Security engineer jobs in Delray Beach, FL

We are seeking a Channel Security Engineer (SE) based in Miami to partner closely with our Channel Sales team. This role is instrumental in driving technical alignment and growth across Fortinet's partner ecosystem. The SE will play a key role in pre-sales technical support, partner enablement, solution development, and driving joint strategy with our channel partners. The ideal candidate will possess a strong network security background, with additional experience in cloud security, SASE, application security, OT, and SecOps being highly desirable. Experience working with or for resellers, MSSPs, or security vendors is considered a strong asset. We are looking for: Develop and execute a joint strategy in collaboration with your aligned Channel Account Manager (CAM), aligning partner initiatives with Fortinet's overall goals. Collaborate with Fortinet field teams (sales, SEs, marketing, overlays) and partner stakeholders (sales, technical, professional services, managed services) to build and launch joint go-to-market solutions. Drive sales growth in core network security while expanding partner capabilities across the broader Fortinet portfolio. Consult on the development of managed service offerings with key partners to address evolving customer and market demands. Act as the primary technical contact for assigned partners, working closely with the aligned CAM(s) to support and advance the partnership. Maintain a deep technical understanding of Fortinet products, the competitive landscape, and the latest security trends to articulate Fortinet's value and differentiation. Confidently present Fortinet solutions through whiteboarding, demonstrations, technical planning, and collaborative customer discussions…both remotely and in person. Manage multiple deals and initiatives simultaneously while ensuring a positive and professional experience for partners and customers. Deliver weekly updates to leadership on progress, partner engagement, and strategic initiatives. Host and participate in technical webinars, hands-on demos, and other partner-facing enablement activities. Support partner technical training events, including Fast Tracks and workshops, for SEs, Solutions Architects, and Professional Services engineers. Travel to partner sites and attend partner events (including occasional after-hours commitments) as needed to support relationship development and technical engagement. Engage across multiple business units within the partner ecosystem, including Cloud, Security, Pre-Sales, and Managed Services, prioritizing efforts based on mutual objectives. Candidates experience: 5-8 years of experience in technical pre-sales roles such as Pre-Sales Engineer, Solutions Architect, or Security Specialist. A proven ability to think strategically and act independently to drive sales opportunities to technical closure. A background in managing end-to-end technical aspects of deals, including scoping, solution design, and closure. Demonstrated problem-solving skills that have directly contributed to successful outcomes and key wins. Experience in building and maintaining technical relationships with channel partners, and the ability to effectively communicate with both internal and external stakeholders. Strong public speaking, presentation, and training skills, with the ability to convey complex technical topics to diverse audiences. Excellent written and verbal communication skills. Ability to clearly explain technical solutions and architectures using whiteboarding, Visio, or similar diagramming tools. A strong foundation in networking and security protocols, including TCP/IP, IPv4/IPv6, subnetting, DNS, HTTP, SMTP, RADIUS, LDAP, Active Directory, PKI, IKE, certificates, L2TP, SSL VPN, IPSEC, 802.1Q, VLANs, LACP, MD5, SSH, SSL, SHA1/512, 3DES, AES. Hands-on experience with technical troubleshooting in complex network or security environments. Deep technical knowledge in key technologies such as encryption and authentication, Wi-Fi, load balancing, application delivery, Ethernet switching, APIs, two-factor authentication, malware sandboxing, secure email gateways, WAF, cloud platforms (AWS, Azure), SDN, NFV, virtualization, centralized management tools, and security operations platforms (SIEM, EDR, MDR, XDR, NDR). Previous experience working for a vendor or reseller is considered an asset. Fortinet NSE certifications are an asset. Why Join Us: We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being. Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.

Reports to CISO and works with a team of Cyber Security specialists. The Cyber Security Analyst is responsible for identifying risks to the confidentiality, integrity, and availability of our clients products and services, while maintaining compliance with applicable regulatory standards. In this role, you will be expected to contribute to the integrity and sustainability of the service delivery network, which consists of advanced server-based applications used to support our client's customers. The successful candidate will work directly with senior team members on issues that may require some after-hours and weekend availability. Specific Job Duties: • Articulate technical and security requirements to departments/business groups • Identify gaps in security operations and develop mitigation strategies • Assist with the maintenance of application and operating system software in the Service Delivery Network • Participate in disaster recovery and business continuity planning • Perform software development lifecycle auditing • Prioritize compliance actions according to business risk Desired Preferred Skills: • Industry certifications - PMP, CISA, CISSP, Security + • Department of Defense IT experience • Pharmacy or healthcare experience Qualifications • Masters's degree in computer science or relative discipline • 5-10 years combined experience in information security • Proficient with Unix / Linux • Strong analytical problem solving • Knowledge of the software development lifecycle • Proven ability to plan and work to a deadline • Must be able to obtain Department of Defense clearance Additional Information Work with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

