Security engineer jobs in Boynton Beach, FL

We are seeking a skilled and motivated Web Application Security Engineer to join our team. As a Web Application Security Engineer, your primary focus will be on managing, monitoring, and responding to security alerts generated by the security tools, while also possessing a solid understanding of various aspects of web application security. You will work closely with development teams to ensure the continuous effectiveness of security measures, identify vulnerabilities, and implement appropriate controls. The ideal candidate will have a strong technical background, a good understanding of web application security principles, and the ability to excel in managing, monitoring, and responding to security alerts. Responsibilities Assist in determining needs and implementing configurations of various tools based on incoming requests. Assist in the testing and validation of security controls to ensure their effectiveness and compliance with industry standards. Manage, monitor, and respond to security alerts generated by the security tools specific to our web application environment. Investigate and triage security alerts, taking appropriate actions and escalations as necessary. Assist in security assessments and penetration testing to identify potential vulnerabilities and recommend suitable solutions. Monitor security logs, alerts, and events to proactively identify potential security incidents. Create and maintain metrics to track the performance and efficacy of security tools, programs, and controls. Contribute to compliance efforts by ensuring adherence to relevant security standards, regulations, and policies. Stay updated with the latest web application security trends, emerging threats, and industry best practices to enhance security measures. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 3-5 years of relevant experience in web application security, with proficiency in programming languages (HTML, CSS, JavaScript, ASP.NET, PHP, Java, etc.). At least one industry standard certification such as Certified Ethical Hacker (CEH), GIAC Certified Web Application Defender (GWEB), Certified Information Systems Security Professional (CISSP), Certified Application Security Engineer (CASE) or other security vendor certification. Understanding of web application security fundamentals, secure coding practices, and common vulnerabilities (such as SQL injections, cross-site scripting). Demonstrated experience in managing, monitoring, and responding to security alerts generated by security tools and programs specific to web application security. Experience with managing and maintaining Content Delivery Networks (CDNs) and their configurations, preferably Cloudflare. Familiarity with security testing and assessment tools (such as Burp Suite, OWASP ZAP, Nikto, Nessus, Nmap) and their application in vulnerability identification and mitigation. Knowledge of secure software development lifecycle (SDLC) methodologies and ability to apply security principles throughout the development process. Familiarity with security standards and frameworks (OWASP, NIST, PCI DSS, ISO 27001) and their practical application in securing web applications. Excellent communication and collaboration skills with the ability to work effectively with technical and nontechnical stakeholders. Strong analytical mindset and problem-solving abilities to identify and address security risks and vulnerabilities. Self-motivated with a passion for continuous learning and professional development in the field of web application security. Native American Preference Policy: The Tribal Council gives preference in all of its employment practices to Native Americans. First preference in hiring, training, promoting and in all other aspects of employment is given to members of the Seminole Tribe who meet the job requirements. Second preference is given to members of other federally recognized Native American Tribes who meet the job requirements. We can recommend jobs specifically for you! Click here to get started.

Job Description Octagon Talent Solutions is a South Florida-based, full-service technology recruitment and staffing firm dedicated to connecting top talent with the right opportunities. We take a human-centered approach to technical recruitment, prioritizing candidates' long-term career goals while carefully evaluating cultural fit. By fostering meaningful, lasting relationships, we deliver placements built to last. Job Overview: We are seeking a seasoned Concierge Security Engineer (CSE) to join our team in Fort Lauderdale, FL. The Concierge Security Engineer will build and maintain strong partnerships with customers while delivering customized security solutions. Core duties include investigating security incidents, configuring and troubleshooting data sources, and ensuring smooth service delivery. Respond promptly to customer requests for guidance, information, or support promptly, coordinating with other teams when needed. Foster proactive communication and collaboration with internal and external stakeholders. The Concierge Security Engineer (CSE) role combines the expertise of an IT Security Analyst, Security Architect, and Incident Response Consultant. Success requires both strong technical capabilities and the ability to communicate complex security concepts clearly and effectively to a non-technical audience. RESPONSIBILITIES: Build and nurture exceptional relationships with customers, ensuring a strong and lasting partnership. Deliver security solutions directly to customers, including, configuring, troubleshooting, and verifying data sources. Respond promptly to customers requests for guidance, information, or support, escalating issues as necessary and coordinating with other teams to ensure resolution. Proactively engage and communicate with both internal and external stakeholders to foster collaboration and transparency. Serve in a multifaceted role that blends responsibilities of an IT Security Analyst, Security Architect, and Incident Response Consultant. REQUIREMENTS: Bachelor's degree in Computer Science, Information Security, or related discipline. Strong understanding of IT security principles, standards, and best practices. Experience with security information and event management (SIEM) platforms Excellent communication skills with ability to convey complex technical concepts to non-technical audiences Knowledge with leading security frameworks such as NIST, ISO 27001, CIS. Proficiency with security tools, threat detection techniques, and incident response procedures Strong analytical skills, a problem-solving mindset, and a commitment to delivering excellent customer services.

