Security engineer jobs in Apple Valley, CA

Required Skills & Experience: Bachelor's degree in a related field preferred but not required. 5+ years of experience in a SOC or similar security environment. Expertise with SIEM, EDR, CSPM tools; strong skills in SQL/KQL/Cypher for data analysis. Proven ability to lead complex investigations and coordinate across technical and business stakeholders. Solid understanding of cybersecurity frameworks (MITRE ATT&CK, NIST CSF, NIST SP800-61r3). Experience with log aggregation technologies and SIEM tuning processes. Job Description: A large financial services customer based in Irvine, CA is seeking a Cyber Security Operations Analyst, focused on Incident Response. This individual will lead Incident Response, and act as a technical expert within the SOC. This team protects the organization from cyber threats. This role requires strong analytical skills, leadership in high-severity incidents, and deep knowledge of security tools and frameworks. Pay: 50-65/hr

About the Company Atomus' mission is to provide world class cybersecurity for the world's most critical organizations. We build security compliance software delivered as managed services sold directly, with relevant professional services and support. Examples of our commercial customers include hypersonic aircraft companies, satellite and space mission systems companies, AI and software companies, among many other companies serving primarily the aerospace and defense industry. At Atomus we are hardworking, we move fast, and we put our customers first. About the Role As a Cybersecurity Engineer will work closely with customers to help them implement and fully leverage Atomus' cybersecurity products, maintain compliance with NIST 800-171 and CMMC cybersecurity standards, and solve technical challenges. Our customers depend on Atomus to manage and secure their Windows, MacOS, Ubuntu, iOS, Android devices, and Firewalls while ensuring compliance. We aim to provide the best possible support when they have questions. Our team's main goal is to simplify our customers' lives, for compliance and security. You will serve as the voice of the customer by sharing their feedback and insights with our product team and reporting any issues to our software engineers. We take pride in delivering amazing experiences for our customers. Responsibilities Manage and guide new customers through the onboarding process, ensuring proper setup, configuration, and alignment with their security programs and establishing baseline compliance requirements of NIST 800-171 and CMMC while performing technical tasks/project management required for onboardings. Serve as the first point of contact for technical inquiries, providing debugging, troubleshooting, and solutions for technical IT/security issues related to the Atomus platform. Work closely with internal teams (sales, product, engineering) along with partners/vendors for customer requirements to communicate customer feedback and advocate for customer needs in product development and rolling out 3rd party products. Assist customers in managing and maintaining NIST 800-171 and CMMC compliance requirements, ensuring IT documentation is updated and maintained. Required Skills Experience in a customer-facing technical role, IT administrator, solutions engineer, Technical Customer Success, or TAM role preferably in cybersecurity or compliance. Strong experience with cybersecurity frameworks and technologies (e.g., NIST, CMMC, firewalls, routers, encryption tools). Intermediate networking knowledge of WAN and LAN connectivity, routers, firewalls, switches, security, etc. Experience with Microsoft Intune, Active Directory, Windows, MacOS and ABM, as well as mobile platforms like Android and iOS. Advanced understanding of Microsoft products (Exchange, SharePoint, Windows, Windows Server, Active Directory, etc.). Familiarity with command-line tools (e.g., PowerShell, Terminal) for troubleshooting and deployment. Strong troubleshooting skills, particularly related to network security, software issues, and IT environments. Excellent verbal and written communication skills; ability to explain complex topics to both technical and non-technical audiences. Applicants must have strong emotional intelligence to intuit and match customer sentiment for effective communication. Preferred Skills Prior experience with NIST 800-171, CMMC, or other compliance standards. Ability to manage multiple customer accounts and onboarding projects simultaneously. Familiarity with CRM platforms (HubSpot), and compliance documentation tools while managing SLAs which include customer satisfaction, initial response, and issue resolution times.

Help support the CISO at one of the world's largest venture capital firms, working at the intersection of cloud security, AI and cutting-edge technology. You'll be joining a lean and highly technical security team, where your impact will be immediate and visible. This role is balanced between seniority and technical depth. You'll be trusted to support and advise the CISO, contribute to strategic decisions and act a senior technical voice, while remaining deeply hands-on as a cloud security engineer. The environment is heavily cloud based, (primarily Azure, with some AWS) and increasingly focussed on AI platforms and MCP workloads. You'll work closely with AI development, data engineering and platform teams to ensure security is embedded. Ideally, you'll be coming from a similar role, operating in a senior position while remaining technical day-to-day, with coding in python, terraform or SQL. Whilst this role requires general security experience, you will need to have a background specifically in cloud security. This role is based in Menlo Park. Interested in finding out more? No up-to-date resume required.

We are seeking a Cybersecurity Risk Analyst to support managing and mitigating security risks across processes, technologies, and cloud environments. The ideal candidate will combine technical expertise, business acumen, and cybersecurity experience to advise partners, assess risks, and drive improvements in secure operations. This role requires hands on experience with Kusto Query Language (KQL), cloud security, and risk assessment, as well as the ability to communicate effectively with stakeholders at all levels. Must be local to San Francisco or Los Angeles (LA) or Salt Lake City (SLC). Responsibilities: Support risk strategies by identifying and mitigating security risks in bank systems and processes. Apply and interpret security policies, provide guidance and input on policy enhancements. Advise business and technical partners on security controls, procedures, and best practices. Assess cloud and on-prem environments to identify risks and recommend control improvements. Conduct security control assessments, document findings, and develop actionable remediation plans. Evaluate third-party vendors to determine shared security responsibilities and associated risks. Communicate security risks and mitigation strategies effectively to technical teams and executives. Collaborate across teams to drive secure operations and deliver results in a fast-paced environment. Qualifications: Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related technical discipline (or equivalent experience). 3+ years of experience in cybersecurity, information security, or technology risk management. Proficiency in Kusto Query Language (KQL) for data analysis, log correlation, and threat detection. In-depth understanding of security frameworks such as NIST, ISO 27001, or FedRAMP. Demonstrated experience assessing and improving security posture across Cloud (Azure, AWS) and on-premises environments. Proven ability to conduct security control assessments, identify risk exposures, and develop actionable remediation plans. Skilled at translating technical security concepts into clear, business-relevant insights for stakeholders and executives. Excellent communication, collaboration, and interpersonal skills, with a focus on building trusted partnerships across technical and business teams. Strong organizational and analytical skills, with the ability to manage multiple initiatives in a fast-paced, results-driven environment.