Job Title: SCITES - Cyber Security Analyst Required Clearance: Minimum Secret clearance upon start and be eligible for TS/SCI clearance Required Certification(s): DoDM 8570 CSSP Category Certification (e.g. CompTIA CySA+ or CEH) Required Education: Bachelor's in IT or a related technical discipline preferred or commensurate level of experience based on position level Required Experience: Advisor 8+ Years, Senior 5+ Years, Analyst 0 - 2 Years Position Description: Exeter is seeking personnel to provide Cyber Security, Computer Network Defense in support of the SOUTHCOM Cyber Information Technology Enterprise Services (SCITES) Contract in Doral FL. Primary Responsibilities: Incident Reporting, manages, track and report incidents to include submitting incident reports using the SharePoint Incident Reporting Portal Uses SIEM Q-RADAR/ArcSight for event tracking and correlation Develops, tests, and operates firewalls, intrusion detection systems, enterprise antivirus systems and software deployment tools Evaluate firewall change requests and assess organizational risk Safeguards network against unauthorized infiltration, modification, destruction or disclosure Researches, evaluates, tests, recommends, communicates and implements new security software or dev forensics; manages, performs and reports forensics analysis to government leadership Monitor and analyze Network IDS to identify security issues for remediation Manages, performs and monitors the following CND tools: PowerShell, IBM Q-RADAR, CISCO SOURCEFIRE (IDS), WIDS, ACAS,JRSS Stack: Agency FIREWALL PALO ALTO, BASE FIREWALL CISCO ASA, Tipping Point (IPS), PCAP collector, InQuest, ArcSight ESM and loggers, Lancope, Blue coat Web Proxy Required Qualifications: Must be a U.S. Citizen Minimum Secret clearance upon start and be eligible for TS/SCI clearance DoDM 8570 Cyber Security Service Provider (CSSP) Category Certification (e.g. CompTIA CySA+ or CEH) Shift work required to support real-world or contingency operations Candidates must be local or willing to relocate Desired Qualifications/Experience: Bachelor's Degree in specialty field Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. #clearancejobs

Job Description Octagon Talent Solutions is a South Florida-based, full-service technology recruitment and staffing firm dedicated to connecting top talent with the right opportunities. We take a human-centered approach to technical recruitment, prioritizing candidates' long-term career goals while carefully evaluating cultural fit. By fostering meaningful, lasting relationships, we deliver placements built to last. Job Overview: We are seeking a seasoned Concierge Security Engineer (CSE) to join our team in Fort Lauderdale, FL. The Concierge Security Engineer will build and maintain strong partnerships with customers while delivering customized security solutions. Core duties include investigating security incidents, configuring and troubleshooting data sources, and ensuring smooth service delivery. Respond promptly to customer requests for guidance, information, or support promptly, coordinating with other teams when needed. Foster proactive communication and collaboration with internal and external stakeholders. The Concierge Security Engineer (CSE) role combines the expertise of an IT Security Analyst, Security Architect, and Incident Response Consultant. Success requires both strong technical capabilities and the ability to communicate complex security concepts clearly and effectively to a non-technical audience. RESPONSIBILITIES: Build and nurture exceptional relationships with customers, ensuring a strong and lasting partnership. Deliver security solutions directly to customers, including, configuring, troubleshooting, and verifying data sources. Respond promptly to customers requests for guidance, information, or support, escalating issues as necessary and coordinating with other teams to ensure resolution. Proactively engage and communicate with both internal and external stakeholders to foster collaboration and transparency. Serve in a multifaceted role that blends responsibilities of an IT Security Analyst, Security Architect, and Incident Response Consultant. REQUIREMENTS: Bachelor's degree in Computer Science, Information Security, or related discipline. Strong understanding of IT security principles, standards, and best practices. Experience with security information and event management (SIEM) platforms Excellent communication skills with ability to convey complex technical concepts to non-technical audiences Knowledge with leading security frameworks such as NIST, ISO 27001, CIS. Proficiency with security tools, threat detection techniques, and incident response procedures Strong analytical skills, a problem-solving mindset, and a commitment to delivering excellent customer services.

We are seeking a skilled and motivated Web Application Security Engineer to join our team. As a Web Application Security Engineer, your primary focus will be on managing, monitoring, and responding to security alerts generated by the security tools, while also possessing a solid understanding of various aspects of web application security. You will work closely with development teams to ensure the continuous effectiveness of security measures, identify vulnerabilities, and implement appropriate controls. The ideal candidate will have a strong technical background, a good understanding of web application security principles, and the ability to excel in managing, monitoring, and responding to security alerts. Responsibilities Assist in determining needs and implementing configurations of various tools based on incoming requests. Assist in the testing and validation of security controls to ensure their effectiveness and compliance with industry standards. Manage, monitor, and respond to security alerts generated by the security tools specific to our web application environment. Investigate and triage security alerts, taking appropriate actions and escalations as necessary. Assist in security assessments and penetration testing to identify potential vulnerabilities and recommend suitable solutions. Monitor security logs, alerts, and events to proactively identify potential security incidents. Create and maintain metrics to track the performance and efficacy of security tools, programs, and controls. Contribute to compliance efforts by ensuring adherence to relevant security standards, regulations, and policies. Stay updated with the latest web application security trends, emerging threats, and industry best practices to enhance security measures. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 3-5 years of relevant experience in web application security, with proficiency in programming languages (HTML, CSS, JavaScript, ASP.NET, PHP, Java, etc.). At least one industry standard certification such as Certified Ethical Hacker (CEH), GIAC Certified Web Application Defender (GWEB), Certified Information Systems Security Professional (CISSP), Certified Application Security Engineer (CASE) or other security vendor certification. Understanding of web application security fundamentals, secure coding practices, and common vulnerabilities (such as SQL injections, cross-site scripting). Demonstrated experience in managing, monitoring, and responding to security alerts generated by security tools and programs specific to web application security. Experience with managing and maintaining Content Delivery Networks (CDNs) and their configurations, preferably Cloudflare. Familiarity with security testing and assessment tools (such as Burp Suite, OWASP ZAP, Nikto, Nessus, Nmap) and their application in vulnerability identification and mitigation. Knowledge of secure software development lifecycle (SDLC) methodologies and ability to apply security principles throughout the development process. Familiarity with security standards and frameworks (OWASP, NIST, PCI DSS, ISO 27001) and their practical application in securing web applications. Excellent communication and collaboration skills with the ability to work effectively with technical and nontechnical stakeholders. Strong analytical mindset and problem-solving abilities to identify and address security risks and vulnerabilities. Self-motivated with a passion for continuous learning and professional development in the field of web application security. Native American Preference Policy: The Tribal Council gives preference in all of its employment practices to Native Americans. First preference in hiring, training, promoting and in all other aspects of employment is given to members of the Seminole Tribe who meet the job requirements. Second preference is given to members of other federally recognized Native American Tribes who meet the job requirements. We can recommend jobs specifically for you! Click here to get started.