Our Company: At red violet, we build proprietary technologies and apply analytical capabilities to deliver identity intelligence. Our technology powers critical solutions, which empower organizations to operate with confidence. Our solutions enable the real-time identification and location of people, businesses, assets and their interrelationships. These solutions are used for purposes including identity verification, risk mitigation, due diligence, fraud detection and prevention, regulatory compliance, and customer acquisition. Our intelligent platform, CORE™, is purpose-built for the enterprise, yet flexible enough for organizations of all sizes, bringing clarity to massive datasets by transforming data into intelligence. Our solutions are used today to enable frictionless commerce, to ensure safety, and to reduce fraud and the concomitant expense borne by society. The Role: Cloud Security Engineer is responsible for ensuring information systems data availability, integrity, authentication, confidentiality, and non-repudiation within the cloud environments. In collaboration with other information security staff and technical teams, this position develops and implements security measures and controls for information systems and networks. The Cloud Security Engineer advises management that systems adhere to established cloud security standards and regulatory requirements. What You Will Do: Advise, design, implement, and maintain security controls and solutions for cloud-based infrastructure and applications. Protects systems by defining and maintaining logical access privileges, access control structures, and processes. Conduct regular security assessments and audits of cloud environments to identify and address vulnerabilities and threats. Collaborate with cross-functional teams to integrate security best practices into cloud architecture and development processes. Provide detailed documentation of all work. Recognizes information security-related problems by identifying abnormalities and reporting violations/exceptions to the appropriate stakeholder(s). Implements cloud security improvements by assessing current situations; evaluating trends; anticipating future requirements. Support the team during security incidents and investigations and work with broad teams to advance the security posture of the company. Assist the stakeholders in identifying and evaluating technical and operational security risks, threats, weaknesses, and vulnerabilities. Identify, advise, and implement new security technologies, including AI, and best practices into the company's cloud infrastructure. Stay up-to-date on emerging threats, vulnerabilities, and security technologies in the cloud space. Cloud & AI Security Design: Design, implement, and maintain security controls for cloud-native and AI-based systems, including ML pipelines, AI APIs, and LLM-integrated services. What You Bring: 2+ years of experience in cloud security engineering. 5+ years of hands-on experience in IT Security or related areas. Experience working with cloud security tools such as Firewall, anti-virus, WAF, SIEM, log management, and system monitoring. Bachelor of Science in Computer Science, Information Technology, Information Security, or related field. Strong communication and collaboration skills with the ability to work effectively with cross-functional teams. Experience with scripting and automation tools (e.g., Python, PowerShell) for security tasks preferred. Deep understanding of cloud computing technologies (e.g., AWS, Azure, Google Cloud) and associated security controls. Strong knowledge of security principles, standards, and best practices (e.g., NIST, ISO 27001, PCI, SOC). Able to use sound judgment; work independently, with minimal supervision Applicants must have permanent work authorization in the U.S.; we are not sponsoring visas for this role. What We Offer: red violet offers excellent benefits including opportunity for stock (RSU) grants, a 401K and generous company match, flexible PTO policy, medical, dental and vision coverage, commuter benefits, in-office healthy snacks, team events and more. red violet is proud to be an Equal Opportunity Employer.

At ITRADE STEM, we are shaping the future by fostering job creation and advancing key industries such as space, technology, energy, and manufacturing. Through innovative programs, we equip individuals with career opportunities that enhance essential skills and promote sustainable growth. Join us in our mission to redefine the possibilities of STEM! Job Overview: We are seeking a seasoned Concierge Security Engineer (CSE) to join our team in Fort Lauderdale, FL. The Concierge Security Engineer will build and maintain strong partnerships with customers while delivering customized security solutions. Core duties include investigating security incidents, configuring and troubleshooting data sources, and ensuring smooth service delivery. Respond promptly to customer requests for guidance, information, or support promptly, coordinating with other teams when needed. Foster proactive communication and collaboration with internal and external stakeholders. The Concierge Security Engineer (CSE) role combines the expertise of an IT Security Analyst, Security Architect, and Incident Response Consultant. Success requires both strong technical capabilities and the ability to communicate complex security concepts clearly and effectively to a non-technical audience. RESPONSIBILITIES: Build and nurture exceptional relationships with customers, ensuring a strong and lasting partnership. Deliver security solutions directly to customers, including, configuring, troubleshooting, and verifying data sources. Respond promptly to customers requests for guidance, information, or support, escalating issues as necessary and coordinating with other teams to ensure resolution. Proactively engage and communicate with both internal and external stakeholders to foster collaboration and transparency. Serve in a multifaceted role that blends responsibilities of an IT Security Analyst, Security Architect, and Incident Response Consultant. REQUIREMENTS: Bachelor's degree in Computer Science, Information Security, or related discipline. Strong understanding of IT security principles, standards, and best practices. Experience with security information and event management (SIEM) platforms Excellent communication skills with ability to convey complex technical concepts to non-technical audiences Knowledge with leading security frameworks such as NIST, ISO 27001, CIS. Proficiency with security tools, threat detection techniques, and incident response procedures Strong analytical skills, a problem-solving mindset, and a commitment to delivering excellent customer services.

Job Description We are seeking a skilled and motivated Web Application Security Engineer to join our team. As a Web Application Security Engineer, your primary focus will be on managing, monitoring, and responding to security alerts generated by the security tools, while also possessing a solid understanding of various aspects of web application security. You will work closely with development teams to ensure the continuous effectiveness of security measures, identify vulnerabilities, and implement appropriate controls. The ideal candidate will have a strong technical background, a good understanding of web application security principles, and the ability to excel in managing, monitoring, and responding to security alerts. Responsibilities Assist in determining needs and implementing configurations of various tools based on incoming requests. Assist in the testing and validation of security controls to ensure their effectiveness and compliance with industry standards. Manage, monitor, and respond to security alerts generated by the security tools specific to our web application environment. Investigate and triage security alerts, taking appropriate actions and escalations as necessary. Assist in security assessments and penetration testing to identify potential vulnerabilities and recommend suitable solutions. Monitor security logs, alerts, and events to proactively identify potential security incidents. Create and maintain metrics to track the performance and efficacy of security tools, programs, and controls. Contribute to compliance efforts by ensuring adherence to relevant security standards, regulations, and policies. Stay updated with the latest web application security trends, emerging threats, and industry best practices to enhance security measures. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 3-5 years of relevant experience in web application security, with proficiency in programming languages (HTML, CSS, JavaScript, ASP.NET, PHP, Java, etc.). At least one industry standard certification such as Certified Ethical Hacker (CEH), GIAC Certified Web Application Defender (GWEB), Certified Information Systems Security Professional (CISSP), Certified Application Security Engineer (CASE) or other security vendor certification. Understanding of web application security fundamentals, secure coding practices, and common vulnerabilities (such as SQL injections, cross-site scripting). Demonstrated experience in managing, monitoring, and responding to security alerts generated by security tools and programs specific to web application security. Experience with managing and maintaining Content Delivery Networks (CDNs) and their configurations, preferably Cloudflare. Familiarity with security testing and assessment tools (such as Burp Suite, OWASP ZAP, Nikto, Nessus, Nmap) and their application in vulnerability identification and mitigation. Knowledge of secure software development lifecycle (SDLC) methodologies and ability to apply security principles throughout the development process. Familiarity with security standards and frameworks (OWASP, NIST, PCI DSS, ISO 27001) and their practical application in securing web applications. Excellent communication and collaboration skills with the ability to work effectively with technical and nontechnical stakeholders. Strong analytical mindset and problem-solving abilities to identify and address security risks and vulnerabilities. Self-motivated with a passion for continuous learning and professional development in the field of web application security. Native American Preference Policy: The Tribal Council gives preference in all of its employment practices to Native Americans. First preference in hiring, training, promoting and in all other aspects of employment is given to members of the Seminole Tribe who meet the job requirements. Second preference is given to members of other federally recognized Native American Tribes who meet the job requirements.

