vacation (15 days), holiday including floating holidays (12 days) and sick time off (72 hours). #LI-SG2 #LI-Hybrid UL LLC has been and will continue to be an equal opportunity employer. To assure full implementation of this equal employment policy, we will take steps to assure that: Persons are recruited, hired, assigned and promoted without regard to race, color, age, sex or gender, sexual orientation, gender identity, gender expression, transgender status, religion, creed, national origin, ethnicity, citizenship, ancestry, disability, genetic information, military or veteran status, pregnancy, marital or familial status, or any other protected category under applicable law.

Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape. Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality. Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward. Job Description ESSENTIAL DUTIES AND RESPONSIBILITIES: Development of various cryptography-based security features such as data encryption, Secure Boot, and Device Attestation. Integrate these security protocols and features into the SSD data and control flows to ensure a robust and secure system. Additionally, investigate and resolve any security protocol compatibility issues that may arise. Investigating failures, documenting bug reports, and providing valuable assistance to product teams in identifying and resolving issues. Debugging, optimizing, and validating the Firmware on SoC platforms, as well as bringing up of FPGA and ASIC. Contribute to the Security Development Lifecycle of the Firmware by supporting its development at different stages, including design, threat analysis, implementation, validation, vulnerability testing, certification, and audit. Qualifications REQUIRED: To qualify for this position, an ideal candidate would have/be. A degree in Computer Science, Electrical/Computer Engineering, Software Engineering, or a related field. 3+ years of experience in embedded programming, with proficiency in C/C++ and one or more of the following: Python, Rust, Go. Strong understanding of microcontroller architectures and debugging of hardware/firmware issues. Experience in firmware code review, CI/CD test and validation methodology, as well as static and dynamic code analysis. Familiarity with the Agile software development process life cycle is also desired. Proficiency in failure analysis in debugging an embedded firmware application, using JTAG/debuggers such as Lauterbach. An engineer who can take ownership of given features and manage them from start to finish. Being self-motivated and driven is essential for this role. Good communication skills and be able to work effectively with cross-functional teams. What Sets You Apart Detailed knowledge of RISC-V Instruction Set Architectures (ISA) Technical expertise in applied cryptography and firmware/hardware security, including knowledge of data encryption, trusted execution environment, secure boot, and device attestation. Knowledge of storage controller architectures and security protocols, such as TCG Opal/Ruby/Pyrite, IEEE 1667, SPDM, and IDE. Develop firmware on SoC platforms, run simulation or bringing up FPGA and ASIC. Familiarity with writing code in Github repository and it's CI/CD testing framework. Additional Information Sandisk is committed to providing equal opportunities to all applicants and employees and will not discriminate against any applicant or employee based on their race, color, ancestry, religion (including religious dress and grooming standards), sex (including pregnancy, childbirth or related medical conditions, breastfeeding or related medical conditions), gender (including a person's gender identity, gender expression, and gender-related appearance and behavior, whether or not stereotypically associated with the person's assigned sex at birth), age, national origin, sexual orientation, medical condition, marital status (including domestic partnership status), physical disability, mental disability, medical condition, genetic information, protected medical and family care leave, Civil Air Patrol status, military and veteran status, or other legally protected characteristics. We also prohibit harassment of any individual on any of the characteristics listed above. Our non-discrimination policy applies to all aspects of employment. We comply with the laws and regulations set forth in the "Know Your Rights: Workplace Discrimination is Illegal” poster. Our pay transparency policy is available here. Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution. Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at [email protected] to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying. Based on our experience, we anticipate that the application deadline will be 11/11/2025 (3 months from posting), although we reserve the right to close the application process sooner if we hire an applicant for this position before the application deadline. If we are not able to hire someone from this role before the application deadline, we will update this posting with a new anticipated application deadline. #LI-RT1 Compensation & Benefits Details An employee's pay position within the salary range may be based on several factors including but not limited to (1) relevant education; qualifications; certifications; and experience; (2) skills, ability, knowledge of the job; (3) performance, contribution and results; (4) geographic location; (5) shift; (6) internal and external equity; and (7) business and organizational needs. The salary range is what we believe to be the range of possible compensation for this role at the time of this posting. We may ultimately pay more or less than the posted range and this range is only applicable for jobs to be performed in California, Colorado, New York or remote jobs that can be performed in California, Colorado and New York. This range may be modified in the future. You will be eligible to participate in Sandisk's Short-Term Incentive (STI) Plan, which provides incentive awards based on Company and individual performance. Depending on your role and your performance, you may be eligible to participate in our annual Long-Term Incentive (LTI) program, which consists of restricted stock units (RSUs) or cash equivalents, pursuant to the terms of the LTI plan. Please note that not all roles are eligible to participate in the LTI program, and not all roles are eligible for equity under the LTI plan. RSU awards are also available to eligible new hires, subject to Sandisk's Standard Terms and Conditions for Restricted Stock Unit Awards. We offer a comprehensive package of benefits including paid vacation time; paid sick leave; medical/dental/vision insurance; life, accident and disability insurance; tax-advantaged flexible spending and health savings accounts; employee assistance program; other voluntary benefit programs such as supplemental life and AD&D, legal plan, pet insurance, critical illness, accident and hospital indemnity; tuition reimbursement; transit; the Applause Program, employee stock purchase plan, and the Sandisk's Savings 401(k) Plan. Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company's sole discretion, consistent with the law.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.

Momenti is a dynamic and immersive content company that revolutionizestraditional media by bringing visceral experiences to all forms of content. Wespecialize in interactive video that breaks the 4th wall, creating deeperconnections and emotions with our audience. Join us in transforming the waypeople engage with content and bring moments to life. Momenti is at theforefront of the content revolution, and we want you to be part of it. Job Summary:We are seeking a talented and experienced Security Engineer to join Momentias our first security hire and report directly to our Engineering Director. In thisrole, you will be responsible for ensuring the security and integrity of oursystems, applications, and data. You will work closely with cross-functionalteams to identify potential vulnerabilities, develop and implement securitymeasures, and provide ongoing support to maintain a secure environment. Thisis a unique opportunity to make a significant impact and shape the securitylandscape at Momenti. Key Responsibilities:• Develop and implement effective security strategies, policies, and proceduresto protect Momenti's systems, applications, and data.• Conduct regular security assessments, vulnerability testing, and risk analysisto identify and address potential security weaknesses.• Collaborate with software engineers and other stakeholders to design andimplement secure coding practices and ensure secure applicationdevelopment.• Monitor and respond to security incidents, including investigating andresolving security breaches, intrusions, and unauthorized access attempts.• Stay up-to-date with the latest security technologies, trends, and bestpractices, and provide recommendations for enhancements to our securityposture.• Educate and train employees on security awareness and best practices topromote a culture of security throughout the organization.Preferred Qualifications:• Solid experience in a security engineering or related role, with a focus onapplication and system security.• Strong understanding of web application security, network security principles,and secure coding practices.• Familiarity with security frameworks such as OWASP, NIST, and CISbenchmarks.• Knowledge of cloud security principles and experience securing cloud-basedenvironments (e.g., GCP, AWS, Azure).• Experience with security assessment tools and techniques, such asvulnerability scanners, penetration testing, and log analysis.Basic Qualifications:• Proven experience in implementing and managing security controls in aproduction environment.• Familiarity with compliance standards and regulations (e.g., GDPR, HIPAA,PCI DSS).• Strong problem-solving and analytical skills, with the ability to assess risksand develop effective mitigation strategies.• Excellent communication and collaboration skills, with the ability to workeffectively in cross-functional teams.