Job Details Corporate Headquarters Miami - Doral, FLDescription For nearly 30 years, DASI has been in the business of providing comprehensive aircraft inventory support for airlines, MROs, OEMs, and distributors. Headquartered in Miami, Florida, with service centers in London and Singapore, DASI is a truly global partner, serving customers' parts and inventory needs in more than 140 countries. DASI is embracing the potential of online sales and their digital marketplace, which has been growing exponentially and has tremendous potential with the right technology team in place to support and take it to the next level. Purpose: At DASI, we offer a total e-procurement solution for aircraft parts to its customers. Our IT department plays a critical role in aligning technology with business goals, ensuring secure and high-quality service delivery. The role of Junior Cyber Security Analyst is key in supporting secure operations that safeguard digital assets, to achieve these goals. The ideal candidate will assist in monitoring, detecting, and responding to cybersecurity threats, supporting vulnerability management efforts, and contributing to overall risk mitigation activities. This is an entry-level, full-time, onsite position offering a great opportunity to build foundational cybersecurity skills while contributing to a forward-thinking IT department. This role is ideal for early-career professionals or recent graduates looking to build practical experience in cybersecurity within a collaborative, fast-paced environment. Key accountabilities: Monitor and analyse security alerts from SIEM, EDR, and other tools. Investigate suspicious activity and assist in incident response. Assist with vulnerability scans and tracking remediation efforts. Maintain and update security logs and reports. Support compliance efforts (e.g., NIST, SOC 2) through documentation and audit preparation. Assist in phishing simulations and awareness campaigns. Maintain inventory of digital assets and help track security baselines. Collaborate with IT and DevOps teams to implement security controls. Stay informed on the latest cybersecurity threats and mitigation strategies. Perform all other duties as assigned. Key skills and competences: Possess strong analytical and troubleshooting skills. Possess excellent written and verbal communication skills. Has an understanding of basic cybersecurity principles and network security concepts. Shows an eagerness to learn and develop skills in cybersecurity. Has a high degree of self-direction, motivation, and energy. Experience and qualifications: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field, or equivalent practical experience. Relevant certifications (e.g., CompTIA Security+, (ISC)² Certified in Cybersecurity (CC), Microsoft SC-900, GIAC Security Essentials (GSEC), or equivalent). Exposure to compliance or regulatory frameworks is a plus, but not required. Aerospace background or experience is a plus, but not required. DASI, LLC. and group companies are an Equal Opportunities Employer

At ITRADE STEM, we are shaping the future by fostering job creation and advancing key industries such as space, technology, energy, and manufacturing. Through innovative programs, we equip individuals with career opportunities that enhance essential skills and promote sustainable growth. Join us in our mission to redefine the possibilities of STEM! Job Overview: We are seeking a seasoned Concierge Security Engineer (CSE) to join our team in Fort Lauderdale, FL. The Concierge Security Engineer will build and maintain strong partnerships with customers while delivering customized security solutions. Core duties include investigating security incidents, configuring and troubleshooting data sources, and ensuring smooth service delivery. Respond promptly to customer requests for guidance, information, or support promptly, coordinating with other teams when needed. Foster proactive communication and collaboration with internal and external stakeholders. The Concierge Security Engineer (CSE) role combines the expertise of an IT Security Analyst, Security Architect, and Incident Response Consultant. Success requires both strong technical capabilities and the ability to communicate complex security concepts clearly and effectively to a non-technical audience. RESPONSIBILITIES: Build and nurture exceptional relationships with customers, ensuring a strong and lasting partnership. Deliver security solutions directly to customers, including, configuring, troubleshooting, and verifying data sources. Respond promptly to customers requests for guidance, information, or support, escalating issues as necessary and coordinating with other teams to ensure resolution. Proactively engage and communicate with both internal and external stakeholders to foster collaboration and transparency. Serve in a multifaceted role that blends responsibilities of an IT Security Analyst, Security Architect, and Incident Response Consultant. REQUIREMENTS: Bachelor's degree in Computer Science, Information Security, or related discipline. Strong understanding of IT security principles, standards, and best practices. Experience with security information and event management (SIEM) platforms Excellent communication skills with ability to convey complex technical concepts to non-technical audiences Knowledge with leading security frameworks such as NIST, ISO 27001, CIS. Proficiency with security tools, threat detection techniques, and incident response procedures Strong analytical skills, a problem-solving mindset, and a commitment to delivering excellent customer services.