Job Description Hire Via is looking for a highly skilled IT Security Engineer to join our dynamic team within the computer software industry. In this critical role, you will be responsible for safeguarding our organization's information systems and ensuring that our network remains secure from internal and external threats. As an IT Security Engineer, you will design and implement robust security architectures, conduct vulnerability assessments, and develop comprehensive security policies that mitigate risks. Your expertise will help us maintain compliance with various regulatory requirements and industry standards, fostering an environment where innovation and security go hand-in-hand. You will collaborate closely with cross-functional teams to implement best practices in security and provide training and guidance on security awareness across the organization. This is an exciting opportunity for individuals who are passionate about cybersecurity and are eager to make a significant impact on our organization's security posture. If you thrive in a fast-paced and challenging environment, and have a strong desire to stay ahead of the evolving cybersecurity landscape, we encourage you to apply and join us in our mission to protect our digital assets and maintain the trust of our clients. Responsibilities Design and implement security measures to protect the organization's information systems. Conduct regular security assessments and audits to identify vulnerabilities and risks. Develop and update security policies and procedures based on best practices and regulatory requirements. Monitor network traffic for unusual activity and respond to security incidents as they arise. Collaborate with IT teams to ensure secure software development practices are followed. Provide security awareness training to employees and stakeholders. Stay up-to-date with the latest security trends, threats, and technologies. Requirements Bachelor's degree in Computer Science, Information Technology, or a related field. Proven experience in IT security or a related role, preferably in the software industry. Strong understanding of security protocols, cryptography, and authentication systems. Experience with firewalls, intrusion detection systems, and other security technologies. Familiarity with regulatory requirements such as GDPR, HIPAA, or PCI-DSS. Certifications such as CISSP, CISM, or CEH are preferred. Excellent problem-solving skills and attention to detail. Benefits sssadasadadddddddddddddddddddddhhbhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh

Hours: 40 Pay Details: $113,000 - $196,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions Job Description: The Senior Information Security Specialist leads development and/or implementation of significant or Bank-wide Technology Controls / Information Security strategies, policies, programs, tools and provides expert advice and guidance on technical solutions. Oversees control and governance activities and identifies and assesses potential security risks, breaches/ exposures impacting highly complex / high risk businesses or transformational (change the bank) strategic initiatives primarily interfacing with executive and/or functional stakeholders across the Bank. Depth & Scope: * Works autonomously on high profile, complex and/or high risk technology projects with significant impact to the organization * Provides technical leadership / consulting / direction to a larger team / portfolio on all aspects of technology controls / information security * Foresees issues / gaps and identifies emerging industry trends (i.e. future focused) * Provides recommendations on value-added improvements / enhancements * Top technical expert individual contributor with expert knowledge of IT security and risk disciplines and practices * Advanced and highly specialized knowledge of organization, technology controls / security/ risk issues * Provides recommendations on value-added improvements / enhancements Education & Experience: * Bachelor's degree preferred * Information security certification / accreditation an asset * 10+ years of relevant experience Preferred Qualifications : * Strong GRC experience * Understanding of core technology and security areas such as identity, cloud, data protection, and engineering practices * Security Certifications (CRISC, CISA, Security+) * Strong governance discipline, an enterprise mindset, and the ability to bring clarity, structure, and consistency across diverse teams Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% * Domestic Travel - Occasional * International Travel - Never * Performing sedentary work - Continuous * Performing multiple tasks - Continuous * Operating standard office equipment - Continuous * Responding quickly to sounds - Occasional * Sitting - Continuous * Standing - Occasional * Walking - Occasional * Moving safely in confined spaces - Occasional * Lifting/Carrying (under 25 lbs.) - Occasional * Lifting/Carrying (over 25 lbs.) - Never * Squatting - Occasional * Bending - Occasional * Kneeling - Never * Crawling - Never * Climbing - Never * Reaching overhead - Never * Reaching forward - Occasional * Pushing - Never * Pulling - Never * Twisting - Never * Concentrating for long periods of time - Continuous * Applying common sense to deal with problems involving standardized situations - Continuous * Reading, writing and comprehending instructions - Continuous * Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Must Have Technical/Functional Skills * Proven experience with Palo Alto Networks firewalls (PA-Series, Panorama, GlobalProtect). * Strong understanding of network protocols (TCP/IP, DNS, DHCP, BGP, OSPF). * Experience with Next-Generation Firewall (NGFW) features like App-ID, User-ID, and Threat Intelligence. * Familiarity with network security best practices and incident response. * Hands-on experience with Panorama for centralized management. * Knowledge of cloud firewall deployments (AWS, Azure, GCP) is a plus. * Palo Alto certifications (e.g., PCNSA, PCNSE) are highly desirable. * Excellent troubleshooting and analytical skills. * Strong communication and documentation abilities * Experience with other firewall platforms (e.g., Cisco ASA, Fortinet) is a plus. * Familiarity with SIEM tools and network monitoring systems. Roles & Responsibilities * Design, deploy, and manage Palo Alto firewalls across enterprise environments. * Configure and maintain security policies, NAT rules, VPNs, and threat prevention features. * Monitor firewall performance and logs to identify and mitigate potential threats. * Collaborate with network and security teams to ensure seamless integration of firewall solutions. * Perform regular firewall audits and compliance checks. * Respond to and resolve firewall-related incidents and service requests. * Maintain documentation for firewall configurations, policies, and procedures. * Stay current with emerging threats and Palo Alto product updates. Generic Managerial Skills, If any * Ability to plan, execute, and monitor security projects (e.g., firewall upgrades, incident response plans) * Familiarity with Agile, Scrum, or ITIL frameworks is a plus. * Skilled in evaluating security risks and making informed decisions to mitigate threats. * Prioritizing tasks based on business impact and urgency. * Aligning network security initiatives with organizational goals. * Working closely with network engineers, system admins, developers, and business units. * Facilitating cross-functional communication during incident response or system changes. * Coaching junior engineers on security best practices and tools (e.g., Palo Alto firewalls). * Conducting workshops or knowledge-sharing sessions. * Writing clear documentation, repo rts, and executive summaries. Salary Range: $100,000 - $110,000 a Year TCS Employee Benefits Summary: Discretionary Annual Incentive. Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans. Family Support: Maternal & Parental Leaves. Insurance Options: Auto & Home Insurance, Identity Theft Protection. Convenience & Professional Growth: Commuter Benefits & Certification & amp; Training Reimbursement. Time Off: Vacation, Time Off, Sick Leave & Holidays. Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing. #LI-SP1