It's fun to work in a company where people truly BELIEVE in what they're doing! We're committed to bringing passion and customer focus to the business. The Information Security Engineer is responsible for contributing to the corporate Information Security program by assisting in the identification, recommendation and implementation of industry leading application security tools and techniques. The incumbent will also maintain and update application security processes and procedures and train team members on any relevant updates. This position is remote, but local to the Temecula, CA office. Essential Functions Assist with the development, implementation, and administration of information security policies, standards, and procedures, adhering to industry best practices Assist in integrating regulatory compliance requirements (e.g., PCI, GLBA) into the organizational security roadmap Assist in ensuring that the corporate IT environment is secure and complies with all external audit requirements and federal standards Coordinate with IT Operations to ensure endpoints and network devices conform to security standards, and that security devices and controls are working as designed Assist in the identification, evaluation and implementation of industry leading application security tools and techniques Plan, coordinate, and implement security measures to regulate access to computer data files and prevent unauthorized modification, destruction, or disclosure of information Perform risk assessments and execute system tests to ensure proper functioning of data processing activities and security measures Identify potential security risks, and define and document remediation options or mitigating controls Perform security incident investigations including: chain of custody, containment measures, root cause analysis, and identification of preventive measures Define and assist in the management of an Incident Response Team that addresses potential or in-progress security events, establishing and adhering to escalation procedures and response times Perform information systems evidence gathering, to support e-discovery requests and messaging searches Perform security reviews on requests for new commercial software or material configuration changes to existing software Perform periodic internal IT security audit functions on IT operational controls, to include system access controls, firewall rule reviews, etc. Participate in on-call rotation Perform related duties as requested Essential Knowledge, Skills, & Abilities Excellent written and verbal communication skills required Solid presentation skills Significant knowledge of security-oriented regulatory requirements and compliance Excellent familiarity with IT security principles and practices including firewalling, hardening, data loss prevention, threat prevention, and identity management. Ability to provide technical guidance to less experienced team members Knowledge of the mortgage industry is helpful, but not required Commitment and ability to cultivate a diverse and inclusive work environment. Education Bachelor's degree in computer science, Engineering, Information Systems Security or a related field is required. Security class certifications strongly preferred Azure certifications preferred CISSP license preferred Experience 5+ years of related IT experience required 2+ years in an Information Security engineering role 3+ years of experience in a regulated IT environment including some combination of SOX, HIPAA, GLBA, PCI preferred Compensation and Benefits Covius offers an extensive benefits package for all employees, including medical, dental, vision and 401(k)! Compensation: $96,000 to $120,000 annually with a 10% AIP opportunity Application Guidelines: For best consideration, please submit your resume and application materials as soon as possible. Review of applications will begin immediately. Working Conditions Work is performed in a climate controlled indoor administrative office setting. The noise level in the work environment is usually quiet to moderate, depending upon the office or meeting location. Physical Demands and Activities While performing the duties of this job, the employee is frequently required to communicate. The employee frequently is required to remain stationary. The employee is frequently required to move about the office, operate a computer and other office machinery, such as calculator, copy machine, and computer printer; rarely position self to maintain files; rarely moves boxes weighing up to 10 lbs. Close and distance observation required with the ability to observe objects at close range in presence of glare or bright lighting (e.g., computer screen). Must possess the ability to communicate information and ideas so others will understand and have the ability to interact with external and internal stakeholders. Covius is committed to equal opportunity in all employment practices to all qualified applicants and employees without regard to race, color, religion, gender, gender identity, age, national origin, pregnancy, disability, genetics, marital status, military or veteran status or any other protected