Security engineer jobs in Elmwood Park, NJ

Lead Security Engineer - Hands-On Role with Leadership Opportunity We're looking to hire a senior-level Security Engineer who's ready to step up and take the lead. Someone who's still very hands-on technically but also enjoys mentoring others, setting direction, and building scalable solutions that make a real difference. Title: Lead Security Engineer Salary: $160,000 to 190,000 +Bonus Location: Queens, NY (Hybrid) This role sits at the center of engineering, operations, and security-you'll be working directly with software and infrastructure teams to make sure security is embedded into everything we do. You won't just be managing tools; you'll help shape how security is done across the company. If you're based in the NYC area and looking for the next serious step in your career-where your ideas are heard and your work actually drives change-this is worth a conversation. What the Role Looks Like: You'll lead and mentor a small but growing team of security engineers, helping them grow while staying deep in the tech yourself. Work with internal teams to design and implement security solutions-cloud security, PAM, app and system hardening, etc. You'll be the one connecting the dots between development, infrastructure, and security-building relationships across teams and making sure security is part of the process from the start. Help optimize and improve the tools we already have, and figure out what's missing. What We're Hoping You Bring: A few years of experience leading or mentoring other security engineers-you don't need to have managed huge teams, but you've helped others level up. Solid technical background (5+ years in security engineering) and experience with on-prem and cloud security solutions (AWS or Azure). Hands-on knowledge of privileged access, identity management, system hardening, and network security. Strong instincts for risk, practical problem-solving, and keeping systems both secure and usable. Someone who communicates clearly, doesn't get lost in buzzwords, and works well with people across teams. Nice to Have, But Not Dealbreakers: Certifications like CISSP, CEH, CISM Experience with Linux security or scripting Familiarity with CI/CD pipelines and how security fits into DevOps Why This Role Might Be Right for You: You're ready for more responsibility and leadership, but don't want to give up the technical side of the work. You want to be part of a stable company with real backing and complex challenges to work on.

Duration: 11+ Months Contract Contract Interview Type: In-person Scheduled Work Hours: Normal business hours Monday-Friday 35 hours/week (not including mandatory unpaid meal break after 6 hours of work). Requirement ID: NYC_OT735_SS contact Sandeep @ ********************** Job Description Justification: This request is for an NG911 Subject Matter Expert (SME) needed to continue the project work for the Class 1/2/3 and Call Handling upgrades of the Next Generation 9-1-1 emergency call system and provide expertise and technical knowledge during the configuration and test phases. NG911 - Cyber Security Tools Implementation Engineer Implement solutions for DNS, Email, remote access configuration, integration, performance monitoring, and security management. Test Next Generation firewall platforms, host operating systems, and applications such as LDAP, SMTP. Support for application development and database administration. Provide support for Email, DNS, AND Remote access solutions. Deploy appropriate network security solutions. Note: Normal Business Hours, Monday through Friday (not including a mandatory unpaid meal break after 6 hours of work), 35 work hours per week. If the consultant works more than 35 hours per week, the consultant must request overtime in the Agency's timekeeping system, and the project manager must approve those hours worked above the weekly maximum. SCOPE OF SERVICES: NG911 - Cyber Security Tools Implementation Engineer Implement solutions for DNS, Email, remote access configuration, integration, performance monitoring, and security management. Test Next Generation firewall platforms, host operating systems, and applications such as LDAP, SMTP. Support for application development and database administration. Provide support for Email, DNS, AND Remote access solutions. Deploy appropriate network security solutions. MANDATORY SKILLS/EXPERIENCE Note: Candidates who do not have the mandatory skills will not be considered At least 12 years of experience in an enterprise data center environment to plan, design, and install network & security infrastructure systems for public safety. 3+ years working experience with IBM QRadar SEIM solution integration with Cascade, Firemon, and Citrix & other critical security service technologies CISSP or other industry Cyber Security Certification Experience migrating DNS to a new platform. Experience participating in the design and implementation of a DMZ and all associated requirements for monitoring external threats. Experience with security infrastructure and implementation of perimeter network security components such as Next Generation firewalls. DESIRABLE SKILLS/EXPERIENCE: 3+ years working experience with IBM QRadar SEIM solution integration with Cascade, Firemon, and Citrix & other critical security service technologies CISSP or other industry Cyber Security Certification Experience migrating DNS to a new platform. -------------------------------------------------------------------------------------------------------------------------------------------------------------------- V Group Inc. is an IT Services company which supplies IT staffing, project management, and delivery services in software, network, help desk and all IT areas. Our primary focus is the public sector including state and federal contracts. We have multiple awards/ contracts with the following states: CA, FL, GA, MD, MI, NC, NY, OH, OR, PA, VA, VT, and WA. If you are considering applying for a position with V Group, or in partnering with us on a position, please feel free to contact me for any questions you may have regarding our services and the advantages we can offer you as a consultant. Please share my contact information with others working in Information Technology.