WHO WE ARE: ELYON provides the Program Management for its Channel of Commercial Technology companies in Government that consist of Small Businesses and New Technology start-ups. ELYON advocates for policies that can improve government services and maintain our government's competitive advantage, by bringing more technology into government programs. ELYON advocates on behalf of our nation's innovative, new technology and small businesses looking to work with the U.S. government. We do this by aligning the voice of our small business members with advocacy for change in federal policy that will make the government market more accessible to small businesses and the commercial technology ecosystem. The Channel's founding Technical Board Members include former government leaders and IT executives passionate about bringing best-of-breed technology to the government. We are seeking a skilled and experienced Cyber Forensic Analyst III to join our team! Successful ELYON employees possess the following traits: An ability to get things done: You are persistent, resourceful, results-oriented, and action oriented. You constantly plan ahead and foresee issues before they occur. Analytical: In order to improve your comprehension of the market and the demands and problems of your clients, you have good analytical abilities and are at ease reading quantitative data. Creative mind-set: You are able to solve problems creatively and swiftly adjust. You possess a thorough understanding of product management principles and the ability to apply them when analysing data and making recommendations. Emotional Intelligence: You have a strong sense of self and excellent perception of how important relationships function. You are upbeat, sympathetic, adaptable, and inquisitive. Your genuineness, warmth, and competence help you win the respect of your co-workers. Trustworthy: You have a strong sense of morality, principles, and purpose. You are trustworthy because of how you conduct yourself. You are a living example of the company's values. Position Description: We are seeking a highly skilled Cyber Forensic Analyst to support high-impact investigative and intelligence missions involving cybercrime, cryptocurrency, and financial crime. You will work alongside federal agency teams, partner law enforcement agencies, and regulatory bodies to conduct technical and financial investigations. This role requires expertise in analyzing complex cyber threats, blockchain transactions, digital assets, and hidden wealth strategies. You'll need to bring both analytical rigor and a tenacious, detail-oriented mindset to help us trace digital breadcrumbs in support of critical investigations across national security and criminal enforcement efforts. Multiple options: St Petersburg, FL Key Responsibilities Cybercrime Investigative Case Support Work directly on cases with a cyber nexus in collaboration with law enforcement teams and external partners, using advanced investigative tools and techniques: Conduct cryptocurrency tracing and analysis using blockchain forensics tools. Gather and analyze dark web intelligence to identify threat actors, forums, and illicit activity. Perform data analytics to uncover patterns, relationships, and anomalies. Analyze electronic evidence, including servers, hard drives, communications, and OSINT sources. Draft subpoenas targeting financial institutions and cryptocurrency exchanges. Participate in inter-agency meetings with law enforcement, prosecutors, and other stakeholders. Identify overlapping financial transactions and alternative stores of wealth, such as: Prepaid and store gift cards Monetary instruments NFTs and digital assets Cold/public crypto wallets High-end real estate and luxury goods Cyber-Financial Investigative Support Assist in comprehensive financial tracing operations involving both fiat and digital currencies: Analyze bank records, wire transfers, and credit card transactions to track illicit funds. Draft targeted subpoena requests to financial institutions and crypto platforms. Participate in investigative interviews under agency direction. Identify and correlate layered financial networks and hidden asset channels. Apply knowledge of financial laws and frameworks, including: Bank Secrecy Act (BSA) Asset Forfeiture practices Money Laundering statutes OFAC and sanctions compliance Required Qualifications 8+ years of direct experience in cybercrime investigations, blockchain analysis, or digital forensics. Security Clearance Required: Active Secret or above preferred Proven experience with cryptocurrency investigations, darknet operations, or forensic platforms (e.g., Chainalysis, TRM, CipherTrace). Familiarity with financial investigative techniques, including subpoena processes and transactional analysis. Strong working knowledge of cyber law, digital evidence handling, and financial crime statutes. Excellent interpersonal and written communication skills; ability to draft clear, concise, and actionable reports. Ability to work independently in a fast-paced, mission-driven environment. Preferred Qualifications Prior experience supporting federal investigations preferred (FBI, DHS, IRS-CI, HSI, etc.). Certifications such as CFE, CFCE, GCFA, CFCI, or CAMS Familiarity with blockchain intelligence platforms and open-source investigation tools. Understanding of evolving technologies in digital assets and cyber-enabled crime. Why Join Us Work on cutting-edge investigations with national impact. Collaborate with elite teams fighting complex financial and cyber threats. Opportunity for professional growth, certifications, and hands-on casework. Competitive salary, benefits, and mission-driven culture. Benefits: Paid sick leave, Medical/Dental (optional), 401 (k) Retirement Plan (optional), Employer Paid Life Insurance, Employer Paid Short Term Disability, Optional Life Insurance. ELYON International, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Network Security Engineer - Cutting-Edge Tech + Unlimited PTO! Join a fast-moving, innovative team where your expertise in network security makes an impact! We're looking for a Network Security Engineer to secure, optimize, and troubleshoot complex networks while working with the latest security technologies. Enjoy unlimited PTO, performance bonuses, and top-tier career growth opportunities. Why You'll Love This Role ✅ Flexibility - Recharge with unlimited PTO. ✅ Recognition - Earn performance-based bonuses. ✅ Innovation - Work with cutting-edge security tech. ✅ Growth - Advance in a collaborative, fast-paced environment. Your Role & Impact Implement & secure network solutions across multi-cloud and on-prem environments. Lead firewall & network migrations (Cisco, Palo Alto, AWS, Azure, GCP). Troubleshoot & optimize security infrastructure, ensuring compliance with SOX, SOC2, PCI. Act as an escalation point for critical security challenges. What You Bring ✔ Expertise in network security & protocols - BGP, OSPF, EIGRP, SD-WAN. ✔ Hands-on experience with security tools - Cisco Nexus, Firepower, Palo Alto Firewalls (REQUIRED). ✔ Strong troubleshooting & collaboration skills. ✔ Availability for occasional on-call support. Qualifications 5+ years in Network Security (or degree in Engineering). Certifications preferred: Cisco CCNP, CCDP, Palo Alto PCNSA/PCNSE. Why Join Us? 🌍 Work-Life Balance: Unlimited PTO. 💰 Competitive Compensation: Performance-based bonuses. 🔬 Innovative Tech: Work on advanced security solutions. 🤝 Supportive Team: Your expertise is valued. 🚀 Ready to take your career to the next level? Apply today! Laurie Roth President/Sr. Consultant DSN-IT ************ ************* ************** ****************************************************