category as established by local, state, and federal law. This policy applies to all aspects of the employment relationship including recruitment and hiring, placement, promotion, transfer, compensation, disciplinary action, layoff, leaves of absence, training, and termination. All such employment decisions will be made without unlawful discrimination based on any prohibited basis. The essential functions, working conditions and physical demands described above are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position. Please note that all s are not intended to be all-inclusive. This job description is not designed to cover all activities, duties or responsibilities that are required of the employee for this job. Employees may be required to perform other duties at any time with or without notice to meet the ongoing needs of the organization. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

at loan Depot Responsible for driving the development, implementation, communication, and maintenance of loan Depot's technology policies, standards and procedures that are aligned to industry standards and regulatory requirements. Ensures that loan Depot technology processes adheres to regulatory requirements, manages risks effectively, and establishes strong governance practices. Develops and implements controls, monitors compliance, and supports risk management activities. Responsibilities: Leads the development and implementation of comprehensive cybersecurity and IT policies, standards, and guidelines. Continuously evaluates and updates cybersecurity and IT policies to ensure they remain current and effective. Ensures policies comply with relevant laws, regulations, and industry standards (e.g., NIST, FFIEC, GLBA, NYDFS, SOX and PCI-DSS). Collaborates with teams, working closely with IT, legal, compliance, and other departments, to gain a deep understanding of business needs to ensure cybersecurity policies align with business objectives. Transforms complex information and documentation into simple concepts that are easy to understand by the end-users. Offers specialized expertise and consultation to cross-functional teams to perform framework-oriented risk assessments, identify deficiencies, generate reports, and recommends prioritized, actionable solutions to mitigate risks and enhance loan Depot's overall security posture. Stays informed about the latest cybersecurity threats, trends, and best practices. Ensures accurate and up-to-date records of policy reviews, risk assessments, training activities, and incident responses. Benchmarks the organization's policies against industry standards and best practices. Develops and implements governance frameworks for cybersecurity policy management. Monitors key performance indicators, conducts gap analysis, risk assessments and implements frameworks, as needed. Tests and monitors effectiveness of controls. Establishes a feedback loop and analyzes metrics to continuously improve cybersecurity policies based on audit findings, incident reviews, and emerging threats. Actively leads and supports on internal and external audits and assessments of cybersecurity policies and practices. Accountable for ensuring identified audit and assessment findings and actions are tracked to closure. Maintains comprehensive documentation of all cybersecurity policies, procedures, and related activities. Communicates policy requirements and updates to all relevant stakeholders. Identifies opportunities for innovation and improvement in cybersecurity policy and practice. Proposes suitable mitigation strategies and verifies the effectiveness of remediation plans Requirements: Bachelor's Degree in Information Security, Computer Science, Information Technology, or a related field preferred. Minimum of six (6) + years' experience working in Cybersecurity GRC, policy development, risk management, or a similar field. Experience with GRC tools (e.g., Archer, ServiceNow, OneTrust). Proficiency in using data analysis and reporting tools (e.g., Excel, Power BI). Relevant certifications such as CISM and/or CISA are highly desirable. Why work for #teamloan Depot: Competitive compensation package based on experience, skillset and overall fit for #TeamloanDepot. Inclusive, diverse, and collaborative culture where people from all backgrounds can thrive Work with other passionate, purposeful, and customer-centric people Extensive internal growth and professional development opportunities including tuition reimbursement Comprehensive benefits package including Medical/Dental/Vision Wellness program to support both mental and physical health Generous paid time off for both exempt and non-exempt positions About loan Depot: loan Depot (NYSE: LDI) is a digital commerce company committed to serving its customers throughout the home ownership journey. Since its launch in 2010, loan Depot has revolutionized the mortgage industry with a digital-first approach that makes it easier, faster, and less stressful to purchase or refinance a home. Today, as the nation's second largest non-bank retail mortgage lender, loan Depot enables customers to achieve the American dream of homeownership through a broad suite of lending and real estate services that simplify one of life's most complex transactions. With headquarters in Southern California and offices nationwide, loan Depot is committed to serving the communities in which its team lives and works through a variety of local, regional, and national philanthropic efforts. Base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay for this role is between $99,000 and $136,500. Your base pay will depend on multiple individualized factors, including your job-related knowledge/skills, qualifications, experience, and market location. We are an equal opportunity employer and value diversity in our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