Our Company: At red violet, we build proprietary technologies and apply analytical capabilities to deliver identity intelligence. Our technology powers critical solutions, which empower organizations to operate with confidence. Our solutions enable the real-time identification and location of people, businesses, assets and their interrelationships. These solutions are used for purposes including identity verification, risk mitigation, due diligence, fraud detection and prevention, regulatory compliance, and customer acquisition. Our intelligent platform, CORE™, is purpose-built for the enterprise, yet flexible enough for organizations of all sizes, bringing clarity to massive datasets by transforming data into intelligence. Our solutions are used today to enable frictionless commerce, to ensure safety, and to reduce fraud and the concomitant expense borne by society. The Role: Cloud Security Engineer is responsible for ensuring information systems data availability, integrity, authentication, confidentiality, and non-repudiation within the cloud environments. In collaboration with other information security staff and technical teams, this position develops and implements security measures and controls for information systems and networks. The Cloud Security Engineer advises management that systems adhere to established cloud security standards and regulatory requirements. What You Will Do: Advise, design, implement, and maintain security controls and solutions for cloud-based infrastructure and applications. Protects systems by defining and maintaining logical access privileges, access control structures, and processes. Conduct regular security assessments and audits of cloud environments to identify and address vulnerabilities and threats. Collaborate with cross-functional teams to integrate security best practices into cloud architecture and development processes. Provide detailed documentation of all work. Recognizes information security-related problems by identifying abnormalities and reporting violations/exceptions to the appropriate stakeholder(s). Implements cloud security improvements by assessing current situations; evaluating trends; anticipating future requirements. Support the team during security incidents and investigations and work with broad teams to advance the security posture of the company. Assist the stakeholders in identifying and evaluating technical and operational security risks, threats, weaknesses, and vulnerabilities. Identify, advise, and implement new security technologies, including AI, and best practices into the company's cloud infrastructure. Stay up-to-date on emerging threats, vulnerabilities, and security technologies in the cloud space. Cloud & AI Security Design: Design, implement, and maintain security controls for cloud-native and AI-based systems, including ML pipelines, AI APIs, and LLM-integrated services. What You Bring: 2+ years of experience in cloud security engineering. 5+ years of hands-on experience in IT Security or related areas. Experience working with cloud security tools such as Firewall, anti-virus, WAF, SIEM, log management, and system monitoring. Bachelor of Science in Computer Science, Information Technology, Information Security, or related field. Strong communication and collaboration skills with the ability to work effectively with cross-functional teams. Experience with scripting and automation tools (e.g., Python, PowerShell) for security tasks preferred. Deep understanding of cloud computing technologies (e.g., AWS, Azure, Google Cloud) and associated security controls. Strong knowledge of security principles, standards, and best practices (e.g., NIST, ISO 27001, PCI, SOC). Able to use sound judgment; work independently, with minimal supervision Applicants must have permanent work authorization in the U.S.; we are not sponsoring visas for this role. What We Offer: red violet offers excellent benefits including opportunity for stock (RSU) grants, a 401K and generous company match, flexible PTO policy, medical, dental and vision coverage, commuter benefits, in-office healthy snacks, team events and more. red violet is proud to be an Equal Opportunity Employer.

Support / Security Engineer Location: Hybrid We are seeking a highly skilled Full Stack .NET Software Engineer to join our team. The ideal candidate will have experience in developing web applications using .NET technologies and will be responsible for designing, developing, and maintaining software applications. Responsibilities: Design, develop, and maintain software applications using .NET technologies Collaborate with cross-functional teams to identify and prioritize software features Write clean, efficient, and well-documented code Participate in code reviews and provide constructive feedback to other team members Stay up-to-date with emerging trends and technologies in software development Requirements: Bachelor's degree in Computer Science or related field 3+ years of experience in developing web applications using .NET technologies Strong knowledge of C#, ASP.NET, MVC, and SQL Server Experience with front-end technologies such as HTML, CSS, JavaScript, and jQuery Experience with Agile development methodologies Excellent problem-solving and analytical skills Experience with Vulnerability Tool, example rapid 7 Experience with Incident response Management Experience with ISO, SOC2 and NIST frameworks Experience with configuring, supporting and monitoring Azure Cloud Security Infrastructure, example WAF, Firewalls Strong communication and collaboration skills