We are seeking a skilled and motivated Web Application Security Engineer to join our team. As a Web Application Security Engineer, your primary focus will be on managing, monitoring, and responding to security alerts generated by the security tools, while also possessing a solid understanding of various aspects of web application security. You will work closely with development teams to ensure the continuous effectiveness of security measures, identify vulnerabilities, and implement appropriate controls. The ideal candidate will have a strong technical background, a good understanding of web application security principles, and the ability to excel in managing, monitoring, and responding to security alerts. Responsibilities * Assist in determining needs and implementing configurations of various tools based on incoming requests. * Assist in the testing and validation of security controls to ensure their effectiveness and compliance with industry standards. * Manage, monitor, and respond to security alerts generated by the security tools specific to our web application environment. * Investigate and triage security alerts, taking appropriate actions and escalations as necessary. * Assist in security assessments and penetration testing to identify potential vulnerabilities and recommend suitable solutions. * Monitor security logs, alerts, and events to proactively identify potential security incidents. * Create and maintain metrics to track the performance and efficacy of security tools, programs, and controls. * Contribute to compliance efforts by ensuring adherence to relevant security standards, regulations, and policies. * Stay updated with the latest web application security trends, emerging threats, and industry best practices to enhance security measures. Qualifications * Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). * 3-5 years of relevant experience in web application security, with proficiency in programming languages (HTML, CSS, JavaScript, ASP.NET, PHP, Java, etc.). * At least one industry standard certification such as Certified Ethical Hacker (CEH), GIAC Certified Web Application Defender (GWEB), Certified Information Systems Security Professional (CISSP), Certified Application Security Engineer (CASE) or other security vendor certification. * Understanding of web application security fundamentals, secure coding practices, and common vulnerabilities (such as SQL injections, cross-site scripting). * Demonstrated experience in managing, monitoring, and responding to security alerts generated by security tools and programs specific to web application security. * Experience with managing and maintaining Content Delivery Networks (CDNs) and their configurations, preferably Cloudflare. * Familiarity with security testing and assessment tools (such as Burp Suite, OWASP ZAP, Nikto, Nessus, Nmap) and their application in vulnerability identification and mitigation. * Knowledge of secure software development lifecycle (SDLC) methodologies and ability to apply security principles throughout the development process. * Familiarity with security standards and frameworks (OWASP, NIST, PCI DSS, ISO 27001) and their practical application in securing web applications. * Excellent communication and collaboration skills with the ability to work effectively with technical and nontechnical stakeholders. * Strong analytical mindset and problem-solving abilities to identify and address security risks and vulnerabilities. * Self-motivated with a passion for continuous learning and professional development in the field of web application security. Native American Preference Policy: The Tribal Council gives preference in all of its employment practices to Native Americans. First preference in hiring, training, promoting and in all other aspects of employment is given to members of the Seminole Tribe who meet the job requirements. Second preference is given to members of other federally recognized Native American Tribes who meet the job requirements.