Job Title: Sr. Cybersecurity Risk Analyst Duration: 24+Months Responsibilities: Build new risk processes and implement risk frameworks to enable better monitoring and evaluation of risks across the City; Manage complex, cross-functional projects, pushing through ambiguity and challenges which may arise; Work with stakeholders across various divisions, soliciting input and working through feedback; Evaluate risk of third parties used by New York City agencies; Document and track remediation of risks in the Risk Register; Review and analyze various cybersecurity risk cases, justification, and exceptions documents submitted by agencies; Assist in the development of cybersecurity risk assessment procedures and testing methodologies based on established frameworks and guidelines; Initiating corrective actions to remediate vulnerabilities or weaknesses where necessary; Engage in communications with NYC Agencies; Handle special projects and initiatives as assigned. Required Sklls: A minimum of 4 years of experience in risk management or cybersecurity risk assessment or 4 years of experience evaluating and managing third parties in a cybersecurity team. DESIRABLE SKILLS/EXPERIENCE: BS/BA degree in Cybersecurity, Risk Management, Information Systems, Computer Science, or a related field. One or more of the following certifications are a plus: Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Certified Information Security Manager (CISM) CompTIA Security+ CompTIA Network+ CompTIA A+ CompTIA CySA+ Cisco Certified Network Associate - CCNA CEH: Certified Ethical Hacker GIAC Information Security Fundamentals (GISF) GIAC Security Essentials (GSEC) (ISC)2 Systems Security Certified Practitioner (SSCP) Ability to work effectively in a team environment. Being highly organized, motivated and a self-directed professional. Knowledge of hardware, software, data, and network principles and systems related to Private and/or Public Sectors services. Understanding of commonly used computer operating systems, databases, network structures. Familiarity with cybersecurity framework(s) (NIST, SANS, PCI, ISO 27001/27002, or CIS) Investigative and analytical skills. Excellent oral and written communication skills; Knowledge of the current and evolving cyber threat landscape; Knowledge of laws, regulations, policies, and ethics related to cybersecurity and information privacy;

We are seeking a highly skilled and motivated CyberArk PAM Administrator to support the deployment, configuration, and ongoing management of privileged access management (PAM) and cybersecurity technologies. This role is ideal for a cybersecurity professional who enjoys working in collaborative environments, driving secure system design, and supporting enterprise-scale security initiatives. The successful candidate will play a key role in implementing new cybersecurity solutions, supporting infrastructure upgrades, and ensuring systems are secure, reliable, and well-documented. This position offers the opportunity to work with modern security platforms while contributing to the organization's overall cyber maturity and growth. Key Responsibilities Implement and support new deployments of cybersecurity technologies, including CyberArk PAM and related security products. Assist with infrastructure upgrades to support application growth and evolving cybersecurity requirements. Configure, deploy, and maintain systems in accordance with security best practices and architectural standards. Troubleshoot and support all aspects of CyberArk Privileged Access Management, including onboarding, vault management, and access controls. Develop and maintain technical documentation, procedures, and runbooks for daily operations and major initiatives. Propose and document system architectures for secure and scalable deployments. Collaborate with internal teams, vendors, and stakeholders to ensure successful technology implementations. Patch, maintain, and monitor security platforms to ensure system stability and compliance. Train team members and end users on new systems and security processes as needed. Follow up promptly with stakeholders to address issues, changes, and enhancements. Required Skills / Education Proven experience as a CyberArk Administrator or in a similar Privileged Access Management role. Hands-on experience troubleshooting and supporting CyberArk PAM components. Strong understanding of cybersecurity principles, access control, and secure system administration. Ability to create clear, detailed technical documentation and operational procedures. Excellent written and verbal communication skills, with the ability to work effectively across technical and non-technical teams. Preferred Qualifications Experience with scripting or programming languages. Hands-on experience with PowerShell. Familiarity with enterprise infrastructure environments and security integrations. Strong interpersonal skills and the ability to collaborate with stakeholders at all organizational levels. About Seneca Resources At Seneca Resources, we are more than just a staffing and consulting firm-we are a trusted career partner. With offices across the U.S. and clients ranging from Fortune 500 companies to government organizations, we provide opportunities that help professionals grow their careers while making an impact. When you work with Seneca, you're choosing a company that invests in your success, celebrates your achievements, and connects you to meaningful work with leading organizations nationwide. We take the time to understand your goals and match you with roles that align with your skills and career path. Our consultants and contractors enjoy competitive pay, comprehensive health, dental, and vision coverage, 401(k) retirement plans, and the support of a dedicated team who will advocate for you every step of the way. Seneca Resources is proud to be an Equal Opportunity Employer and is committed to fostering a diverse and inclusive workplace where all qualified individuals are encouraged to apply.