For More Open Positions Visit us at: ********************************** Our Mission WOONGJIN, Inc. is a rapidly growing team who provides a range of unique, exceptional, and enhanced services to our clients. We have a strong moral code that includes the service of goodness without expectations of reward. We are motivated by the sense of responsibility and servant leadership. Benefits Medical Insurance Vision Insurance Dental Insurance 401(k) Paid Sick hours Job Description The IT Security Engineer is responsible for supporting the planning, implementation, and management of the organization's IT security infrastructure and policies. This role assists in identifying security risks, responding to incidents, and ensuring compliance with internal standards and external regulations. Responsibilities Assist in developing, implementing, and maintaining IT security policies, standards, and procedures Monitor and analyze security events, logs, and alerts using tools like Splunk of Sentinel to detect and respond to threats Collaborate with internal IT teams and external vendors to improve overall security posture Manage user access controls and identity management systems Monitor and audit for potential security breaches, abnormal behavior, and unauthorized access Verify that applied security policies are properly configured and effectively enforced Monitor network, system, and application security to detect and respond to potential threats and vulnerabilities Participate in incident response processes, including investigation, containment, recovery, and documentation Assist in audits and ensure compliance with regulatory requirements Support security awareness training and compliance initiatives for employees and third parties Maintain up-to-date knowledge of cybersecurity trends, threats, and best practices Document security configurations, procedures, and technical findings Conduct vulnerability assessments Salary: $80,000 - $95,000 per year (D.O.E) Qualifications Skills 3 - 5 years of experience in IT security or related IT roles required Knowledge of security technologies such as firewalls, IDS/IPS, antivirus, SIEM, and endpoint protection required Security certifications preferred (e.g., CISSP, CISM, CompTIA Security+, CEH) preferred Strong problem-solving, analytical, and communication skills required Education & Experience Bachelors Degree Required Computer Science, Information Security, or a related field required 6 - 9 Years of Direct Experience Required 7 - 11 Years of Direct Experience Required 1 - 3 Years of Supervisory Experience Required 3-5 years of experience in IT Security or related IT roles required Physical Requirements Ability to sit in front of a desk and/or in front of the computer for long periods Repetitive use of hand/grasping product, writing, and typing Lift up to 10lbs Carry up to 10lbs Stand/walk Additional Information All your information will be kept confidential according to EEO guidelines. *** NO C2C ***

For More Open Positions Visit us at: ********************************** Our Mission WOONGJIN, Inc. is a rapidly growing team who provides a range of unique, exceptional, and enhanced services to our clients. We have a strong moral code that includes the service of goodness without expectations of reward. We are motivated by the sense of responsibility and servant leadership. Benefits Medical Insurance Vision Insurance Dental Insurance 401(k) Paid Sick hours Job Description The IT Security Engineer is responsible for supporting the planning, implementation, and management of the organization's IT security infrastructure and policies. This role assists in identifying security risks, responding to incidents, and ensuring compliance with internal standards and external regulations. Responsibilities Assist in developing, implementing, and maintaining IT security policies, standards, and procedures Monitor and analyze security events, logs, and alerts using tools like Splunk of Sentinel to detect and respond to threats Collaborate with internal IT teams and external vendors to improve overall security posture Manage user access controls and identity management systems Monitor and audit for potential security breaches, abnormal behavior, and unauthorized access Verify that applied security policies are properly configured and effectively enforced Monitor network, system, and application security to detect and respond to potential threats and