blue Stone Recruiting is a national search firm with a focus of placing top Cyber Security talent from the Analyst level to CISO with prestigious organizations nationwide Job Description Reports to CISO and works with a team of Cyber Security specialists. The Cyber Security Analyst is responsible for identifying risks to the confidentiality, integrity, and availability of our clients products and services, while maintaining compliance with applicable regulatory standards. In this role, you will be expected to contribute to the integrity and sustainability of the service delivery network, which consists of advanced server-based applications used to support our client's customers. The successful candidate will work directly with senior team members on issues that may require some after-hours and weekend availability. Specific Job Duties: • Articulate technical and security requirements to departments/business groups • Identify gaps in security operations and develop mitigation strategies • Assist with the maintenance of application and operating system software in the Service Delivery Network • Participate in disaster recovery and business continuity planning • Perform software development lifecycle auditing • Prioritize compliance actions according to business risk Desired Preferred Skills: • Industry certifications - PMP, CISA, CISSP, Security + • Department of Defense IT experience • Pharmacy or healthcare experience Qualifications • Masters's degree in computer science or relative discipline • 5-10 years combined experience in information security • Proficient with Unix / Linux • Strong analytical problem solving • Knowledge of the software development lifecycle • Proven ability to plan and work to a deadline • Must be able to obtain Department of Defense clearance Additional InformationWork with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

Job DescriptionAt ITRADE STEM, we help accelerate job creation and support the future of industries in space, technology, energy, and manufacturing. We achieve this by developing workforce programs that equip talent with skills for sustainable growth. Join us on our mission to redefine STEM! JOB OVERVIEW: ITRADE is seeking a Concierge Security Engineer (CSE) to join our team in Fort Lauderdale, FL , for an internship opportunity. The Concierge Security Engineer will build and maintain strong customer partnerships while delivering customized security solutions. Core duties include investigating security incidents, configuring and troubleshooting data sources, and ensuring smooth service delivery. Respond promptly to customer requests for guidance, information, or support, coordinating with other teams when needed. Foster proactive communication and collaboration with internal and external stakeholders. The Concierge Security Engineer (CSE) role is an excellent internship opportunity for a highly talented, high-potential aspiring cybersecurity analyst who thrives in a highly dynamic environment. This opportunity combines the expertise of an IT Security Analyst, Security Architect, and Incident Response Consultant. Success requires strong technical capabilities and the ability to communicate complex security concepts clearly and effectively to a non-technical audience. RESPONSIBILITIES: Build and nurture exceptional customer relationships, ensuring a strong and lasting partnership Deliver security solutions directly to customers, including configuring, troubleshooting, and verifying data sources Respond promptly to customers' requests for guidance, information, or support, escalating issues as necessary and coordinating with other teams to ensure resolution Proactively engage and communicate with internal and external stakeholders to foster collaboration and transparency Serve in a multifaceted role that blends responsibilities of an IT Security Analyst, Security Architect, and Incident Response Consultant REQUIREMENTS: Bachelor's degree in Computer Science, Information Security, or related discipline Strong understanding of IT security principles, standards, and best practices Experience with security information and event management (SIEM) platforms Excellent communication skills with the ability to convey complex technical concepts to non-technical audiences Knowledge of leading security frameworks such as NIST, ISO 27001, CIS Proficiency with security tools, threat detection techniques, and incident response procedures Strong analytical skills, a problem-solving mindset, and a commitment to delivering excellent customer services

Cloud Security Engineers are responsible for the secure operations of cloud infrastructure, platforms, and software, including the installation, maintenance, and improvement of cloud computing environments. They also help develop new designs and security strategies across cloud-based and hybrid applications, infrastructure, platforms, and SaaS. Leads the analysis, implementation, execution, and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains and reviews security systems while assessing security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration, or denial of access to information. Follows standard practices and procedures in analyzing situations or data. This position reports to the Director of Information Security. Responsibilities The primary duties and responsibilities of the Cloud Security Engineer are: Assessing Existing Infrastructure and Identifying Threats. Providing recommendations on New Infrastructure and Threat Modeling to assist in stakeholder decisions. Developing, solutioning, operating, maintaining, and supporting a secure cloud environment with technologies including but not limited to: Servers, Storage, Network services, Enterprise applications, Cloud platform support, Automation, CI/CD, Managing cryptography and encryption, IAM, Threat Detection, Logging, PKI, SaaS, and PaaS. Monitoring for and responding to incidents in cloud environments. Keeping cloud infrastructure current, making recommendations, and continually improving cloud security technologies. Analyzing, designing, and developing programs, shell scripts, tests, and infrastructure automation capabilities. Develop security standards in partnership with Engineering, Infrastructure Services, and Application Development. Representing the cloud security team in change control activities and ensure proposed changes are in alignment with security best practices. Staying abreast with security standards and emerging vulnerabilities/threats to proactively resolve/remediate/mitigate. Engage in digital forensics to investigate breaches or security incidents in the cloud. Collaborate with Disaster Recovery and Business Continuity Teams and play a pivotal role in developing, testing, and refining disaster recovery plans tailored for cloud environments. Empower the Security Compliance and Data Protection Team to audit cloud environments to ensure compliance and pinpoint areas of improvement. Using metrics and KPIs to drive and further Security Posture Initiatives. Establish and maintain a feedback mechanism where security measures are not only implemented but also refined based on feedback to enhance security protocols continuously. Performing other security team relevant duties and responsibilities as assigned. Participate in incident response activities as assigned. Preferred Experience Experience in designing, deploying and operating secure cloud solutions, including design documentation, assessment of risk, cost impact, and proposal of savings. Experience with Cloud Security Posture Management, Cloud Workload Management, SaaS Security Posture Management, Cloud Network Security, Cloud Native Application Protection and Cloud Identity Security. Deep technical knowledge of on-prem Data Center technologies as well as Cloud Service, PaaS and SaaS Providers. Has experience writing formal security assessments and ad-hoc security reports. Experience working as part of a security incident response team as needed and key escalation point for all cloud related incidents. Experience delivering security metrics and measurement capability to demonstrate operational security posture. Experience in data protection and privacy management. Skills Required Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus. Clear ability to build strong relationships and establish trust with stakeholders at all levels. Excellent verbal and written communications skills. Multiple language abilities preferred - fluency in English (written and spoken) required. Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner. Ability to solve complex problems in a timely manner by working with multiple stakeholders. Ability to manage multiple tasks and work streams effectively. Ability to follow detailed procedures and processes with a high degree of accuracy. Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product. Deep understanding of Cyber Security control environments and their relationship to zero-trust networks. Display a keen ability to adapt to new tools, technologies, and evolving threat landscapes in the realm of cloud security. Experience in 3 or more of the following: network design, mobile security, network and firewall security technologies, SaaS/PaaS Security, vulnerability management or penetration testing. Flexibility to travel as required up to 15% overnight travel. Qualifications Experience / Education / Certifications Bachelor's degree preferred in Computer Sciences, Information Technology, Information Security or other related field Three (3) years or more experience with architecting and operating solutions involving one or more cloud service providers Microsoft Azure, AWS, GCP, etc. Five (5) years of Cyber Security related work experience Practical knowledge of any combination of Payment Card Industry (PCI), GDPR, NIST standards, or ISO27000 series. At least one industry standard certification such as CCSK, CCSP, Certified Information Systems Security Professional (CISSP), or other Cloud Security certification. #IndeedSHRSS #LI-Hybrid #zipcorpor We can recommend jobs specifically for you! Click here to get started.