About the Company: Blizzard Entertainment, a global leader in interactive entertainment, has been shaping the world of video games since its founding. Renowned for iconic franchises like World of Warcraft , Overwatch , and Diablo , Blizzard is dedicated to creating immersive, innovative, and high-quality gaming experiences that captivate millions of players worldwide. Our mission is to inspire and connect players through engaging gameplay, compelling storytelling, and vibrant online communities. As we continue to expand our reach in the gaming industry, we remain committed to pushing the boundaries of creativity, technology, and entertainment. The Role: Staff Blockchain Security Engineer Blizzard's Application Security (AppSec) team is entrusted with safeguarding the company and its players from software vulnerabilities and security threats. As a Staff Blockchain Security Engineer within AppSec, you will specialize in securing blockchain-based game features, in-game economies, and Web3 integrations. You'll collaborate closely with game development and engineering teams to provide guidance, perform security assessments, and implement best practices throughout the blockchain software lifecycle. This role requires in-person collaboration two days per week at our Irvine, California headquarters. Key Responsibilities: Conduct comprehensive security reviews of blockchain integrations, smart contracts, in-game economy systems, and Web3 features for vulnerabilities and architectural flaws Advise game development teams on secure blockchain practices and remediation strategies Establish and maintain secure development processes within the blockchain software lifecycle Develop, maintain, and improve blockchain-specific security tooling (e.g., fuzzers, static analysis frameworks) Collaborate with legal, compliance, and risk teams to evaluate security, operational, and regulatory risks of blockchain implementations Minimum Qualifications: 8+ years in application security, Web3 security, or related disciplines Proven experience auditing smart contracts, blockchain protocols, or Web3 applications Expertise in design reviews, threat modeling, secure code review, or penetration testing with a hacker mindset Strong knowledge of application security principles and common vulnerabilities (e.g., SSRF, race conditions, privilege escalation) Experience with secure key management, wallet systems, or cryptography Familiarity with blockchain security tools such as Slither, Echidna, or similar Scripting or programming experience in Python, C++, JavaScript, or other relevant languages Ability to balance business goals with security priorities and communicate risks clearly to cross-functional teams Preferred Qualifications: Experience in formal verification of smart contracts Background in blockchain-enabled gaming, DeFi platforms, or NFT ecosystems Contributions to blockchain security communities, bug bounty programs, or published research Experience defining and executing long-term blockchain security strategies alongside engineering leadership Why Blizzard? Competitive base salary and discretionary annual bonus Equity opportunities and long-term incentives Comprehensive health, dental, and vision plans 401(k) with company match Paid parental leave and flexible time off A hybrid work model that balances collaboration with flexibility Salary Range: $170,000 - $250,000. This excludes discretionary bonuses or equity grants, which are determined based on experience, skills, and market standards. Blizzard Entertainment is committed to building diverse teams that reflect the communities we serve. We are an equal opportunity employer and do not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status. If you require accommodation, please reach out to our People Team.

About Company, Droisys is an innovation technology company focused on helping companies accelerate their digital initiatives from strategy and planning through execution. We leverage deep technical expertise, Agile methodologies, and data-driven intelligence to modernize systems of engagement and simplify human/tech interaction. Amazing things happen when we work in environments where everyone feels a true sense of belonging and when candidates have the requisite skills and opportunities to succeed. At Droisys, we invest in our talent and support career growth, and we are always on the lookout for amazing talent who can contribute to our growth by delivering top results for our clients. Join us to challenge yourself and accomplish work that matters. We're hiring Senior Backend Engineer - Cloud Security in Sunnyvale, CA What You Will Do Build containerized microservices and related components for a multi-tenant, distributed system that ingests and processes real-time cloud events, system telemetry, and network data across major cloud platforms. Your work will enable customers to detect risks and strengthen their cloud security posture. Mentor junior engineers, interns, and new graduates, helping them develop strong technical skills and become effective contributors. Write production-quality software primarily in Java using Spring Boot, and work extensively with Kafka, SQL, and other data interfaces. Work within a Kubernetes-based service infrastructure, while learning new technologies as needed. Take ownership of major features and subsystems through the entire development lifecycle-requirements, design, implementation, deployment, and customer adoption. Participate in operational responsibilities, gaining firsthand experience with real-world performance, reliability, and support scenarios-informing how you design and build better systems. Prioritize quality at every stage, performing thorough developer testing, functional validation, integration checks, and performance testing to ensure highly resilient systems. Collaborate closely with Product Management to review, refine, and finalize requirements. Develop a deep understanding of customer needs by engaging with peers, stakeholders, and real-world use cases. What You Bring Bachelor's degree in computer science or similar (Master's preferred). 5+ years of experience building scalable, distributed systems. Passion for software engineering, continuous learning, and working in a collaborative environment. Hands-on experience with AWS, Azure, or GCP, with strong familiarity at the API/programming level. Experience with networking and/or security concepts is a plus. Experience developing containerized services on Kubernetes is strongly desired. Strong programming experience in Java/Spring Boot or Golang. Experience building or using REST APIs. Knowledge of infrastructure-as-code tools such as CloudFormation, Terraform, or Ansible is a plus. Understanding of TCP/IP networking fundamentals. Experience developing in Unix/Linux environments. Droisys is an equal opportunity employer. We do not discriminate based on race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law. Droisys believes in diversity, inclusion, and belonging, and we are committed to fostering a diverse work environment

Job Title: Senior Security Architect Contract Duration: 18 Months Work Schedule: Monday-Friday, 8:00 AM - 5:00 PM Interview Process: 1 round virtual, possible 2nd round onsite Employment Type: Contract (C2C) Work Authorization: U.S. Citizens or Green Card holders only Role Overview We are seeking a highly experienced Senior Security Architect to support a confidential law enforcement agency. This is a fully onsite role requiring strong hands-on cybersecurity architecture expertise, leadership capability, and experience working in regulated or government environments. Candidates must be able to successfully complete Live Scan and background checks. Required Skills & Experience 7-10 years of combined network engineering and cybersecurity experience Strong hands-on experience with: Palo Alto Technologies (NGFW, Panorama, Cortex EDR, Cortex XSOAR, Prisma Cloud) Cisco Networking (Switches, Routers, Firewalls, WLCs, VPNs) SIEM technologies and security incident response Cisco ISE, CyberArk, Tenable AWS and Azure Microsoft O365 Security Architecture Azure Entra ID ServiceNow Terraform Experience with: Firewall consolidation, migrations, and redesigns VPN deployments (site-to-site, remote access, third-party integrations) Wireless security (corporate Wi-Fi, BYOD, IOC) Network monitoring tools (SolarWinds, NetFlow, SNMP) Proven leadership experience mentoring and guiding technical teams Compliance & Security Experience Strong background in CJIS, NIST, NAC, and audit readiness Experience supporting law enforcement, public safety, federal, or government environments Ability to pass Live Scan and comprehensive background checks (no exceptions) Nice-to-Have Qualifications Advanced CJIS/NIST compliance and audit experience Experience creating training programs and mentoring staff toward certifications (CCNA/CCNP) Strong documentation and communication skills Prior work in enterprise, public safety, or government networks