vulnerabilities Participate in incident response processes, including investigation, containment, recovery, and documentation Assist in audits and ensure compliance with regulatory requirements Support security awareness training and compliance initiatives for employees and third parties Maintain up-to-date knowledge of cybersecurity trends, threats, and best practices Document security configurations, procedures, and technical findings Conduct vulnerability assessments Salary: $80,000 - $95,000 per year (D.O.E) Qualifications Skills 3 - 5 years of experience in IT security or related IT roles required Knowledge of security technologies such as firewalls, IDS/IPS, antivirus, SIEM, and endpoint protection required Security certifications preferred (e.g., CISSP, CISM, CompTIA Security+, CEH) preferred Strong problem-solving, analytical, and communication skills required Education & Experience Bachelors Degree Required Computer Science, Information Security, or a related field required 6 - 9 Years of Direct Experience Required 7 - 11 Years of Direct Experience Required 1 - 3 Years of Supervisory Experience Required 3-5 years of experience in IT Security or related IT roles required Physical Requirements Ability to sit in front of a desk and/or in front of the computer for long periods Repetitive use of hand/grasping product, writing, and typing Lift up to 10lbs Carry up to 10lbs Stand/walk Additional Information All your information will be kept confidential according to EEO guidelines. *** NO C2C ***

Join a global GIS leader as an Information Security expert. In this hands-on role, you'll perform incident response and forensics, automate detection and response using SOAR and SIEM tools, create playbooks, and integrate top industry technology. You'll also develop advanced detections and analyze data from multiple sources daily. Responsibilities Contribute as part of an experienced team by leveraging advanced forensic and incident response skills to enhance security across physical, virtual, and cloud environments. Design and implement innovative detection solutions utilizing diverse log sources and security technologies. Partner with business and IT personnel to align security initiatives with strategic business, application, engineering, and operational objectives. Automate security controls, processes, and detection capabilities to minimize the need for manual intervention. Collaborate closely with operations teams to embed security best practices within enterprise infrastructure. Maintain up-to-date knowledge of industry trends, emerging security issues, and technologies to inform management and proactively manage risks affecting the organization. Requirements 5+ years of experience in enterprise security engineering, operations, and implementation, with a strong adherence to industry-standard tools and methodologies. Comprehensive knowledge of security protocols, cryptography, authentication, authorization, and broader security concepts. Advanced proficiency with systems technologies, including servers, operating systems, virtualization, and storage infrastructure, as well as expertise in networking and communication protocols. Collaborative team player with a demonstrated ability to contribute ideas, develop documentation, and implement best practices within a cooperative environment. Strong conceptual and analytical skills, with the ability to extract, analyze, and document complex business and technical requirements or strategies from both customers and IT stakeholders. Proficient in scripting languages such as PowerShell, Python, Perl, PHP, and Ruby for automation and data manipulation tasks. Practical experience in securing cloud infrastructures on AWS, Azure, and GCP, leveraging CSPM and CWP tools. In-depth understanding of defense-in-depth strategies encompassing physical, administrative, and technical controls. Visa sponsorship is not available for this posting. Applicants must be authorized to work for any employer in the US Bachelor's in computer science, information security, or a related STEM field. Recommended Qualifications Experience with industry's best tools in EDR, SIEM, SOAR, and email protections. Experience in large-scale enterprise environments. Security industry certifications. #LI-TM1 #LI-Hybrid

Applied Medical is a new generation medical device company with a proven business model and commitment to innovation fueled by rapid business growth and expansion. Our company has been developing and manufacturing advanced surgical technologies for over 35 years and has earned a strong reputation for excellence in the healthcare field. Our unique business model, combined with our dedication to delivering the highest quality products, enables team members to contribute in a larger capacity than is possible in typical positions. Position Description The Information Security Manager / Senior Manager leads the advancement of Applied Medical's global information security program. This role develops and implements strategies that protect organizational data, systems, and infrastructure while ensuring alignment with business objectives, regulatory standards, and frameworks