Job Description We are seeking a skilled and motivated Web Application Security Engineer to join our team. As a Web Application Security Engineer, your primary focus will be on managing, monitoring, and responding to security alerts generated by the security tools, while also possessing a solid understanding of various aspects of web application security. You will work closely with development teams to ensure the continuous effectiveness of security measures, identify vulnerabilities, and implement appropriate controls. The ideal candidate will have a strong technical background, a good understanding of web application security principles, and the ability to excel in managing, monitoring, and responding to security alerts. Responsibilities Assist in determining needs and implementing configurations of various tools based on incoming requests. Assist in the testing and validation of security controls to ensure their effectiveness and compliance with industry standards. Manage, monitor, and respond to security alerts generated by the security tools specific to our web application environment. Investigate and triage security alerts, taking appropriate actions and escalations as necessary. Assist in security assessments and penetration testing to identify potential vulnerabilities and recommend suitable solutions. Monitor security logs, alerts, and events to proactively identify potential security incidents. Create and maintain metrics to track the performance and efficacy of security tools, programs, and controls. Contribute to compliance efforts by ensuring adherence to relevant security standards, regulations, and policies. Stay updated with the latest web application security trends, emerging threats, and industry best practices to enhance security measures. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 3-5 years of relevant experience in web application security, with proficiency in programming languages (HTML, CSS, JavaScript, ASP.NET, PHP, Java, etc.). At least one industry standard certification such as Certified Ethical Hacker (CEH), GIAC Certified Web Application Defender (GWEB), Certified Information Systems Security Professional (CISSP), Certified Application Security Engineer (CASE) or other security vendor certification. Understanding of web application security fundamentals, secure coding practices, and common vulnerabilities (such as SQL injections, cross-site scripting). Demonstrated experience in managing, monitoring, and responding to security alerts generated by security tools and programs specific to web application security. Experience with managing and maintaining Content Delivery Networks (CDNs) and their configurations, preferably Cloudflare. Familiarity with security testing and assessment tools (such as Burp Suite, OWASP ZAP, Nikto, Nessus, Nmap) and their application in vulnerability identification and mitigation. Knowledge of secure software development lifecycle (SDLC) methodologies and ability to apply security principles throughout the development process. Familiarity with security standards and frameworks (OWASP, NIST, PCI DSS, ISO 27001) and their practical application in securing web applications. Excellent communication and collaboration skills with the ability to work effectively with technical and nontechnical stakeholders. Strong analytical mindset and problem-solving abilities to identify and address security risks and vulnerabilities. Self-motivated with a passion for continuous learning and professional development in the field of web application security. Native American Preference Policy: The Tribal Council gives preference in all of its employment practices to Native Americans. First preference in hiring, training, promoting and in all other aspects of employment is given to members of the Seminole Tribe who meet the job requirements. Second preference is given to members of other federally recognized Native American Tribes who meet the job requirements.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Hours: 40 Pay Details: $113,000 - $196,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions Job Description: The Senior Information Security Specialist leads development and/or implementation of significant or Bank-wide Technology Controls / Information Security strategies, policies, programs, tools and provides expert advice and guidance on technical solutions. Oversees control and governance activities and identifies and assesses potential security risks, breaches/ exposures impacting highly complex / high risk businesses or transformational (change the bank) strategic initiatives primarily interfacing with executive and/or functional stakeholders across the Bank. Depth & Scope: * Works autonomously on high profile, complex and/or high risk technology projects with significant impact to the organization * Provides technical leadership / consulting / direction to a larger team / portfolio on all aspects of technology controls / information security * Foresees issues / gaps and identifies emerging industry trends (i.e. future focused) * Provides recommendations on value-added improvements / enhancements * Top technical expert individual contributor with expert knowledge of IT security and risk disciplines and practices * Advanced and highly specialized knowledge of organization, technology controls / security/ risk issues * Provides recommendations on value-added improvements / enhancements Education & Experience: * Bachelor's degree preferred * Information security certification / accreditation an asset * 10+ years of relevant experience Preferred Qualifications : * Strong GRC experience * Understanding of core technology and security areas such as identity, cloud, data protection, and engineering practices * Security Certifications (CRISC, CISA, Security+) * Strong governance discipline, an enterprise mindset, and the ability to bring clarity, structure, and consistency across diverse teams Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% * Domestic Travel - Occasional * International Travel - Never * Performing sedentary work - Continuous * Performing multiple tasks - Continuous * Operating standard office equipment - Continuous * Responding quickly to sounds - Occasional * Sitting - Continuous * Standing - Occasional * Walking - Occasional * Moving safely in confined spaces - Occasional * Lifting/Carrying (under 25 lbs.) - Occasional * Lifting/Carrying (over 25 lbs.) - Never * Squatting - Occasional * Bending - Occasional * Kneeling - Never * Crawling - Never * Climbing - Never * Reaching overhead - Never * Reaching forward - Occasional * Pushing - Never * Pulling - Never * Twisting - Never * Concentrating for long periods of time - Continuous * Applying common sense to deal with problems involving standardized situations - Continuous * Reading, writing and comprehending instructions - Continuous * Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.

13804 - Sr Cloud Security Analyst (onsite) - Doral, FL Work Setting: Hybrid Required: • Availability to work at the Client's site in Doral, FL (required); • Experience with O365, AD, MS, Linux Access management (5+ years); • Experience with Cloud Security (5+ years); • Experience with Azure administration and configure access controls; • Experience with AWS security administration and configure access controls; • Experience with GCP; • Experience with GDPR, PCI, NIST; • Experience with Vendor technology legacy; • Experience with SailPoint IAM solution; • Experience with Active Directory; • Experience with Windows workstations and server operating systems; • Experience with managing security for AWS cloud environment tenants; • Security background; • High School Diploma or GED in Computer Science or other technical degree or equivalent experience; • Certifications: Microsoft 365 Messaging and or Security Administrator, CompTIA Cloud+. Preferred: • Scripting experience (PowerShell, Python etc.); • Experience with Qualys; • Experience with Orca Security; • Bachelor's Degree. Responsibilities: • Management, evaluation, maintenance, and enhancement of the cloud security posture; • Operation of identity and access processes and controls for SailPoint, Active Directory, Email, and Collaboration Platforms and cloud-based solution; • Continuous improvement of the brand vulnerability management people, process, and technology analyzing cloud environment reporting, prioritizing, and working with brand IT to make Cloud Security Management data actionable and understandable; • Evaluation and providing directives and guidance regarding our SIEM integrations, identifying potential blind spots, and assisting with configuration validations; • Augment and assist GISCS Security Operations, monitoring and triaging brand security events (Security Operations); • Creates visual information in the form of dashboard(s) and reports for executives and business stakeholders on a regular basis that communicates Cybersecurity risks and KRIs; • Assisting with security architecture reviews for new and proposed integrated solutions. Why apply? • Work with one of the largest global vacation and cruise providers and a recognizable brand; • Be a part of a diverse multicultural team and thrive in a fun and inclusive work environment dedicated to providing memorable and affordable vacations; • Work with the leader in cutting-edge technology and programming; • Be certain in your future as our Client is a stable and growing company with increasing revenue; • Receive plenty of coaching and support from the team and current Vitaver consultants. Enjoy a comprehensive employee benefits program: • Get paid on a bi-weekly basis; • During the 1st year of employment - prorated amount of PTO and Sick Time. After - 14 days of PTO annually and 10 days of sick time annually; • Eight paid holidays annually; • Available health, dental, vision plans; • Flexible spending account; • 401K retirement savings plan; • Employee Stock Purchase plan; • Short and long-term disability plan; • Cruise benefits; • Discount and complimentary memberships (various complimentary memberships, discount cards and passes: theme parks, various restaurants, wholesale clubs, car rental agencies and cell phone providers to name a few). Onsite perks: • Fitness center; • Child Development Center; • Café and coffee shop; • Learning Resource Center (LRC); • Discounted dry-cleaning service; • Fuel service & car wash.