The Team: The Security Engineering Lead will be responsible for designing, building, and maintaining the organization's security infrastructure. This role requires a highly skilled professional who can lead a team of engineers, implement innovative security solutions, and ensure the resilience of the organization's systems and networks. The ideal candidate will have extensive experience in security engineering, a strong technical background, and the ability to manage and deliver complex security projects. **This Role does NOT provide sponsorship** Salary: $150k-$190k base w/ 20% bonus Responsibilities: Leadership and Management: Lead and mentor a team of security engineers, fostering a culture of continuous learning and innovation. Build and scale a global team to meet organizational needs. Architecting Security Solutions: Assist teams in designing and implementing advanced security solutions, including cloud security, privilege access management and application/system security. Collaboration: Partner with software development, infrastructure, and operations teams to embed security into the development lifecycle and operational processes. Performance Optimization: Regularly evaluate and optimize existing security tools and technologies to ensure maximum efficacy and efficiency. Training and Knowledge Sharing: Develop and deliver technical security training to engineers and other staff, ensuring a strong organizational security posture. Documentation and Reporting: Create detailed documentation for security systems and processes, and provide regular project reports senior management. Required Skills and Experience: Experience (3+ year) in people leadership roles, nurturing security engineers into high-performing teams. Experience (5+ years) in a security engineering role, focusing on designing and implementing security solutions and managing security infrastructure, both on-premise and cloud. Experience working with privilege and identity management solutions. Experience with operating system security and system hardening. Knowledge of network security principles, protocols, and technologies. Strong analytical and problem-solving skills, with the ability to assess risks and develop appropriate security controls. Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders. Ability to work independently, prioritize tasks, and manage multiple projects simultaneously. Strong leadership skills, with the ability to mentor and guide junior team members. Skills and Experience That Would Help You Stand Out: A bachelor's degree in Computer Science, Information Security, or a related field. A master's degree is a plus. Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM) are highly desirable. Linux security experience Familiarity with DevSecOps and integrating security into CI/CD pipelines. Scripting experience.

This role is for a mid-to-senior Security Engineer who thrives in a lean, high-performance environment and takes a hands-on, engineering-first approach to security. You will operate as a generalist within a small security team, owning the design, build, and evolution of security systems that protect a highly technical organization with many proprietary platforms. This is not an analyst role; the focus is on building, integrating, and improving security capabilities end to end, with a strong emphasis on problem solving, automation, and how systems work together. You will design and implement enterprise-grade security monitoring, detection, and response solutions, integrating commercial tools and developing custom capabilities tailored to the environment. While the role includes reviewing and triaging alerts from detection and response platforms, the core responsibility is continuously improving detection quality, response workflows, and overall security posture. You will engineer and tune detections using structured data and JSON-based queries, develop automated response and orchestration workflows, and drive improvements across the full incident lifecycle. The position requires close collaboration with teams across the organization, translating security risks and technical concepts into clear, practical language for non-security stakeholders. You will partner with engineering, infrastructure, and product teams to embed security into systems and workflows, applying strong security principles that are portable across technologies rather than tied to a single toolset. The environment is fast-moving and production-heavy, with ongoing adoption of AI-driven technologies and modern development practices. The ideal candidate has several years of experience in security engineering, preferably in a fintech, startup, or similarly high-tech environment, and is accustomed to operating outside of large, siloed security teams. You bring strong hands-on experience with cloud and endpoint security platforms such as Azure, Microsoft Defender, and Elastic, with exposure to tools like Zscaler and Purview considered a plus. You are comfortable coding and scripting, particularly in Python, working with Git-based workflows, and applying infrastructure-as-code concepts. Experience building and operating detection and response systems, security orchestration and automation platforms, and threat-informed defenses is essential. They'll need someone who's fully authorized to work in the US without any sponsorship / visa (cannot support H1B).

. Principal Cybersecurity Architect in New York, NY We are seeking a Senior Cybersecurity Architect to serve as the strategic and technical authority advancing a global cybersecurity architecture and engineering program. Reporting directly to the CISO, this role leads secure-by-design initiatives across a complex hybrid environment, driving modernization, automation, and adoption of emerging security technologies. This is a highly visible role partnering with application, infrastructure, cloud, and business teams to balance innovation, risk, and regulatory expectations while strengthening enterprise-wide cyber resilience. What You'll Do Strategy & Leadership Act as the CISO's principal technical advisor on cybersecurity architecture, engineering strategy, and emerging risks Translate security vision into executable roadmaps aligned with business priorities Lead cybersecurity technology build initiatives focused on automation, integration, and modernization Evaluate emerging technologies through lab testing and strategic vendor partnerships Architecture & Engineering Define and maintain enterprise security architecture and reference models Lead architecture reviews across application, infrastructure, cloud, and data platforms Advance Zero Trust, AI-driven security, cloud-native defenses, and continuous controls monitoring Guide threat modeling, security assessments, and control design for major initiatives Embed security-by-design through hardened configurations, automation, and validation Governance & Collaboration Partner with Cyber Operations, GRC, and Infrastructure teams to ensure architectural consistency Support cybersecurity strategy, investment planning, and global execution Collaborate with teams across North America, EMEA, and APAC Mentor engineers and architects, fostering technical excellence and innovation What You Bring 10-15 years of cybersecurity experience, with deep leadership in architecture and engineering Proven expertise in hybrid environments (on-prem + Azure Cloud) Strong knowledge of application, infrastructure, and cloud security architecture Hands-on experience with Zero Trust, IAM (MFA, SSO, PIM), AI/ML security, DevSecOps, automation, and continuous controls monitoring Familiarity with enterprise platforms such as EDR/XDR, SIEM, DLP, PKI, vulnerability management, and cloud security tooling Experience aligning architecture to NIST, ISO 27001, CIS Controls, and MITRE ATT&CK Bachelor's or Master's degree in a related field CISSP, CCSP, CISM, or cloud security certifications preferred Why This Role Direct influence on global cybersecurity strategy High visibility with executive leadership Opportunity to shape next-generation security capabilities, including AI-driven defense Competitive compensation, bonus, and comprehensive benefits package Compensation depends on experience but is typically $170K-$210K