such as the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) and International Organization for Standardization (ISO) 27001. The Information Security Manager / Senior Manager directs a team of security professionals in a collaborative environment, overseeing operations, risk management, and incident response. This position requires a proven leader who combines technical expertise with strategic vision, fosters cross-functional alignment, mentors high-performing teams, and promotes a strong culture of security awareness across the organization. Key Responsibilities * Lead and mentor a team of information security analysts to ensure effective daily operations across areas such as network security, endpoint protection, and identity and access management (IAM). * Oversee threat detection, incident response, and vulnerability management processes, ensuring timely investigation and resolution of security events. * Develop and implement security strategies that align with business objectives, compliance standards, and recognized frameworks including NIST CSF, ISO 27001, and SOC 2. * Collaborate with global IT, engineering, and application development teams to integrate security controls into infrastructure, cloud environments, and software systems. * Evaluate and manage third-party vendor risk, ensuring adherence to Applied Medical's information security standards and regulatory requirements. * Lead the review and continuous improvement of information security policies, procedures, and documentation. * Develop and deliver organization-wide security awareness and training programs that promote a proactive security culture. * Monitor industry trends, emerging threats, and new technologies to strengthen Applied Medical's security posture and resilience. Success in This Role Looks Like * Leads a cohesive and motivated information security team that demonstrates accountability, collaboration, and continuous improvement. * Aligns information security initiatives with business goals and ensures compliance with internal and external standards. * Builds trust and alignment across departments by communicating complex security concepts in clear, practical terms. * Anticipates evolving risks and proactively enhances the organization's ability to prevent, detect, and respond to security threats. * Demonstrates strong partnership with executive and technical teams to advance Applied Medical's long-term security strategy. Position Requirements This position requires the following skills and attributes * Bachelor's degree in information technology, computer science, or a related field. * Five or more years of information security experience, including at least three years in a leadership or management role. * Proven experience managing security operations, including oversight of a Security Operations Center (SOC) and related functions. * Strong understanding of cybersecurity principles, including network and cloud security, endpoint protection, identity and access management (IAM), and data protection. * Knowledge of security frameworks and regulations such as NIST CSF, ISO 27001, General Data Protection Regulation (GDPR), and Health Insurance Portability and Accountability Act (HIPAA). * Demonstrated ability to lead cross-functional teams, communicate effectively with non-technical stakeholders, and influence decision-making across levels. * Experience making risk-based decisions that balance security needs with business objectives. * Excellent analytical, organizational, and problem-solving skills. Preferred The following skills and attributes are preferred * Master's degree in information security, cybersecurity, or a related field. * Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Cloud Security Professional (CCSP). * Experience managing information security programs within a regulated industry such as medical device, healthcare, or manufacturing. * Familiarity with Lean Six Sigma or other continuous improvement methodologies. * Strong understanding of budgeting, cost-benefit analysis, and security investment planning. Benefits * Competitive compensation range: $100000 - $150000 / year (California). * Comprehensive benefits package. * Training and mentorship opportunities. * On-campus wellness activities. * Education reimbursement program. * 401(k) program with discretionary employer match. * Generous vacation accrual and paid holiday schedule. Please note that the compensation range may be based on factors such as relevant education, qualifications, experience. The compensation range may be adjusted in the future, and special discretionary bonus or incentive compensation plans may apply. Our total reward package reflects our commitment to team member growth and well-being, as we invest in your development and offer a range of benefits designed to enhance your career and life. Equal Opportunity Employer Applied Medical is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (including pregnancy, childbirth, breastfeeding and related medical conditions), or sexual orientation, or any other basis protected by federal, state or local laws in the locations where Applied Medical operates.