100% On-site | Santa Ana, CA We are seeking a Senior Security Architect to lead enterprise security operations, compliance, and infrastructure within a mission-critical environment. This hands-on leadership role combines deep Cisco networking expertise, security architecture design, and staff mentorship to ensure audit readiness and operational excellence. Key Responsibilities: • Enforce and maintain network security controls aligned with CJIS, NIST, and internal policy frameworks. • Implement and manage firewall rules, NAC solutions (e.g., Cisco ISE), and endpoint access policies. • Support incident detection, forensics, and mitigation efforts alongside cybersecurity teams. • Lead network deployments, upgrades, and response initiatives across Cisco infrastructure. • Configure and manage switches, routers, firewalls, WLCs, and VPNs. • Design and optimize QoS, ACLs, and network monitoring (SolarWinds, NetFlow, SNMP). • Act as a Subject Matter Expert (SME), mentoring internal IT staff and guiding certification readiness (CCNA/CCNP). • Create and maintain SOPs, documentation, and training materials for ongoing operations. Top Skills Required: • Cisco networking (switches, routers, firewalls, WLCs, VPNs) • Security & compliance (CJIS, NIST, NAC, audit readiness) • Network monitoring (SolarWinds, NetFlow, SNMP, ACLs, QoS) • Leadership & mentoring (staff training, documentation, SME guidance) Nice-to-Have: • Advanced CJIS/NIST compliance experience • Public safety or government network background • Proven mentorship and SOP development experience #SecurityArchitect #NetworkSecurity #CiscoJobs #CJIS #NIST #Cybersecurity #SolarWinds #NetworkEngineer #OnsiteJobs #CaliforniaJobs #ITLeadership #InformationSecurity #InfrastructureSecurity

Kindly go through the entire email.- Remote/Hybrid Title: Sr. Network Engineer- Security Duration: Permanent Job Pay Rate: $Best Market/hr on W2/C2C (as per min expectation) Skills Required: Senior Network Engineer - Job Requirements (with Security Emphasis) Network Engineering Design and recommend infrastructure improvements for network systems. Own all network hardware and software components. Configure routers, switches, firewalls, and network appliances. Manage remote access solutions (VDI/VDA, VPN, RDP). Oversee data center racks, AC power, and cabling. Automate network processes and document procedures. Perform network design, capacity planning, and performance monitoring. Lead network improvements, upgrades, and repairs. Manage vendor relationships and service level agreements. Ensure network connectivity for all systems and external partners. Practice network asset management and maintain inventory documentation. Security Manage security appliance policies (firewalls, gateways, sensors). Implement and maintain network security processes and reporting. Support and enhance security solutions (firewall, anti-virus, IDS/IPS, gateway filtering, MFA, web security). Participate in vulnerability assessments, penetration tests, and security audits. Maintain awareness of new security solutions, threats, and best practices. Assist in the development and maintenance of security policies, standards, and procedures. Collaborate with Lead security analysts and compliance teams on incident investigations and audits. Core Competencies / Knowledge & Skill Requirements Expert knowledge of networking topologies, physical installation, and support. Extensive experience with MS Windows technology (desktop/server) and Microsoft Office Suite. Strong knowledge of Active Directory, groups policies and systems administration. Experience with Cisco networking and Next Gen Firewall technologies (required). Strong Familiarity with IDS/IPS, SIEM, and security monitoring tools. Understanding of ITIL-based processes (Incident, Service, Problem, Change, Release Management). Competence in hardware/software troubleshooting, backup processes, and SAN. Strong understanding of IP, TCP/IP, and other network protocols. Experience managing technology vendors and escalation processes. Excellent customer service, written, verbal, and interpersonal communication skills. Ability to work independently and within a team environment. Demonstrated ability to meet project deadlines. Education, Experience & Certifications Bachelor's degree preferred (Information Technology, Computer Science, Cyber Security, or related field) or 5+ years of equivalent experience. 5+ years in network support and administration. Cisco networking experience required. Microsoft and Cisco certifications are a plus. Security certifications (CompTIA Security+, CISSP, CISM, CISA, GIAC, etc.) are a plus. Experience with healthcare organizations preferred. Additional Requirements Ability to operate standard office equipment and work on a computer for extended periods. Schedule may require occasional weekend and/or evening work. Hybrid work environment (onsite and remote). Commitment to diversity, equity, and inclusion in the workplace. Looking forward to hearing from you, Thanks & Regards, Chandan Kumar, SVAM International, INC. | 233 East Shore Road |Suite 201 Great Neck, NY 11023 Direct: ************ | ************ or Whatsapp Text |Office: ************ Ext -334 E-Mail: ************* | ************ |Fax: ************** Linkedin: *******************************************************

Role: Cybersecurity Manager Duration: 6+ months Overview: The Cybersecurity Manager leads global cybersecurity operations, incident response, cloud security, and vulnerability management across IT, OT, and cloud environments. This role drives security maturity by overseeing Security Operations (SOC), continuous threat exposure management (CTES), and proactive risk reduction initiatives. The role ensures the organization's security posture aligns with enterprise risk, Zero Trust principles, and regulatory frameworks including ISO 27001, NIST, and ITAR. Key Responsibilities:Lead cybersecurity operations, including SOC oversight, threat detection, endpoint security, and continuous threat exposure monitoring across identity, endpoint, network, and cloud attack surfaces. Manage incident response for ransomware, APTs, insider threats, and major security events, leveraging threat intelligence, exposure context, and automation to prioritize response efforts. Oversee vulnerability, configuration, and exposure management programs using platforms such as Tenable, Automox, and CrowdStrike, ensuring remediation is risk-based and threat-informed. Strengthen cloud and identity security across Azure, Entra ID, and Microsoft 365, with a focus on reducing attack paths, misconfigurations, and identity-based exposures. Implement Zero Trust architecture, secure configuration baselines, and attack surface reduction strategies across enterprise environments. Support compliance efforts aligned with ISO 27001, NIST CSF / 800-53 / 800-171, ITAR, GDPR, HIPAA, and PCI, ensuring CTES practices support audit and risk requirements. Lead and mentor global cybersecurity teams, contractors, and MSSP partners, ensuring SOC, CTES, and IR functions operate as a unified security program. Provide executive-level reporting on risk posture, threat exposure trends, incidents, and security metrics, translating technical exposure into business risk. Requirements:10+ years of cybersecurity experience, including leadership of security operations, SOC, or enterprise security programs. Strong background in SOC operations, incident response, EDR/XDR, SIEM/SOAR, and continuous threat exposure or attack surface management. Hands-on experience with tools such as Microsoft Sentinel, XSOAR, CrowdStrike, Defender, and Tenable, with the ability to correlate exposure data, threat intelligence, and detection signals. Demonstrated experience implementing CTES / CTEM practices, including exposure prioritization, attack path analysis, and proactive risk reduction. Solid understanding of ISO 27001, NIST frameworks, ITAR, and enterprise regulatory environments. Strong communication skills with the ability to lead teams, influence stakeholders, and present exposure-driven risk insights to executives.