Job Posting Title: Cloud Security Engineer - SRE Job Profile: Technical Project Management - Advisor II We are seeking a skilled and motivated Cloud Security Engineer - SRE to join our dynamic team. The ideal candidate will possess a strong technical background in systems administration, cloud computing, and infrastructure as code, with a particular focus on solution engineering/site reliability. This role will involve collaborating with cross-functional teams to enhance our security posture and streamline processes through automation. Technical Skills • Programming and Scripting: Strong proficiency in languages like Python, Go, Bash, or Ruby. SREs often need to write automation scripts and build tooling. • Systems Administration: Deep understanding of operating systems (Linux/Unix), file systems, processes, and system configurations. • Infrastructure as Code (IaC): Experience with IaC tools like Terraform, Ansible, or Chef to manage infrastructure. • Cloud Computing: Knowledge of cloud platforms such as AWS, Azure, or Google Cloud Platform, including services like EC2, S3, Kubernetes, and serverless functions. • Containers and Orchestration: Expertise in containerization (Docker) and container orchestration (Kubernetes, OpenShift). • Networking: Understanding of networking concepts, including DNS, firewalls, load balancing, and VPNs. • Monitoring and Observability: Experience with monitoring and observability tools like Prometheus, Grafana, Datadog, or New Relic. Ability to set up and maintain monitoring dashboards, alerts, and logs. • Continuous Integration/Continuous Deployment (CI/CD): Familiarity with CI/CD tools like Jenkins, GitLab CI, GitHub Actions, or CircleCI. • A strong understanding of HashiCorp Vault and Terraform will make you stand out. 2. Problem-Solving and Troubleshooting • Incident Management: Ability to manage and respond to incidents, perform root cause analysis, and implement post-mortem reviews. • Automation: Focus on automating repetitive tasks to improve efficiency and reduce human error. • Performance Tuning: Skills in identifying and resolving performance bottlenecks in systems and applications. 3. Collaboration and Communication • Teamwork: Ability to work closely with cross-functional teams, including software engineers, product managers, and DevOps teams. • Documentation: Skill in creating clear and comprehensive documentation for systems, processes, and incident reports. • Communication: Effective communication skills for interacting with stakeholders and explaining technical concepts to non-technical audiences. 4. Reliability and Scalability • Service-Level Objectives (SLOs) and Service-Level Agreements (SLAs): Understanding of setting, monitoring, and maintaining SLOs and SLAs for system reliability. • Scalability: Knowledge of best practices for designing and scaling systems to handle increased loads and demands. • Redundancy and Resilience: Experience in designing systems with redundancy and fault tolerance to minimize downtime. 5. Security and Compliance • Security Best Practices: Understanding of security principles, such as access control, data encryption, and secure coding practices. • Compliance: Familiarity with compliance standards like GDPR, HIPAA, or PCI-DSS, depending on the industry. Minimum Job Qualifications: • Bachelor degree in business or equivalent work experience • 10 years of previous program leadership and/or relevant consulting experience • Knowledge of and demonstrated experience in program management framework, knowledge groups & life cycle • 5+ years' experience in driving large scale data center consolidation efforts • Minimum 5 years' experience with matrix management of cross-functional processes and teams • Proficient with Project Management tools

One of our clients is looking for a Data Security Analyst in New York, NY - 10172. This is a hybrid position and 6 month of contract with possible extension, offering $43/hour ona W2. About the Role Supports Data Loss Prevention and Data Security initiatives in the mission to protect sensitive data. Responsibilities Monitor alerts coming from data loss prevention technologies. Perform initial triage and escalation in accordance with internal processes. Draft playbooks/job aids for responsibilities. Partner with senior data loss prevention leaders to support incident validations. Provide feedback to technologists responsible for DLP policy tuning on the efficacy of rules. Prepare DLP program metrics for routine reporting. Support ad hoc data requests from DLP leadership. Qualifications Knowledge of Proofpoint, Microsoft Purview, and Island.io. Proficiency in Microsoft Excel, including pivot tables. Required Skills Strong attention to detail, inquisitive, analytical, and can pull together multiple data sources to formulate holistic pictures. Effective verbal and written communication skills and ability to work with cross-functional teams. Pay range and compensation package $43/hour on W2.