Job Description Cloud Security Engineers are responsible for the secure operations of cloud infrastructure, platforms, and software, including the installation, maintenance, and improvement of cloud computing environments. They also help develop new designs and security strategies across cloud-based and hybrid applications, infrastructure, platforms, and SaaS. Leads the analysis, implementation, execution, and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains and reviews security systems while assessing security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration, or denial of access to information. Follows standard practices and procedures in analyzing situations or data. This position reports to the Director of Information Security. Responsibilities The primary duties and responsibilities of the Cloud Security Engineer are: Assessing Existing Infrastructure and Identifying Threats. Providing recommendations on New Infrastructure and Threat Modeling to assist in stakeholder decisions. Developing, solutioning, operating, maintaining, and supporting a secure cloud environment with technologies including but not limited to: Servers, Storage, Network services, Enterprise applications, Cloud platform support, Automation, CI/CD, Managing cryptography and encryption, IAM, Threat Detection, Logging, PKI, SaaS, and PaaS. Monitoring for and responding to incidents in cloud environments. Keeping cloud infrastructure current, making recommendations, and continually improving cloud security technologies. Analyzing, designing, and developing programs, shell scripts, tests, and infrastructure automation capabilities. Develop security standards in partnership with Engineering, Infrastructure Services, and Application Development. Representing the cloud security team in change control activities and ensure proposed changes are in alignment with security best practices. Staying abreast with security standards and emerging vulnerabilities/threats to proactively resolve/remediate/mitigate. Engage in digital forensics to investigate breaches or security incidents in the cloud. Collaborate with Disaster Recovery and Business Continuity Teams and play a pivotal role in developing, testing, and refining disaster recovery plans tailored for cloud environments. Empower the Security Compliance and Data Protection Team to audit cloud environments to ensure compliance and pinpoint areas of improvement. Using metrics and KPIs to drive and further Security Posture Initiatives. Establish and maintain a feedback mechanism where security measures are not only implemented but also refined based on feedback to enhance security protocols continuously. Performing other security team relevant duties and responsibilities as assigned. Participate in incident response activities as assigned. Preferred Experience Experience in designing, deploying and operating secure cloud solutions, including design documentation, assessment of risk, cost impact, and proposal of savings. Experience with Cloud Security Posture Management, Cloud Workload Management, SaaS Security Posture Management, Cloud Network Security, Cloud Native Application Protection and Cloud Identity Security. Deep technical knowledge of on-prem Data Center technologies as well as Cloud Service, PaaS and SaaS Providers. Has experience writing formal security assessments and ad-hoc security reports. Experience working as part of a security incident response team as needed and key escalation point for all cloud related incidents. Experience delivering security metrics and measurement capability to demonstrate operational security posture. Experience in data protection and privacy management. Skills Required Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus. Clear ability to build strong relationships and establish trust with stakeholders at all levels. Excellent verbal and written communications skills. Multiple language abilities preferred - fluency in English (written and spoken) required. Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner. Ability to solve complex problems in a timely manner by working with multiple stakeholders. Ability to manage multiple tasks and work streams effectively. Ability to follow detailed procedures and processes with a high degree of accuracy. Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product. Deep understanding of Cyber Security control environments and their relationship to zero-trust networks. Display a keen ability to adapt to new tools, technologies, and evolving threat landscapes in the realm of cloud security. Experience in 3 or more of the following: network design, mobile security, network and firewall security technologies, SaaS/PaaS Security, vulnerability management or penetration testing. Flexibility to travel as required up to 15% overnight travel. Qualifications Experience / Education / Certifications Bachelor's degree preferred in Computer Sciences, Information Technology, Information Security or other related field Three (3) years or more experience with architecting and operating solutions involving one or more cloud service providers Microsoft Azure, AWS, GCP, etc. Five (5) years of Cyber Security related work experience Practical knowledge of any combination of Payment Card Industry (PCI), GDPR, NIST standards, or ISO27000 series. At least one industry standard certification such as CCSK, CCSP, Certified Information Systems Security Professional (CISSP), or other Cloud Security certification. #IndeedSHRSS #LI-Hybrid #zipcorpor

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.