Castelion is bringing a new approach to defense development and production: one that focuses on short, iterative design cycles, rapid testing in development, and modern commercial manufacturing strategies for production at scale. We're designing, building, and testing next generation long range strike weapons systems to give America and its Allies a definitive edge and deter future conflicts. Information Systems Security Manager (ISSM) *This position requires a TS/SCI Clearance and Special Access Program Experience* Castelion Corporation is looking for an experienced ISSM to manage and maintain the Classified Networks out of our Torrance location. The ideal candidate will be a dedicated security professional with a demonstrated ability to work independently and as a member of a team in a fast-paced, high-tech environment. The ISSM's primary function serves as a principal expert and manager on all matters, technical and otherwise, involving the security of information systems under his/her purview. Primary support will be working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, NAVY, Army, DARPA, etc. The position will provide "day-to-day" support, oversight, and maintenance for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. As the site ISSM you will own the end-to-end Information Assurance Program for all classified and controlled information systems at our Torrance facility. You will partner with Program Management, Engineering, IT, Security, and the Cognizant Security Agency (DCSA/SAPCO) to obtain and sustain ATO on schedule, mentor a growing ISSO team, and keep our environment audit ready every day. Responsibilities Lead RMF/JSIG/DAAPM execution architect secure solutions, prepare authorization packages, brief Security Control Assessments, and drive POA&M closure. Own continuous monitoring vulnerability & patch management (ACAS/Nessus, SCAP, STIGs), log analysis (Splunk), account management, media control, incident response, and annual self-inspection. Shape early program decisions embed with PMO to define security requirements, supply secure-by-design input at PDR/CDR/TRR, and influence contract CDRLs. Develop people & process coach ISSOs/ISSEs, refine SOPs, track metrics, and present status to senior leadership and customers. Interface with external stakeholders act as the single voice to DCSA, SAPCO, and other Cognizant Security Agencies for all cybersecurity matters. Develop Assured File Transfer (AFT) in accordance with JSIG Conduct all self-inspections and report findings to Cognizant Security Agency annually Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media Develop and execute security assessment plans that include verification that the features and assurances required for each protection level functioning Maintain a and/or applicable repository for all system authorization documentation and modifications Develop policies and procedures for responding to security incidents, to include investigating and reporting security violations and incidents Ensure proper protection or corrective measures have been taken when an incident or vulnerability has been discovered within a system Ensure that data ownership and responsibilities are established for each authorization boundary, to include accountability, access rights, and special handling requirements Ensure development and implementation of an information security education, training, and awareness program, to include attending, monitoring, and presenting local cyber security training. Evaluate threats and vulnerabilities to ascertain whether additional safeguards are needed Assess changes in the system, its environment, and operational needs that could affect the authorization Ensure that authorization is accomplished a valid Authorization determination has been given for all authorization boundaries under your purview Review AIS assessment plans Coordinate with PSO or cognizant security official on approval of external information systems (e.g., guest systems, interconnected system with another organization) Conduct periodic assessments of the security posture of the authorization boundaries Institute and implement a Configuration Control Board (CCB) charter Ensure configuration management (CM) for security-relevant changes to software, hardware, and firmware and that they are properly documented. Ensure periodic testing is conducted to evaluate the security posture of IS by employing various intrusion/attack detection and monitoring tools (shared responsibility with ISSOs) Ensure that system recovery and reconstitution processes developed and monitored to ensure that the authorization boundary can be recovered based on its availability level determination Ensure all authorization documentation is current and accessible to properly authorized individuals Ensure that system security requirements are addressed during all phases of the system life cycle Basic Qualifications A degree in Science, Technology, Engineering or Mathematics (STEM), information technology and a minimum of 5 years of prior relevant experience. 5 years in DoD/IC Cybersecurity as ISSM and must meet position and certification requirements outlined in DoD Directive 8570.01-M for IAM-III within 6 months of the date of hire (CISSP, CISM, GSLC). Proven delivery of ATO for SAP or SCI systems; prior Enterprise ISSM experience. Active and transferable U.S. government issued Top Secret SCI (TS/SCI) security clearance required prior to start date. Finalized CI polygraph, or willingness to submit to one U.S. citizenship is required Preferred Skills and Experience Proven leadership of multi-disciplinary teams and successful ATO delivery for SAP or SCI systems Expert knowledge of NISPOM (32 CFR 117), JSIG, RMF (NIST 800-37/-53), ICD-503, and DAAPM, oversight/execution of A&A processes. Experience with DevSecOps pipelines, Zero Trust architecture, and Identity Access Management. Experience executing DISA STIG/SRG hardening across Linux and Windows. Background in network/systems security (architecture, topology, protocols, components, principles). Hands-on with ACAS, SCAP, STIG Viewer, DISA SRGs, and SIEM/Vulnerability Tools SPLUNK, NESSUS etc. Masters in Cybersecurity, Computer Science, or related engineering field. CISSP-ISSEP / ISSMP or PMP. Existing U.S. government issued Top Secret SCI (TS/SCI) security clearance within the last 24 months. Additional Information This is not designed to cover or contain all job duties required of the employee. There may be additional activities, duties and/or responsibilities that are required for this position that are not listed in this job description. All employees are granted long-term stock incentives as part of their employment as Castelion. All employees receive access to comprehensive medical, vision, and dental insurance, and the company offers three weeks of paid time off per year. Leadership Qualities Bias to Action and Creative Problem Solving. Desire and experience questioning assumptions in ways that lead to break through ideas that are ultimately implemented. Successfully bring in applicable processes/concepts/materials from other industries to achieve efficiency gains. Ability to personally resolve minor issues in development without requiring significant support. High Commitment, High Initiative. A successful candidate will have a genuine passion for Castelion's mission and consistently look for ways to contribute to the company's technical goals and prevent hardware blockers. Ability to work in a fast paced, autonomously driven, and demanding atmosphere. Strong sense of accountability and integrity. Clear Communicator. Proactively communicates blockers. Trusted in previous roles to be voice of company with regulators, suppliers, gate keepers and customers. Capable of tactfully managing relationships with stakeholders to achieve company-desired outcomes without compromising relationships. Emails, IMs and verbal interactions are logical, drive clarity, and detailed enough to eliminate ambiguity. ITAR Requirements: · To conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158, or be eligible to obtain the required authorizations from the U.S. Department of State. Employment with Castelion is governed on the basis of competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.