Natixis CIB is seeking a dynamic and experienced Vice President of Network Security to lead and enhance our network security infrastructure across the AMER region. This strategic leadership role requires a deep technical understanding of network security and the ability to drive initiatives that protect our systems while mentoring a talented engineering team. The job responsibilities include, but are not limited, to the following: Infrastructure Oversight: Lead the design and administration of Natixis CIB AMER's network security infrastructure, focusing on critical components including DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, Remote Access and DMZ connectivity. Technology Initiatives: Drive technology projects aimed at enhancing cybersecurity and improving network performance in alignment with organizational goals. Continuous Monitoring: Ensure optimal network performance through continuous monitoring, dashboard creation, promptly addressing any security incidents. Documentation Management: Maintain comprehensive documentation, including network security asset inventories, diagrams, procedures and vendor contacts, to support operational efficiency and facilitate effective communication. Cross-Department Collaboration: Collaborate with infrastructure teams to resolve network-related challenges and ensure seamless operations across departments. Audit and Security Coordination: Work closely with audit and IT Security teams in both AMER and BPCE-IT to provide necessary documentation and implement remediation plans as required. Staff Mentorship and Training: Mentor and train junior engineering staff, fostering a culture of growth and skill development within the network team. Vulnerability Assessments: Conduct vulnerability assessments and manage patching processes to effectively mitigate and report security risks across the AMER region. Security Reporting: Develop and deliver regular security reports to Leadership, highlighting key metrics, incidents, and trends to inform strategic decision-making. LOD1 Security Management: Manage Line of Defense 1 (LOD1) network security controls and request as specified by the IT Risk Department. Strategy Alignment: Coordinate with AMER and Head Office IT Security teams to assure alignment on security strategies and policies. Tool Proficiency: Profiecent knowledge of security tools such as SIEM, Splunk, Centreon and Qualys for effective monitoring and incident response. Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field; Master's preferred. 6+ years of hands-on experience in network security management, preferably within the financial services industry. Extensive experience managing Cisco Firepower, Fortinet and Palo Alto firewalls, including DMZ design implementation. Relevant certifications such as Fortinet NSE 4/5, Palo Alto Networks Certified Network Security Engineer (PCNSE), Cisco CCNP Enterprise and CCNP Security is a plus. Highly desirable CISSP, CISM. Strong project management and leadership experience. Excellent communication and problem-solving skills, with a focus on collaboration and teamwork. Extensive understanding of network technologies - L2, L3, VXLAN, BGP, LAN/WAN/VPN Extensive understanding of security technologies such as firewall, load balancing, proxy, authentication methods Strong knowledge of DNS/DHCPWSG (Web Security Gateways), Proxy-pac scripting Troubleshooting knowledge of network and security systems with minimal guidance is required. OSI Layer 4 and Layer 7 protocol analysis and troubleshooting experience is required. Excellent oral and written communication and documentation skills are essential. Ideal candidate must have a strong understanding of Zero Trust Architecture and Network Access Control design for enterprise network infrastructure design, and troubleshooting. Among these technologies, knowledge of Arista and Cisco design, configuration and automation is a definite plus Knowledge of scripting languages such as Python, PoweShell, or Ansible. The individual will need to be very organized, flexible, results oriented and able to multi-task to meet the demands of our dynamic environment The candidate should be a self-starter, be able to work with minimal supervision, properly and effectively report project/work status to management and peers, take full ownership and responsibility of the tasks assigned to her/him and work them through completion. The candidate should be able to demonstrate both technical capabilities and in-depth knowledge of various security and network concepts, technologies, and best practices The candidate should have the ability to convey in non-technical terms complex technical explanations related to problems, designs, etc. Knowledge of Ansible Scripting is a plus Knowledge of micro segmentation tools such as Illumio or VM Ware NSX is a plus Natixis is an equal opportunity employer, committed to a workplace free of discrimination. Natixis will not tolerate any form of discrimination based on age, color, mental or physical handicap or disability, pregnancy, marital status, sexual orientation, national origin, alienage, ancestry or citizenship status, race, religion, sex (including sex stereotyping, gender identity, gender expression or transgender status), veteran status, creed, genetic information or carrier status, or any other protected characteristic as established by law. Respect for all means that we deal with each person as an individual and not as a member of any group. All qualified applicants will receive consideration for employment. Management is expected to provide leadership in supporting the firms EEO program by taking steps to promote EEO in all facets of employment including recruitment, hiring, retention, promotion, performance assessment, and career-development opportunities. The salary range for the VP position will be between $150,000 - $180,000. Natixis is required by law to include a reasonable estimate of the compensation range for this role. Actual base salary will vary and will be based on several factors including, but not limited to, relevant experience, education, skills set, applicable licensure and certifications, and other business and organizational needs. Base salary is only one component of our total rewards package. Natixis also offers a generous benefits package, and you may be eligible for a discretionary incentive award depending on company and individual performance.

Job information: Functional title - Application Security Specialist Department - IT Security Corporate level - Vice President Report to - Director, Application Security Expected full-time salary range between $ 140,000- $180,000 + variable compensation + 401(k) match + benefits. What you will be doing: Perform Application Security scans (e.g. DAST and SCA) on applications and APIs to identify security vulnerabilities and weaknesses, Triage security findings and collaborate with development teams to prioritize and remediate identified vulnerabilities. Drive threat modelling as a standard part of the SDLC, and develop and maintain threat models for critical applications, identifying potential security risks and proposing mitigations. Drive the Security Champions program, and define and promote secure coding practices, patterns, and standards across development teams. Conduct security reviews and provide guidance on security requirements for new features and projects. Assist in the analysis, selection and rollout of new application security tools, processes, and standards. Stay up to date with the latest security threats, vulnerabilities, and industry best practices. What we're looking for: Proven experience in application security with a focus on application security testing and vulnerability management. Hands-on experience with Application Security tools. Strong understanding of common application vulnerabilities (e.g., OWASP Top 10) and mitigation techniques. Experience with threat modelling methodologies and tools. Proficiency in at least one programming language (e.g., Java, Python, JavaScript). Excellent communication and collaboration skills, with the ability to work effectively in cross functional teams. Strong understanding of risk management. Professional qualifications / certifications Degree in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent). Relevant security certifications (e.g. CISSP, CEH, CSSLP) or equivalent is preferred.