WHO WE ARE: ELYON provides the Program Management for its Channel of Commercial Technology companies in Government that consist of Small Businesses and New Technology start-ups. ELYON advocates for policies that can improve government services and maintain our government's competitive advantage, by bringing more technology into government programs. ELYON advocates on behalf of our nation's innovative, new technology and small businesses looking to work with the U.S. government. We do this by aligning the voice of our small business members with advocacy for change in federal policy that will make the government market more accessible to small businesses and the commercial technology ecosystem. The Channel's founding Technical Board Members include former government leaders and IT executives passionate about bringing best-of-breed technology to the government. We are seeking a skilled and experienced Cyber Forensic Analyst III to join our team! Successful ELYON employees possess the following traits: An ability to get things done: You are persistent, resourceful, results-oriented, and action oriented. You constantly plan ahead and foresee issues before they occur. Analytical: In order to improve your comprehension of the market and the demands and problems of your clients, you have good analytical abilities and are at ease reading quantitative data. Creative mind-set: You are able to solve problems creatively and swiftly adjust. You possess a thorough understanding of product management principles and the ability to apply them when analysing data and making recommendations. Emotional Intelligence: You have a strong sense of self and excellent perception of how important relationships function. You are upbeat, sympathetic, adaptable, and inquisitive. Your genuineness, warmth, and competence help you win the respect of your co-workers. Trustworthy: You have a strong sense of morality, principles, and purpose. You are trustworthy because of how you conduct yourself. You are a living example of the company's values. Position Description: We are seeking a highly skilled Cyber Forensic Analyst to support high-impact investigative and intelligence missions involving cybercrime, cryptocurrency, and financial crime. You will work alongside federal agency teams, partner law enforcement agencies, and regulatory bodies to conduct technical and financial investigations. This role requires expertise in analyzing complex cyber threats, blockchain transactions, digital assets, and hidden wealth strategies. You'll need to bring both analytical rigor and a tenacious, detail-oriented mindset to help us trace digital breadcrumbs in support of critical investigations across national security and criminal enforcement efforts. Multiple options: St Petersburg, FL Key Responsibilities Cybercrime Investigative Case Support Work directly on cases with a cyber nexus in collaboration with law enforcement teams and external partners, using advanced investigative tools and techniques: Conduct cryptocurrency tracing and analysis using blockchain forensics tools. Gather and analyze dark web intelligence to identify threat actors, forums, and illicit activity. Perform data analytics to uncover patterns, relationships, and anomalies. Analyze electronic evidence, including servers, hard drives, communications, and OSINT sources. Draft subpoenas targeting financial institutions and cryptocurrency exchanges. Participate in inter-agency meetings with law enforcement, prosecutors, and other stakeholders. Identify overlapping financial transactions and alternative stores of wealth, such as: Prepaid and store gift cards Monetary instruments NFTs and digital assets Cold/public crypto wallets High-end real estate and luxury goods Cyber-Financial Investigative Support Assist in comprehensive financial tracing operations involving both fiat and digital currencies: Analyze bank records, wire transfers, and credit card transactions to track illicit funds. Draft targeted subpoena requests to financial institutions and crypto platforms. Participate in investigative interviews under agency direction. Identify and correlate layered financial networks and hidden asset channels. Apply knowledge of financial laws and frameworks, including: Bank Secrecy Act (BSA) Asset Forfeiture practices Money Laundering statutes OFAC and sanctions compliance Required Qualifications 8+ years of direct experience in cybercrime investigations, blockchain analysis, or digital forensics. Security Clearance Required: Active Secret or above preferred Proven experience with cryptocurrency investigations, darknet operations, or forensic platforms (e.g., Chainalysis, TRM, CipherTrace). Familiarity with financial investigative techniques, including subpoena processes and transactional analysis. Strong working knowledge of cyber law, digital evidence handling, and financial crime statutes. Excellent interpersonal and written communication skills; ability to draft clear, concise, and actionable reports. Ability to work independently in a fast-paced, mission-driven environment. Preferred Qualifications Prior experience supporting federal investigations preferred (FBI, DHS, IRS-CI, HSI, etc.). Certifications such as CFE, CFCE, GCFA, CFCI, or CAMS Familiarity with blockchain intelligence platforms and open-source investigation tools. Understanding of evolving technologies in digital assets and cyber-enabled crime. Why Join Us Work on cutting-edge investigations with national impact. Collaborate with elite teams fighting complex financial and cyber threats. Opportunity for professional growth, certifications, and hands-on casework. Competitive salary, benefits, and mission-driven culture. Benefits: Paid sick leave, Medical/Dental (optional), 401 (k) Retirement Plan (optional), Employer Paid Life Insurance, Employer Paid Short Term Disability, Optional Life Insurance. ELYON International, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