Security Architect / Implementation Engineer Duration: 6 Months contract with possibility of extension We are seeking a highly skilled Security Architect / Security Implementation Engineer with expertise in designing, implementing, and integrating Google Cloud Security Command Center (SCC), Chronicle SIEM, and Cybereason XDR. The candidate will be responsible for architecting the end-to-end solution, implementing GCP native security controls, integrating third-party security tools, and producing detailed design and operational documentation. Key Responsibilities: Design and architect cloud-native security controls in GCP aligned with security and compliance frameworks (CIS, ISO 27001, NIST, etc.). Implement Google Security Command Center (SCC) for threat detection, vulnerability management, and risk insights. Architect and configure Chronicle SIEM for log ingestion, correlation, and advanced threat analytics. Integrate Cybereason XDR with SCC, Chronicle, and other security tools to establish end-to-end threat detection and response workflows. Define use cases, rules, policies, and security playbooks to automate detection and response. Document the solution architecture, design decisions, configuration standards, and integration workflows. Conduct knowledge transfer sessions with security operations and support teams. Collaborate with GCP Cloud Platform teams, SOC teams, and compliance teams to align solutions with enterprise policies. Required Skills & Experience: 8-12 years of overall IT security experience with at least 4-5 years in Google Cloud Security. Proven experience with Google Security Command Center (SCC), Chronicle SIEM, and XDR platforms (Cybereason preferred). Strong knowledge of GCP IAM, VPC Service Controls, Cloud Armor, DLP, Cloud Logging, Cloud Monitoring. Hands-on experience in integrating SIEM, XDR, and native GCP security tools. Experience with Terraform, Deployment Manager, or automation frameworks for security deployment. Strong documentation and presentation skills. Security certifications preferred: Google Professional Cloud Security Engineer, GCP Professional Architect, CISSP, CISM, CCSP.

About Persistent We are an AI-led, platform-driven Digital Engineering and Enterprise Modernization partner, combining deep technical expertise and industry experience to help our clients anticipate what's next. Our offerings and proven solutions create a unique competitive advantage for our clients by giving them the power to see beyond and rise above. We work with many industry-leading organizations across the world, including 12 of the 30 most innovative global companies, 60% of the largest banks in the US and India, and numerous innovators across the healthcare ecosystem. Our disruptor's mindset, commitment to client success, and agility to thrive in the dynamic environment have enabled us to sustain our growth momentum by reporting $360.2M revenue in Q3 FY25, delivering 4.3% Q-o-Q and 19.9% Y-o-Y growth. Our 23,900+ global team members, located in 19 countries, have been instrumental in helping the market leaders transform their industries. We are also pleased to share that Persistent won in four categories at the prestigious 2024 ISG Star of Excellence™ Awards, including the Overall Award based on the voice of the customer. We were included in the Dow Jones Sustainability World Index, setting high standards in sustainability and corporate responsibility. We were awarded for our state-of-the-art learning and development initiatives at the 16 th TISS LeapVault CLO Awards. In addition, we were cited as the fastest-growing IT services brand in the 2024 Brand Finance India 100 Report. Throughout our market-leading growth, we've maintained a strong employee satisfaction score of 8.2/10. About Position Role:Senior Network Security Engineer Location: Mountain View CA Experience: 10+ years Job Type: Full Time & Contract Mandatory Skills: Zscaler, Palo Alto, Network Security Engineering, AWS We are seeking a highly motivated and experienced Senior Network Security Engineer to join our growing team. This critical role will be responsible for the design, implementation, and maintenance of complex network infrastructure, with a strong emphasis on cloud integration, security, and automation. The ideal candidate will possess a deep understanding of networking principles, hands-on experience with AWS, a scripting proficiency in Python, and expertise in cybersecurity best practices, particularly with AWS, Palo Alto Networks and Zscaler security solutions. Expertise You'll Bring Palo Alto Networks certifications (e.g., PCNSE). Zscaler certifications. AWS certifications (e.g., AWS Certified Advanced Networking - Specialty). Experience with Infrastructure as Code (IaC) tools like Terraform or CloudFormation. Experience with container networking (e.g., Kubernetes). Knowledge of other cloud platforms (Azure, GCP). Certified Information Systems Security Professional (CISSP) Bachelor's degree in Computer Science, Information Technology, or a related field. 7+ years of experience in network engineering. Deep understanding of networking protocols (TCP/IP) Hands-on experience with Palo Alto Networks firewalls and security appliances. Expertise in Zscaler (ZIA/ZPA/ZDX) administration and configuration. Solid understanding of cybersecurity principles and best practices. Experience with network monitoring and troubleshooting tools. Excellent communication and collaboration skills. Ability to work independently and as part of a team. Extensive experience with AWS networking services (VPC, Transit Gateway, Direct Connect, etc.). Strong scripting skills in Python for network automation. Good to have AWS development and microservices automation experience. What You'll Do Design, implement, and manage our hybrid cloud and on-premises network infrastructure. Implement and manage network security solutions, including firewalls (Palo Alto Networks), secure web gateways (Zscaler), and intrusion detection/prevention systems. Monitor network performance and troubleshoot network issues. Proactively identify and mitigate security vulnerabilities. Collaborate with other teams to ensure network connectivity and performance. Create and maintain network documentation. Participate in on-call rotation for network support. Mentor and guide junior network engineers. Stay current with the latest networking technologies and security threats. Lead the migration and integration of network services into AWS. Develop and maintain network automation scripts using Python. Benefits Competitive salary and benefits package Culture focused on talent development with quarterly promotion cycles and company-sponsored higher education and certifications Opportunity to work with cutting-edge technologies Employee engagement initiatives such as project parties, flexible work hours, and Long Service awards Annual health check-ups Insurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parents Our company fosters a values-driven and people-centric work environment that enables our employees to: Accelerate growth, both professionally and personally Impact the world in powerful, positive ways, using the latest technologies Enjoy collaborative innovation, with diversity and work-life wellbeing at the core Unlock global opportunities to work and learn with the industry's best Let's unleash your full potential at Persistent - persistent.com/careers For more details, please contact Bharath Veluru (bharath_*********************) “Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind.”

MANTECH seeks a motivated, career and customer-oriented Personnel Security Specialist II to join our team in El Segundo, CA. The Personnel Security Specialist's primary function is to handle personnel security functions in support of the customer's facility and organization. The position will provide “day-today” PERSEC services for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Responsibilities include but are not limited to: Build and Maintain tracking spreadsheets/databases for customer PERSEC activities. Provide support for the security awareness and education programs. Perform miscellaneous administrative support functions as directed by the contractor site lead and/or the Government Security Representative. Review, track, and monitor security clearance processing activities with appropriate government personnel to achieve appropriate clearance actions. Conduct Defense Central Index of Investigations (DCII), Joint Personnel Access System (JPAS), and SAPNP reviews of candidates being submitted for SAP access. Perform data entry and record checks in the Joint Access Database (JADE) and maintain all customer sponsored personnel access information. Receive and/or transmit classified visit requests as necessary to meet customer needs. Minimum Qualifications: Bachelor's degree; an additional 4 years of experience may be considered in lieu of degree. 6 + years of related experience. 4 + years of relevant SCI experience. Must be familiar with security policy/manuals and the appropriate ICDs/JAFANs/DOD Manuals and other guiding policy documents. Preferred Qualifications: 2+ years of SAP-related experience. Clearance Requirements: Current Top Secret Clearance with SCI Eligibility. Eligibility for access to Special Access Program Information. Willingness to submit to a polygraph. Physical Requirements: Must be able to remain in a stationary position 50%. Needs to occasionally move about inside the office to access file cabinets, office machinery, etc. Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer. Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.