As a Senior Security Operations Analyst, you will be a key member of our Security Operations team, responsible for detecting, investigating, and responding to cyber threats across our enterprise. You will help build and mature our SOC (Security Operations Center) capabilities, contribute to threat intelligence and incident response, and play a critical role in securing our e-commerce platforms, customer data, and connected product ecosystem. This role requires a balance of hands-on technical expertise, analytical thinking, and the ability to communicate risk and remediation clearly to both technical and business stakeholders. **Key Responsibilities** Security Monitoring & Detection · Lead monitoring of security events across SIEM, EDR, cloud, and network security platforms. · Analyze alerts, correlate data, and distinguish between true positives, false positives, and emerging threats. · Develop, tune, and improve detection use cases, rules, and automation playbooks. Incident Response & Forensics · Serve as a first responder and subject matter expert for security incidents, leading investigations and containment activities. · Conduct forensic analysis on endpoints, cloud environments, and applications when necessary. · Collaborate with IT, cloud, and DevOps teams to ensure rapid remediation and recovery. Threat Intelligence & Hunting · Perform proactive threat hunting activities to identify hidden risks or advanced persistent threats. · Leverage external threat intelligence to enrich investigations and improve defensive measures. · Stay current with evolving attack techniques, malware trends, and vulnerabilities relevant to retail, e-commerce, and IoT/connected devices. Governance, Risk, and Compliance (Support) · Support compliance initiatives (PCI-DSS, SOC2, ISO 27001, GDPR, CCPA, NIST etc.) by ensuring security controls are effective. · Provide input into risk assessments and partner with vulnerability management to prioritize patching. Collaboration & Continuous Improvement · Partner with IT, Product, e-commerce, and retail technology teams to secure new business initiatives. · Mentor junior analysts and contribute to knowledge-sharing across the team. · Recommend and implement process improvements, automation, and best practices. **Qualifications** Required Skills & Experience · 5+ years in a security operations or incident response role, with experience in enterprise-scale environments. · Strong knowledge of SIEM, EDR, MDR, firewalls, and cloud-native security tools (AWS/GCP/Azure). · Hands-on experience with incident handling, digital forensics, and malware analysis. · Familiarity with MITRE ATT&CK, cyber kill chain, and common threat actor tactics. · Proficiency in scripting (Python, PowerShell, or similar) to automate investigations or workflows. · Excellent communication skills, with the ability to explain technical risks to non-technical stakeholders. Preferred Skills · Experience in retail, e-commerce, or IoT/connected device security. · Experience in key principles of incident response & security operations. · Experience in MDR & SIEM solutions · retail, e-commerce, or IoT/connected device security. · Exposure to PCI-DSS or other retail payment security frameworks. · Knowledge of container security (Kubernetes, Docker) and DevSecOps practices. · Relevant certifications: GCIA, GCIH, GCFA, CEH, OSCP, or CISSP. **Pay Range:** $112,200.00 - $148,500.00 The actual annual salary offered to a candidate will be based on variables including experience, geographic location, education, and skills/achievements, and will be mutually agreed upon at the time of offer. We offer a highly competitive salary, comprehensive benefits including: medical and dental, vision, disability and life insurance, 401K, PTO, paid holidays, gear discounts and the ability to add value to an exciting mission! Our Postings are not intended for distribution to or use in any jurisdiction, country or territory where such distribution or use would violate local law or would subject us to any regulations in another jurisdiction, country or territory. We reserve the right to limit our Postings in any jurisdiction, country or territory. Equal Opportunity Employer Minorities/Females/Protected Veteran/Disabled **Revelyst is a collective of makers that design and manufacture performance gear and precision technologies. Our category-defining brands leverage meticulous craftsmanship and cross-collaboration to pursue new innovations that redefine what is humanly possible in the outdoors. Portfolio brands include Foresight Sports, Bushnell Golf, Fox, Bell, Giro, CamelBak, Bushnell, Simms Fishing and more.** Revelyst is an equal opportunity employer. All applicants are considered for employment without regard race, color, religion, sexual orientation, gender identity, national origin, disability, veteran status, and any other characteristics protected by law. The EEO Law poster is available here: **************************************************************** If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to ******************** . Please note that this email address is for accommodation purposes only. Revelyst will not respond to inquiries for other purposes.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.