SGP Recruiting provides both operations and strategic support to Tribal 8(a) and commercial organizations. Our client is a CVE-verified Veteran-Owned Small Business (VOSB) and a proud ISO 9001:2015 certified organization specializing in systems integration and enterprise management solutions. As a trusted GSA MAS contract holder, they deliver mission-critical telecommunications, network infrastructure, and IT services to Federal, State, and Local Government agencies, the U.S. Military, and private-sector clients. They are seeking a motivated, career and customer-oriented Information Security Analyst in Doral, FL. Possible other locations for this position: Key West, Newport (FL), and Naval Station Guantánamo Bay (NSGB). Join a team dedicated to Meeting today's mission demands requires more than just technology - it requires the right people, the right expertise, and the right partners working together with precision and purpose. Propel your career forward and be part of something extraordinary. Salary Range - $85 - 90K Annually. Employment - Full time Worksite Type - Onsite Security Clearance Required - Secret Responsibilities include but are not limited to: · Design, development, and maintenance of insightful and actionable. The Cybersecurity Analyst is responsible for the design, development, and maintenance of insightful and actionable dashboards using the ConstantView platform dashboards using the ConstantView platform. · Possess a high level of expertise in ConstantView's functionalities, data visualization techniques, and data analysis methodologies. · Lead the development of dashboards that effectively translate complex data into clear and concise visual representations, enabling stakeholders to gain valuable insights and make informed decisions. · Includes collaborating with business users to understand their information needs, identifying relevant data sources, and designing dashboards that align with business objectives. · Manipulate and transform data, apply appropriate visualizations, and ensure the accuracy and reliability of dashboard outputs. · They also maintain existing dashboards, troubleshoot issues, and implement enhancements based on user feedback and evolving business requirements. · They possess a strong understanding of data modeling, SQL querying, and data governance principles and can communicate technical concepts to non-technical audiences. · The Information Systems Specialist III provides direction and mentorship to subordinate staff. Minimum Qualifications: · Bachelor's degree in information systems, Computer Science, Data Analytics, or 4+ years of additional experience related field in lieu of a required Bachelor's degree · 9+ years of relevant Information Systems Specialist experience. · Experience in data analysis and reporting, with a significant portion focused on dashboard development. · Proven expertise in using Constant View for dashboard creation and maintenance. · Strong understanding of data visualization principles and best practices. · Experience with data manipulation and transformation techniques using SQL or other tools. Experience with data modeling and database design concepts. Relevant ConstantView certifications (e.g., developer, administrator). Training or certifications in data visualization tools and techniques. Desired Qualifications: · Master's degree in a relevant field. Experience with other data visualization platforms (e.g., Tableau, Power BI). · Experience with data storytelling and presentation skills. Experience with data governance and data quality management. · Experience with agile-informed development methodologies. · Experience with statistical analysis and data mining techniques. · Certifications in relevant programming languages (e.g., Python, R). Certifications in data science or data engineering. · Experience at a DoD Combatant Command (e.g., SOUTHCOM, NORTHCOM, CENTCOM, CYBERCOM, INDOPACOM, EUCOM, AFRICOM, STRATCOM, TRANSCOM, SOCOM, SPACECOM) or a component is desired. Our client provides a variety of benefits including company-paid health, dental & vision insurance coverage, as well as additional employee-paid health insurance options; company-paid life and disability insurance; 401k retirement savings plan with employer match; 10 company paid holidays per year, and paid time off. Our client also considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation.

blue Stone Recruiting is a national search firm with a focus of placing top Cyber Security talent from the Analyst level to CISO with prestigious organizations nationwide Job Description Reports to CISO and works with a team of Cyber Security specialists. The Cyber Security Analyst is responsible for identifying risks to the confidentiality, integrity, and availability of our clients products and services, while maintaining compliance with applicable regulatory standards. In this role, you will be expected to contribute to the integrity and sustainability of the service delivery network, which consists of advanced server-based applications used to support our client's customers. The successful candidate will work directly with senior team members on issues that may require some after-hours and weekend availability. Specific Job Duties: • Articulate technical and security requirements to departments/business groups • Identify gaps in security operations and develop mitigation strategies • Assist with the maintenance of application and operating system software in the Service Delivery Network • Participate in disaster recovery and business continuity planning • Perform software development lifecycle auditing • Prioritize compliance actions according to business risk Desired Preferred Skills: • Industry certifications - PMP, CISA, CISSP, Security + • Department of Defense IT experience • Pharmacy or healthcare experience Qualifications • Masters's degree in computer science or relative discipline • 5-10 years combined experience in information security • Proficient with Unix / Linux • Strong analytical problem solving • Knowledge of the software development lifecycle • Proven ability to plan and work to a deadline • Must be able to obtain Department of Defense clearance Additional InformationWork with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