You will provide guidance and technical support to clients deploying security integrations. You'll act as the technical partner, providing strategic guidance around complex systems to secure a digital environment. Interacting directly with the client, you'll partner closely with client personnel to guide and suggest integrations to better serve their success. Your thorough understanding of our product integrations contributes to the development of new principles and concepts - providing detailed analysis around what's working, what's not, and what could be better. You enjoy implementation work, are proactive about resolving potential concerns, and operate well around strict best practices that enable our clients on their road to a more secure digital world. You're creative, innovative, and you love a challenge - learning how integrations might work better around new products and technologies. Responsibilities Communicate with the customer(s), sales teams, peers, engineering and support teams as appropriate Understand the customer environment, requirements, and security roadmap to implement the appropriate security solution Configure, implement, and maintain Security Operating Platform Optimize and migrate policies and objects from the existing environment to our Next-Gen Firewall Test and validate the migration environment Coordinate and execute cutover to production Provide guidance on code upgrades Facilitate the development of new application and threat signatures Interact with our Technical Assistance Center (TAC) to understand and diagnose support cases Some travel may be required, dependent on customer request You work with the customer's security & network teams to build confidence across the business units impacted by the change Experience High level of experience with Panorama and log collectors NGFW Global Protect BS in Computer Science, MIS, business, or equivalent education/training/experience Minimum of 5 years' experience with network/security solutions and technologies (BGP, SD-WAN concepts, VXLAN and general routing and switching) Minimum of 3 years' experience leading security solutions in large environments) Detailed technical experience in the installation, configuration, and operation of high-end firewall appliances, ideally Palo Alto Networks products You're experienced in internetworking, LAN, and WAN technologies You have a good understanding of Internet protocols and applications Any of the following industry certifications or equivalent experience is a plus: CISSP, CCNA, PCNSE, JNCIE-SEC You effectively handle multiple projects and work calmly in high pressure You're an excellent writer, with strong verbal communication skills, with demonstrable ability to communicate to senior leaders and technical peers

Job Title: Cyber Security Risk Analyst. Job Type: Contract. IS NOT OPEN TO AGENCIES. The Cyber Security Risk Analyst supports enterprise governance, risk, and compliance (GRC) initiatives by strengthening cyber risk management practices, enhancing third-party risk oversight, and contributing to cybersecurity governance across a complex organizational environment. This role works closely with cybersecurity leadership, internal stakeholders, and partner teams to mature risk assessment processes and ensure consistent, well-documented risk management activities. Key Responsibilities Design, develop, and enhance cybersecurity risk management processes and supporting frameworks Support enterprise cyber risk governance, including risk identification, evaluation, and remediation tracking Perform cybersecurity risk assessments in collaboration with business and IT stakeholders Evaluate and manage third-party and vendor cybersecurity risk throughout the vendor lifecycle Contribute to the development and maintenance of a third-party risk register Review and analyze cybersecurity risk cases, exceptions, and justifications Document risks, mitigations, and remediation actions within a centralized risk register Assist in developing risk assessment procedures, methodologies, and testing approaches aligned with industry frameworks Collaborate with cross-functional teams and subject matter experts to gather risk intelligence Support remediation efforts by helping initiate corrective actions where vulnerabilities or weaknesses are identified Participate in special cybersecurity initiatives and projects as assigned Required Qualifications Minimum of 4 years of experience in one or more of the following areas: Cybersecurity risk management Cybersecurity risk assessment Third-party or vendor risk management within a cybersecurity function Strong understanding of GRC concepts and the cyber risk lifecycle Experience working in large, complex, multi-stakeholder environments Strong analytical, investigative, and documentation skills Excellent written and verbal communication skills Preferred Qualifications Bachelor's degree in Cybersecurity, Risk Management, Information Systems, Computer Science, or a related field Familiarity with one or more cybersecurity frameworks or standards, including: NIST ISO/IEC 27001 / 27002 CIS SANS PCI Relevant certifications are a plus, including but not limited to: CISSP, CISM, CRISC, CISA CompTIA Security+, CySA+, Network+ GIAC certifications Knowledge of cybersecurity laws, regulations, and data privacy principles Ability to work independently in a self-directed and organized manner About Buchanan Technologies Since Buchanan's inception over 30 years ago, we have operated on 5 core values - People Matter, Customers Matter, Principles Matter, Community Matters, and Every Interaction Matters. These values are represented across each facet of the company, from employee relations to client service delivery to corporate social responsibility initiatives and beyond. Why Work at Buchanan? At Buchanan Technologies, we offer a great employment experience with a fun but professional work environment, competitive salary, and various employee career advancement programs that add value to your skills and daily life. If you are excited about being part of an energetic team where your contributions are appreciated and hard work is recognized, Buchanan is the place for you. Things We Are Passionate About We are passionate about providing top-tier technology services to our customers and clients and fostering a culture of continuous learning for our employees. We are a people- centric company, focused on growth and diversity for our workforce. Come join us and let's build something amazing together. Follow Us: LinkedIn: ******************************************************* Website: **************** Buchanan Technologies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, protected veteran status, or genetics. In addition to federal law requirements, Buchanan Technologies complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