Employment Type: Contract-to-hire LHH Recruitment Solutions is seeking a Network Engineer to join a dynamic team supporting enterprise-level networking infrastructure. This role is ideal for a seasoned professional with deep technical expertise in network engineering, cybersecurity, and mission-critical communications systems. The Senior Network Engineer will play a key role in ensuring the availability, performance, and security of systems that support essential operations. Position Overview The Network Engineer will design, implement, and maintain Wide Area Network (WAN) and Local Area Network (LAN) environments across multiple sites. This position requires strong collaboration with internal teams, external partners, and vendors to deliver secure, scalable solutions. The role involves supporting critical infrastructure, including systems that underpin emergency and public safety communications. Key Responsibilities Lead multiple projects involving enterprise network technologies and infrastructure upgrades. Design and implement networking solutions using industry best practices. Support integration of hosted and cloud-based systems. Develop operational plans for network support activities and ensure alignment with organizational goals. Collaborate with stakeholders to gather technical requirements and assess security risks. Architect scalable solutions for high-availability systems, ensuring compliance with cybersecurity and regulatory standards. Maintain secure connectivity across data centers and cloud environments. Participate in change management processes and ensure smooth implementation of infrastructure changes. Provide on-call support and respond to critical incidents as needed. Qualifications Education: Bachelor's degree in Information Technology, Computer Science, or related field. Certifications (Preferred): CCNA, CCNP, ITIL Foundations, CompTIA A+, or equivalent industry credentials. Experience: 5+ years of progressive experience in network administration and security within enterprise-scale environments. Expertise in LAN/WAN, voice, video, and data communication networks. Hands-on experience with Cisco, Meraki, and Sophos hardware. Technical Skills: Networking protocols: TCP/IP, VPN, DNS, DHCP, IPsec, OSPF, BGP, EIGRP, MPLS, SD-WAN. Firewall technologies and endpoint security platforms. Network monitoring tools (e.g., SolarWinds, NinjaOne). Backup solutions (Cohesity, Veeam). Scripting/automation (Python, PowerShell). Familiarity with IT governance and cybersecurity standards. Desired: Experience with Nutanix, Windows Server, and SQL Server. Additional Requirements Ability to work flexible schedules, including evenings, weekends, and holidays. Participation in on-call rotation and emergency response. Valid driver's license and ability to travel between sites as needed. Compensation: $55-68/hr ($110-140k salary upon conversion) Benefit Offerings: Benefit offerings include medical, dental, vision, life insurance, short-term disability, additional voluntary benefits, EAP program, and 401K plan. Our program provides employees the flexibility to choose the type of coverage that meets their individual needs. Available paid leave may include Paid Sick Leave, where required by law; any other paid leave required by Federal, State, or local law; and Holiday pay upon meeting eligibility criteria. Equal Opportunity Employer/Veterans/Disabled To read our Candidate Privacy Information Statement, which explains how we will use your information, please navigate to ******************************************* The Company will consider qualified applicants with arrest and conviction records in accordance with federal, state, and local laws and/or security clearance requirements, including, as applicable: The California Fair Chance Act Los Angeles City Fair Chance Ordinance Los Angeles County Fair Chance Ordinance for Employers San Francisco Fair Chance Ordinance