Job Description Cloud Security Engineers are responsible for the secure operations of cloud infrastructure, platforms, and software, including the installation, maintenance, and improvement of cloud computing environments. They also help develop new designs and security strategies across cloud-based and hybrid applications, infrastructure, platforms, and SaaS. Leads the analysis, implementation, execution, and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains and reviews security systems while assessing security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration, or denial of access to information. Follows standard practices and procedures in analyzing situations or data. This position reports to the Director of Information Security. Responsibilities The primary duties and responsibilities of the Cloud Security Engineer are: Assessing Existing Infrastructure and Identifying Threats. Providing recommendations on New Infrastructure and Threat Modeling to assist in stakeholder decisions. Developing, solutioning, operating, maintaining, and supporting a secure cloud environment with technologies including but not limited to: Servers, Storage, Network services, Enterprise applications, Cloud platform support, Automation, CI/CD, Managing cryptography and encryption, IAM, Threat Detection, Logging, PKI, SaaS, and PaaS. Monitoring for and responding to incidents in cloud environments. Keeping cloud infrastructure current, making recommendations, and continually improving cloud security technologies. Analyzing, designing, and developing programs, shell scripts, tests, and infrastructure automation capabilities. Develop security standards in partnership with Engineering, Infrastructure Services, and Application Development. Representing the cloud security team in change control activities and ensure proposed changes are in alignment with security best practices. Staying abreast with security standards and emerging vulnerabilities/threats to proactively resolve/remediate/mitigate. Engage in digital forensics to investigate breaches or security incidents in the cloud. Collaborate with Disaster Recovery and Business Continuity Teams and play a pivotal role in developing, testing, and refining disaster recovery plans tailored for cloud environments. Empower the Security Compliance and Data Protection Team to audit cloud environments to ensure compliance and pinpoint areas of improvement. Using metrics and KPIs to drive and further Security Posture Initiatives. Establish and maintain a feedback mechanism where security measures are not only implemented but also refined based on feedback to enhance security protocols continuously. Performing other security team relevant duties and responsibilities as assigned. Participate in incident response activities as assigned. Preferred Experience Experience in designing, deploying and operating secure cloud solutions, including design documentation, assessment of risk, cost impact, and proposal of savings. Experience with Cloud Security Posture Management, Cloud Workload Management, SaaS Security Posture Management, Cloud Network Security, Cloud Native Application Protection and Cloud Identity Security. Deep technical knowledge of on-prem Data Center technologies as well as Cloud Service, PaaS and SaaS Providers. Has experience writing formal security assessments and ad-hoc security reports. Experience working as part of a security incident response team as needed and key escalation point for all cloud related incidents. Experience delivering security metrics and measurement capability to demonstrate operational security posture. Experience in data protection and privacy management. Skills Required Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus. Clear ability to build strong relationships and establish trust with stakeholders at all levels. Excellent verbal and written communications skills. Multiple language abilities preferred - fluency in English (written and spoken) required. Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner. Ability to solve complex problems in a timely manner by working with multiple stakeholders. Ability to manage multiple tasks and work streams effectively. Ability to follow detailed procedures and processes with a high degree of accuracy. Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product. Deep understanding of Cyber Security control environments and their relationship to zero-trust networks. Display a keen ability to adapt to new tools, technologies, and evolving threat landscapes in the realm of cloud security. Experience in 3 or more of the following: network design, mobile security, network and firewall security technologies, SaaS/PaaS Security, vulnerability management or penetration testing. Flexibility to travel as required up to 15% overnight travel. Qualifications Experience / Education / Certifications Bachelor's degree preferred in Computer Sciences, Information Technology, Information Security or other related field Three (3) years or more experience with architecting and operating solutions involving one or more cloud service providers Microsoft Azure, AWS, GCP, etc. Five (5) years of Cyber Security related work experience Practical knowledge of any combination of Payment Card Industry (PCI), GDPR, NIST standards, or ISO27000 series. At least one industry standard certification such as CCSK, CCSP, Certified Information Systems Security Professional (CISSP), or other Cloud Security certification. #IndeedSHRSS #LI-Hybrid #zipcorpor

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.

Hours: 40 Pay Details: $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions Job Description: The Information Security Specialist - Penetration Tester defines, develops and/or implements Technology Controls / Information Security related policies, programs, tools and provides specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank. Participates on projects of moderate to high complexity and provides complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area. Responsibilities: * Conduct Penetration Tests: Perform thorough and methodical penetration testing on web applications, mobile, AI, network infrastructures, and other systems to identify security vulnerabilities. * Vulnerability Assessment: Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. * Report Findings: Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. * Develop and Execute Test Plans: Design and execute detailed test plans * Stay Current: Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. * Collaborate with Teams: Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements. * Perform Risk Assessments: Evaluate and assess potential security risks related to new and existing systems and technologies. * Compliance: Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies Depth & Scope: * Participates on complex, comprehensive or large projects and initiatives * Acts as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors * Has advanced knowledge of organization, technology controls / security/ risk issues Education & Experience: * Bachelor's degree preferred * Information security certification / accreditation an asset * 7+ years of relevant experience * Expert knowledge of IT security and risk disciplines and practices Preferred Qualifications : * Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. * Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. * Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. * Familiarity with security standards and frameworks Certifications: Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% * Domestic Travel - Occasional * International Travel - Never * Performing sedentary work - Continuous * Performing multiple tasks - Continuous * Operating standard office equipment - Continuous * Responding quickly to sounds - Occasional * Sitting - Continuous * Standing - Occasional * Walking - Occasional * Moving safely in confined spaces - Occasional * Lifting/Carrying (under 25 lbs.) - Occasional * Lifting/Carrying (over 25 lbs.) - Never * Squatting - Occasional * Bending - Occasional * Kneeling - Never * Crawling - Never * Climbing - Never * Reaching overhead - Never * Reaching forward - Occasional * Pushing - Never * Pulling - Never * Twisting - Never * Concentrating for long periods of time - Continuous * Applying common sense to deal with problems involving standardized situations - Continuous * Reading, writing and comprehending instructions - Continuous * Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.