Hours: 40 Pay Details: $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions Job Description: The Information Security Specialist - Penetration Tester defines, develops and/or implements Technology Controls / Information Security related policies, programs, tools and provides specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank. Participates on projects of moderate to high complexity and provides complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area. Responsibilities: * Conduct Penetration Tests: Perform thorough and methodical penetration testing on web applications, mobile, AI, network infrastructures, and other systems to identify security vulnerabilities. * Vulnerability Assessment: Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. * Report Findings: Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. * Develop and Execute Test Plans: Design and execute detailed test plans * Stay Current: Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. * Collaborate with Teams: Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements. * Perform Risk Assessments: Evaluate and assess potential security risks related to new and existing systems and technologies. * Compliance: Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies Depth & Scope: * Participates on complex, comprehensive or large projects and initiatives * Acts as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors * Has advanced knowledge of organization, technology controls / security/ risk issues Education & Experience: * Bachelor's degree preferred * Information security certification / accreditation an asset * 7+ years of relevant experience * Expert knowledge of IT security and risk disciplines and practices Preferred Qualifications : * Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. * Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. * Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. * Familiarity with security standards and frameworks Certifications: Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% * Domestic Travel - Occasional * International Travel - Never * Performing sedentary work - Continuous * Performing multiple tasks - Continuous * Operating standard office equipment - Continuous * Responding quickly to sounds - Occasional * Sitting - Continuous * Standing - Occasional * Walking - Occasional * Moving safely in confined spaces - Occasional * Lifting/Carrying (under 25 lbs.) - Occasional * Lifting/Carrying (over 25 lbs.) - Never * Squatting - Occasional * Bending - Occasional * Kneeling - Never * Crawling - Never * Climbing - Never * Reaching overhead - Never * Reaching forward - Occasional * Pushing - Never * Pulling - Never * Twisting - Never * Concentrating for long periods of time - Continuous * Applying common sense to deal with problems involving standardized situations - Continuous * Reading, writing and comprehending instructions - Continuous * Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.

Cloud Security Engineers are responsible for the secure operations of cloud infrastructure, platforms, and software, including the installation, maintenance, and improvement of cloud computing environments. They also help develop new designs and security strategies across cloud-based and hybrid applications, infrastructure, platforms, and SaaS. Leads the analysis, implementation, execution, and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains and reviews security systems while assessing security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration, or denial of access to information. Follows standard practices and procedures in analyzing situations or data. This position reports to the Director of Information Security. Responsibilities The primary duties and responsibilities of the Cloud Security Engineer are: * Assessing Existing Infrastructure and Identifying Threats. * Providing recommendations on New Infrastructure and Threat Modeling to assist in stakeholder decisions. * Developing, solutioning, operating, maintaining, and supporting a secure cloud environment with technologies including but not limited to: Servers, Storage, Network services, Enterprise applications, Cloud platform support, Automation, CI/CD, Managing cryptography and encryption, IAM, Threat Detection, Logging, PKI, SaaS, and PaaS. * Monitoring for and responding to incidents in cloud environments. * Keeping cloud infrastructure current, making recommendations, and continually improving cloud security technologies. * Analyzing, designing, and developing programs, shell scripts, tests, and infrastructure automation capabilities. * Develop security standards in partnership with Engineering, Infrastructure Services, and Application Development. * Representing the cloud security team in change control activities and ensure proposed changes are in alignment with security best practices. * Staying abreast with security standards and emerging vulnerabilities/threats to proactively resolve/remediate/mitigate. * Engage in digital forensics to investigate breaches or security incidents in the cloud. * Collaborate with Disaster Recovery and Business Continuity Teams and play a pivotal role in developing, testing, and refining disaster recovery plans tailored for cloud environments. * Empower the Security Compliance and Data Protection Team to audit cloud environments to ensure compliance and pinpoint areas of improvement. Using metrics and KPIs to drive and further Security Posture Initiatives. * Establish and maintain a feedback mechanism where security measures are not only implemented but also refined based on feedback to enhance security protocols continuously. * Performing other security team relevant duties and responsibilities as assigned. * Participate in incident response activities as assigned. Preferred Experience * Experience in designing, deploying and operating secure cloud solutions, including design documentation, assessment of risk, cost impact, and proposal of savings. * Experience with Cloud Security Posture Management, Cloud Workload Management, SaaS Security Posture Management, Cloud Network Security, Cloud Native Application Protection and Cloud Identity Security. * Deep technical knowledge of on-prem Data Center technologies as well as Cloud Service, PaaS and SaaS Providers. * Has experience writing formal security assessments and ad-hoc security reports. * Experience working as part of a security incident response team as needed and key escalation point for all cloud related incidents. * Experience delivering security metrics and measurement capability to demonstrate operational security posture. * Experience in data protection and privacy management. Skills Required * Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus. * Clear ability to build strong relationships and establish trust with stakeholders at all levels. * Excellent verbal and written communications skills. Multiple language abilities preferred - fluency in English (written and spoken) required. * Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner. * Ability to solve complex problems in a timely manner by working with multiple stakeholders. * Ability to manage multiple tasks and work streams effectively. * Ability to follow detailed procedures and processes with a high degree of accuracy. * Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product. * Deep understanding of Cyber Security control environments and their relationship to zero-trust networks. * Display a keen ability to adapt to new tools, technologies, and evolving threat landscapes in the realm of cloud security. * Experience in 3 or more of the following: network design, mobile security, network and firewall security technologies, SaaS/PaaS Security, vulnerability management or penetration testing. * Flexibility to travel as required up to 15% overnight travel. Qualifications Experience / Education / Certifications * Bachelor's degree preferred in Computer Sciences, Information Technology, Information Security or other related field * Three (3) years or more experience with architecting and operating solutions involving one or more cloud service providers Microsoft Azure, AWS, GCP, etc. * Five (5) years of Cyber Security related work experience * Practical knowledge of any combination of Payment Card Industry (PCI), GDPR, NIST standards, or ISO27000 series. * At least one industry standard certification such as CCSK, CCSP, Certified Information Systems Security Professional (CISSP), or other Cloud Security certification. #IndeedSHRSS #LI-Hybrid #zipcorpor