Join the Market Leader in Electric Power Data and Analytics Solutions The electrical grid is the largest and most complicated machine ever built. Yes Energy's industry-leading electric power trading analytics software provides real-time visibility into the massive amount of data generated by the North American electrical grid daily. Our unique and innovative view of the data informs real-time trading decisions and mid-to-long-term investment decisions that keep utility prices low, support the energy transition, and keep the grid running. It's both challenging work and work with a purpose. Be a part of our successful, growing business during international transformation. Position Summary As a Security Analyst II, you will be helping keep the grid safe and our customers secure. You will be part of our growing Security & Compliance team, building security automations, creating baselines for on-premises and cloud environments, assisting teams with vulnerability scans and management, supporting our compliance team with evidence gathering and audits, and more. This is an opportunity to be part of a small team with increasing importance and responsibility. You will help Yes Energy stay secure into the future. Position Details Salary range: 80,000 - 95,000 Location: Yes Energy Core Offices or Remote Full-time Reporting to: Senior Manager, IT and Compliance Travel requirement: up to 15% to Yes Energy's core offices Primary Responsibilities Review and triage findings from vulnerability scans, penetration tests, and configuration assessments to identify potential security risks. Work with DevOps, engineers, and system owners to remediate vulnerabilities across multi-cloud and on-prem assets. Support secure configuration baselines for AWS, Azure, and Oracle Cloud resources. Monitor cloud environments for misconfigurations and suspicious activity. Assist with IAM policy reviews and privilege audits. Write scripts (Python, PowerShell, or Bash) to automate detection, reporting, or remediation of security issues. Integrate security tools and data into dashboards or workflow systems (e.g., Jira, SIEM, or ticketing). Provide technical evidence and control implementation support for SOC 2, ISO 27001, or customer security assessments. Partner with the compliance team to map technical controls to framework requirements. Assist with incident triage, response, and root cause analysis. Support endpoint protection, log monitoring, and threat intelligence initiatives. Minimum Qualifications Bachelor's degree in a related field or equivalent related experience Minimum of two years of experience with security exposure in information security, systems administration, or DevOps. Proficient in at least one scripting language (Python, PowerShell, or Bash). Strong understanding of operating systems, networking, and cloud fundamentals. Knowledge of security frameworks such as NIST Familiarity with vulnerability management tools (e.g., Tenable, Qualys, Rapid7, AWS Inspector, or Microsoft Defender). Working knowledge of AWS, Azure, and/or Oracle Cloud security controls and services. Comfortable working cross-functionally with engineering, IT, and compliance teams. Knowledge, Skills, and Abilities Ability to travel up to 15% to assist in team building and planning exercises. Strong, professional communication skills, both verbal and written, including the skill in articulating and translating technical language to non-technical customers. Ability to plan for contingencies and anticipate problems. Ability to ask critical questions to assess needs and requirements Preferred Qualifications Experience with SIEM or SOAR platforms (e.g., Splunk, Microsoft Sentinel). Familiarity with infrastructure such as code (Terraform, CloudFormation). Exposure to compliance frameworks such as SOC 2, ISO 27001, or NIST 800-53. Security certifications (Security+, GSEC, AWS Security Specialty, or similar). Endpoint Security/Patching/Inventory experience At Yes Energy, we value connecting directly with candidates. We kindly ask that third-party recruiters and agencies not submit resumes, as we are not open to external recruiting partnerships. ABOUT YES ENERGY Overview Yes Energy delivers real-time market data and electric power trading decision solutions. Over 1,000 market participants use Yes Energy solutions daily. The business is a leader in all aspects of information content collection and management, developing and delivering data and market analytics solutions. Since its inception in 2008, Yes Energy has become a trusted and respected supplier of innovative and reliable solutions focused on the needs of power market analysts, traders, and trade managers. Yes Energy has a team of over 350 amazing professionals in Boulder, CO (HQ); Boston, MA; Chicago, IL; Glendora, CA; Richmond, VA; London, United Kingdom; Auckland, New Zealand, Tokyo, Japan; and Bucharest, Romania. Culture Yes Energy has been named one of the Best Places to Work in Colorado, and we have the culture to prove it. At Yes Energy, we care about saying “Yes” to customers. We like to listen, learn, and develop our solutions in line with their needs. We think about customers as business partners, and when we help them be more successful … we are more successful, too. Around the office, our culture is driven by some pretty fundamental values that we're proud of: We love innovation and solving tough challenges; We are “high standards people” who combine passion and pride with hard work and rewards of all kinds-- in an ethic that is consistent across the company; We're team-focused with a flat hierarchy-- we work in small teams on well-defined projects that directly impact the success of the business; We play to the strengths and experience of each person while each of us also works along a continuum of roles adjacent to our focus area. This presents the challenge of maintaining a broad set of skills as well as an opportunity to learn and contribute in many ways; We are constantly growing. Professional development happens every day and every year. Compensation and Benefits We offer highly competitive salaries and real bonuses that are achievable and that you can impact. Our benefits package is also very competitive, including medical insurance, a 401 (k) Plan with matching, flexible vacation, and flexible work schedules. Yes Energy encourages and funds investment in both formal and informal professional development. At Yes Energy, we are dedicated to building a diverse, inclusive, and authentic workplace. If you're excited about this role but your experience doesn't perfectly align with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles. In accordance with Colorado law, the range provided is Yes Energy's reasonable estimate of the base compensation for this role. The actual amount may be higher or lower based on non-discriminatory factors such as location, experience, knowledge, skills, and abilities. Yes Energy provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, Yes Energy complies with applicable state and local laws governing nondiscrimination in employment in every location where the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Business units are in Corona, California; Warren, Massachusetts; Hauppauge, New York; Paris, France; Uxbridge, UK; and Tangier, Morocco. Parent company CIRCOR International is headquartered in Burlington, Massachusetts and CIRCOR Aerospace & Defense is headquartered in Corona, California. POSITION DETAILS Position Summary CIRCOR is actively searching to identify a dynamic and impactful Senior Information Systems Security Manager (ISSM) to assure that the sites (Corona and New York) comply with all applicable cybersecurity regulations of the Department of Defense (DoD) and to develop/enhance the protection of Controlled Unclassified Information (CUI) and the Cybersecurity Maturity Model Certification (CMMC) framework in accordance with NIST SP 800-171 and applicable DFARs. The Senior ISSM serves as the linchpin of an organization's cybersecurity strategy, tasked with safeguarding data integrity, confidentiality, and availability. The role of a Senior ISSM is instrumental in developing, implementing, and maintaining security protocols that align with regulatory requirements and industry standards. This role requires a blend of technical proficiency, analytical thinking, and strong leadership abilities to manage security incidents, conduct risk assessments, and ensure compliance with security policies. The position is also responsible for the Information Assurance (IA) program as stipulated by various US Government requirements from the DoD and regulatory bodies. This person maintains the formal IS security program and policies for their assigned area of responsibility and oversees the operational information systems security implementation policy and guidelines. The Senior Information Security System Manager deploys, maintains, and supports on premise services. The incumbent also provides impeccable customer service by responding to customer service requests timely and accurately. Responsible for the design, implementation, maintenance, and support of CIRCOR's Intel & cloud servers, backend systems supporting the production processes for the division, as well as data storage platforms and hosted services. Provides support in maintaining service levels, and performance monitoring. Ensures that all allocated tasks and procedures are carried out effectively and efficiently to current documented standards and a The Senior ISSM provides support for a program, organization, system, or enclave's information assurance program. Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed. Assists with the management of security aspects of the information system and performs day-to-day security operations of the system. Performs vulnerability/risk assessment analysis to support certification and accreditation. Manage changes to system and assesses the security impact of those changes. Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Maintains and updates any and all associated Plan of Action and Milestones (POAMs) documentation. Works with vendors to identify, troubleshoot, and resolves hardware, software, network-related, operating system issues; research and tests possible solutions and implements solutions. Perform daily monitoring and management of backups; monitor backup jobs, execute restore jobs, troubleshoot failed jobs, and initiate corrective actions, when necessary. Monitors the health of critical systems, identify trends, and present results to IT Management. Ensure operational stability of technologies and services supporting the lines of business. Lead & meet project deliverables for new and / or changes to existing technology within project requirements. Participate in technical integration activities in support of mergers and acquisitions. Complete projects to budget, timelines, quality standards and business stakeholder requirements. Maintain broad technical knowledge on current and emerging technologies relevant to the enterprise. Monitor cybersecurity compliance by performing periodic self-inspections, tests, and reviews of information systems to ensure that workstations/servers are operating as authorized/accredited and that conditions have not changed. Coordinate with program/project stakeholders, IT & Trade Compliance teams, Facility Security and IT team members to define, implement and maintain an acceptable information systems security posture. Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis, including audit & updates of air-gapped laptops. Preparation and maintenance of security Assessment and Authorization documentation. Adhere to established IT policies and standard operating procedures. Coordinate across other sites and seek Best Practice tools and processes in support of a rigor Cybersecurity posture. Internal & External Relationships: Works closely with all departments to provide a reliable infrastructure to support the business needs. Frequent communication with all levels of management and associates including IT Cybersecurity officer, Trade Compliance organization and Legal. Interaction with other ISSMs across A&D sites to establish best practices and an efficient compliance process. Work closely with Customers and all governmental agencies to support the Business relationship in terms of regulation compliance. CANDIDATE REQUIREMENTS Senior Information Systems Security Manager (ISSM) Qualifications & Skills: Bachelor's degree in Computer Science, Information Technology, or a related field. CISSP, CISM, or similar certification. Experience with security frameworks such as NIST, ISO 27001. Strong understanding of network protocols and security architecture. Proficient in using security tools like SIEM, IDS/IPS, and vulnerability scanners. Excellent analytical and problem-solving skills. Experience in risk management and incident response. Strong communication and interpersonal skills. Familiarity with cloud security leading practices. Bachelor's degree in Cybersecurity, Information Systems, or a related field. Minimum of 6-8 years of experience in information security or related roles. In-depth knowledge of information security principles and practices. Experience with security compliance and regulatory requirements. Proficiency in security risk assessment and management. Ability to develop and implement security policies and procedures. Strong technical skills in network and system security. Ability to work independently and as part of a team to support business needs. Excellent written and verbal communication skills. Strong organizational and multitasking abilities.