We are seeking a highly experienced Network Security Manager to lead the design, implementation, and oversight of network security controls across a complex, multi-cloud, and multi-client environment. This role sits within the Information Security organization and partners closely with Infrastructure, Cloud, DevOps, and Client-Facing Technology teams. The ideal candidate brings deep technical expertise in enterprise network security combined with the leadership and communication skills required to support diverse client environments, regulatory requirements, and evolving threat landscapes. This position plays a critical role in shaping network security strategy while remaining hands-on with architecture, tooling, and incident response. Key Responsibilities Network Security Strategy & Architecture Lead the design and evolution of enterprise network security architecture across on-prem, cloud, and hybrid environments. Define and enforce network security standards for firewalls, segmentation, VPNs, zero-trust networking, and secure connectivity. Support multi-cloud environments (AWS, Azure, GCP) with varying client architectures and risk profiles. Evaluate and implement next-generation network security technologies aligned with industry best practices. Cloud & Hybrid Security Partner with Cloud and Infrastructure teams to ensure secure network design for cloud-native and hybrid deployments. Oversee security controls for: Cloud networking (VPC/VNET design, routing, peering) Secure connectivity (site-to-site VPN, client VPN, private links) Internet ingress/egress and cloud firewalling Ensure consistency of network security posture across diverse client environments. Operations, Monitoring & Incident Response Oversee network security monitoring, detection, and response capabilities. Lead response efforts for network-related security incidents, coordinating with SOC, IR, and infrastructure teams. Conduct root-cause analysis and drive long-term remediation and control improvements. Guide vulnerability management and remediation efforts related to network and perimeter security. Leadership & Cross-Functional Collaboration Act as a senior technical leader and subject-matter expert within the InfoSec organization. Collaborate with: Security Engineering Infrastructure & Network Engineering Cloud & DevOps teams Application Security and GRC Mentor senior engineers and contribute to security roadmaps and long-term strategy. Communicate complex technical risks clearly to leadership and non-technical stakeholders. Governance, Risk & Compliance Ensure network security controls align with regulatory, compliance, and client security requirements. Support audits, assessments, and client security reviews. Develop documentation, standards, and procedures related to network security operations. Required Qualifications 10+ years of experience in network security, infrastructure security, or security engineering roles. Proven experience managing and securing enterprise-scale, multi-cloud environments. Deep hands-on expertise with: Next-generation firewalls (e.g., Palo Alto, Fortinet, Check Point) Network segmentation and zero-trust architectures VPNs, secure remote access, and private connectivity Network security monitoring and detection tools Strong understanding of cloud networking and security in AWS, Azure, and/or GCP. Experience supporting multiple client environments with varying architectures and risk tolerances. Demonstrated ability to lead technically while influencing cross-functional teams. Excellent communication skills with both technical and executive audiences. Preferred Qualifications Prior experience in professional services, law firm, financial services, or regulated enterprise environments. Experience leading or contributing to large-scale network security transformations. Familiarity with SASE, ZTNA, and modern zero-trust security models. Security certifications such as CISSP, CCSP, or equivalent cloud/security credentials. Why This Role High-impact leadership role within a sophisticated InfoSec organization. Exposure to diverse, complex client network environments across industries. Influence long-term security strategy while remaining hands-on technically. Competitive compensation up to $270K base plus strong benefits and growth opportunities.

This young and agile company, providing identity risk solutions is currently seeking a Senior Cloud Security Engineer with a focus on Infrastructure and Security to join their growing team. You will assist with the continuous maturation of their Cloud Security services within the Security division. This is an excellent opportunity for an experienced Cloud Security Engineer with experience in both Infrastructure and Security to take the next step into a challenging position with a company offering significant growth potential. About the Company: Founded in the last 10 years, they are one the fastest growing companies in their space. They are a fast-growing company that have built a platform that allows finance organisations and fintechs to strengthen their security defences. Their mission is to allow companies to manage their identity and fraud risk. Everything they do is entrenched in achieving engineering excellence. Their culture is not corporate, and they like to trust their employees to take on a lot of responsibility and have input into the shape of growth of the organisation. About the Senior Cloud Security Engineer (Infrastructure and Security) Vacancy: What you will be doing: • Serve as a cloud security subject matter expert, advise on and implementing best practices • Respond to security incidents and provide timely and appropriate solutions • Conduct cloud security risk assessments and audits • Conduct investigations into security incidents and potential threats • Take part in on call rotations for incident response and remediation • Assist with policy management, security audits, and due diligence for cloud security concerns • Advise on, configuring, and managing a variety of security tools • Keep informed about and respond to emerging security threats and vulnerabilities • Assist with cloud security reviews of potential vendors Ideal Requirements for the Senior Cloud Security Engineer (Infrastructure and Security) Vacancy: • Several years of experience working in a similar role with a focus on Cloud Security in AWS • Experience provisioning infrastructure in AWS using Terraform, CloudFormation, CDK, or similar tools • Experience configuring VPCs, route tables, NACLs, Security Groups, iptables, Web Application Firewall, Config, GuardDuty, Inspector, KMS, IAM, etc. • In depth knowledge of AWS security best practices around systems hardening, monitoring, and incident response • Experience taking part in an on-call rotation • You are passionate about securing infrastructure, reducing risk, and protecting data! • You are a subject matter expert on cloud security in AWS • You have a solid understanding of network architecture and protocols • You can advise on cloud security policies and procedures Apply to the Role: Roles like these are snapped up very quickly, so act now if you do not want to miss out! Reply to this advert or email your CV to **********************