Are you passionate about administrating and enforcing solutions that safeguard data? Are your interested in serving your fellow team and the community? If so, we want to talk to you - we are currently looking for Service Superstars to join our Team! An Information Security Analyst 1 takes a lead role in the research, design, and implementation of all information security related hardware or software; including operating systems and communications products, coordinating implementations with third party vendors and supporting representatives as needed. This role also serves as a liaison between vendors and other departments on information security related projects. Duties and Essential Functions: Service * Personally, provides exceptional member service; uses Service Standards in every work-related interaction. * Ensures that exceptional member service is being provided to members and team members, at all times. * Serves as a strong example of leadership in work ethic, professionalism, and conduct. * Promotes a harmonious work environment that motivates others towards team participation, goal setting/accomplishment, and personal development. Daily Operations * Assists in the management of multiple information security systems, ensuring proper integration of the components with computer systems, network equipment and other devices. * Assists in research of data security needs and requirements for current and future systems. * Performs regular vulnerability analysis for intentional and unintentional systems misuse and identifies appropriate counter measures. * Takes a supporting role in the management of the Credit Union's information security program including establishing, implementing and monitoring of information security, incident response procedures and policies, system configuration standards and ongoing risk assessments. * Assists the credit union management team with the creation, modification, and implementation of Information Security policies and standards. * Performs routine audits of security databases including Active Directory, Anti-Virus, Data Loss Prevention (DLP), Group Policy, Remote Authentication Dial-In User Service (RADIUS), and regularly reviews other security logging systems. Designs and/or implements changes to these systems in response to any discovered vulnerabilities. * Performs regular audits of credit union procedures including new hire/transfer/separation process, configuration checklists, firewall changes, Uniform Resource Locator (URL)/Spam filter changes, DLP changes, file permission changes, inventory changes, equipment changes, and system health checks. * Takes a supporting role in the management of Credit Union patch management, anti-virus, Spam filtering, DLP, URL filtering, and intrusion prevention systems. * Assists with the development and implementation of active directory group policy objects with an emphasis on enhancing computer systems security. * Manages the creation, deletion, or alteration of systems access for Credit Union team members. Makes key decisions on whether to honor system access requests and responds appropriately. * Takes a supporting role in the research, design, and implementation of all information security related hardware or software including operating systems and communications products; assists with coordination of implementations with third party vendors and supports representatives as needed; serves as a liaison between vendors and other departments on information security related projects. * Conducts various training and instruction programs for credit union team members on the secure use of e-mail and the internet as well as operating systems, networking, computer applications and databases. * Assists in the evaluation of new projects and proposes systems for security risks and makes recommendations for implementation to management. * Takes supporting role in analyzing, planning and implementing projects including software, in-house development, hardware, and networks to provide new products and services to members of the credit union and to improve the effectiveness of member data security. Performs capacity planning and tuning of information security systems to assure maximum availability and optimal utilization; directs/assists with hardware and software upgrades as needed. * Develops project scope and timeline documents for individual projects per Information Systems (IS) Department standards. * Stays current with evolving trends in information security related hardware, applications, development, and the internet. * Provides guidance and assistance on technical skills to other IS staff. * Provides regular documentation and reports on the progress of information security initiatives as well as provides suggestions or plans to further improve the credit union's security efforts. * Other duties as deemed necessary and assigned by Supervisor to achieve the goals of the department and the Credit Union. Benefits Include: (not a complete list) Wellbeing * Weekly pay * 401K Retirement Savings Plan with company match * Paid time off accrual begins upon hire, 15 paid vacation days, 11 paid holidays * Paid sick leave * Company-provided life insurance at twice your annual salary * Financial Education Programs * DoorDash DashPass Health * Medical, Dental, and Vision Insurance for part-time and full-time employees * Modern Health * Care.com subscription * Teladoc Career Development * Career development opportunities * Team members are eligible to apply for assistance with educational expenses through ArrowHeart's scholarship program. To learn more about Arrowhead Credit Union and our service culture, visit our Career page, and our ArrowHeart Foundation. The pay range for this position is listed below. Starting pay for successful applicants is generally within the minimum to midpoint of the pay range. Our consideration for pay is designed to support career growth and development over time. Offers extended depend on a variety of job-related factors, including but not limited to individual experience, knowledge, training, education, geographic location, market demands, and internal equity. Pay range: Minimum: $35.11/hourly| Midpoint: $43.89/hourly | Maximum: $52.67/hourly

This position is responsible for ensuring that the Bank's Security operations and preventive controls are managed and maintained in accordance with established Information Security policies, standards and procedures, published regulations and industry best practices. Primarily responsible for the constant review of vendor security controls in comparison with policies and industry frameworks, risk assessments, determination of control gaps and their remediation. ESSENTIAL FUNCTIONS Performs vendor security risk assessments to determine inherent risk on proposed projects and assesses vendor security controls to determine residual risk. Evaluates the potential exposure to application security risks and threats based on industry security frameworks and recommends appropriate mitigation. Assesses security practices including Information Security governance, Identity and access control, Incident monitoring and response, Vulnerability assessment and Penetration tests, Network Security and Endpoint Security, among others. Acts as liaison with Third Party Risk Management, Information Technology and business department Relationship Managers related to vendor risk assessments. Reports information security risks and follows-up remediations. Remediates audit and regulatory findings and recommendations related to Information Security and Vendor Risk Management. QUALIFICATIONS Education: College degree in Information Technology or Information Security or equivalent; Security+, SSCP, CISSP, CISM or similar information security certifications preferred. Experience: Minimum two years of experience in Information Security Risk, Information Security Operations or Security Auditing. Proven experience on third-party risk management and vendor security assessments. Working knowledge of security practices such as Endpoint Security, Network Security, Security Operations and Security Governance required. Experience working with Vendor Risk Management (VRM) applications preferred. Skills/Ability: Proven ability to initiate and manage projects. Excellent communication and problem-solving skills. Strong inter-personal communication and collaboration skills. Self-starter, highly motivated, and able to work with general supervision. OTHER DETAILS $28.84 - $33.65 / hour Pay determined based on job-related knowledge, skills, experience, and location. This position may be eligible for a discretionary bonus.