We are seeking a high-judgment, detail-oriented operator to lead our Threat Modeling Program Operations. This individual will be responsible for orchestrating workflows, triaging intake, designing key metrics, and eliminating process inefficiencies. The role demands an expert in building executive-ready reports and dashboards to track throughput, cycle times, and model quality, ensuring optimal outcomes for complex, multifaceted initiatives in Information Security Engineering. This is a contingent resource assignment, and the candidate may: Consult on complex, large-scale initiatives in Information Security Engineering. Review and analyze intricate, long-term security challenges, considering multiple factors including intangible or unprecedented elements. Contribute to resolving complex issues requiring deep understanding of security policies, procedures, and compliance requirements. Strategically collaborate with client personnel to ensure project success. Key Responsibilities: Lead and optimize workflow orchestration for the Threat Modeling Program. Develop and manage reports and dashboards to monitor program effectiveness (throughput, cycle time, model quality). Analyze and address complex security engineering issues, guiding teams to resolution. Collaborate cross-functionally with stakeholders, delivering executive communication and reporting. Continuously improve processes to eliminate inefficiencies and ensure scalability. Required Qualifications: 5+ years of experience in Information Security Engineering or equivalent (consulting, training, military, education). Proven ability to take initiative, work independently, and drive results. Strong attention to detail and ability to handle ad hoc reporting. Advanced skills in Microsoft Excel (VLookups & Pivot Tables) and PowerPoint. Proficient with Agile methodologies and project management tools like Atlassian JIRA and Confluence. Experience in analytical

A financial firm is looking for a Chief Information Security Officer (CISO) to join their team in New York, NY. Compensation: $150-200K Responsibilities: Define and maintain the enterprise information security strategy, roadmap, and governance framework, aligned with business objectives and regulatory requirements Draft, maintain, and periodically review security-related policies and procedures Establish and chair/co-chair an Information Security / Cyber Risk Committee and contribute to Board-level reporting on cyber risk Develop and maintain the firm's information security governance framework Lead the firm's SOC 1 (Type 1/Type 2) and SOC 2 (Type 1/Type 2) readiness and ongoing attestation efforts Own the control catalog, control testing coordination, evidence collection, and remediation tracking across technology, operations, and third parties Act as primary security point of contact for external auditors, assessment firms, and key institutional partners Ensure security program alignment with SEC Regulation S-P, Reg S-ID, Reg SCI, SEC / Client cybersecurity expectations, and NYDFS 23 NYCRR 500 Partner with Compliance and Legal to interpret new regulations, assess impact, and implement necessary control and policy changes Maintain and periodically test the Incident Response Plan, Business Continuity and Disaster Recovery (BC/DR) from a security perspective Provide security oversight for cloud (AWS) and on-prem infrastructure, including network security, endpoint security, identity and access management (IAM), and data protection Work with Infrastructure/DevOps and application teams to embed secure SDLC practices, including code review, security testing, and secure deployment pipelines Oversee vulnerability management, including patch management processes, penetration testing, and remediation programs Define and oversee Security Operations Center (SOC) / XDR usage, log management, SIEM, threat detection, and incident handling Design and enforce data classification, data loss prevention (DLP), encryption, and key management controls Partner with business and product teams to ensure client data privacy and secure data flows, including with third-party vendors and partners Own the vendor security risk management program, including security due diligence, contract security clauses, and ongoing monitoring Evaluate and manage key security vendors Build and lead a small but high-impact security team, scaling capabilities over time Promote a security-first culture through training, awareness programs, and regular communication with staff at all levels Qualifications: Required Bachelor's degree in Computer Science, Information Security, Engineering, or related field; or equivalent experience 7+ years of progressive experience in information security, including at least 3 years in a leadership role (Head of Security, Deputy CISO, CISO, or equivalent) Hands-on experience leading SOC 1 and/or SOC 2 attestation projects at a financial institution, fintech, or SaaS provider Strong background in financial services or capital markets (broker-dealer, clearing firm, trading platform, or similar) Understanding of Information security frameworks (e.g., NIST CSF, NIST 800-53, ISO 27001) Understanding of Regulatory landscape for U.S. financial firms (e.g., SEC, Client, possibly NYDFS 500) Experience with Identity & access management, network security, endpoint security, and cloud security (preferably AWS) Experience building and maintaining incident response, BC/DR, and vulnerability/patch management programs Strong track record of cross-functional leadership, communicating complex security and risk topics to non-technical executives and boards Preferred Experience as CISO, Deputy CISO, or security leader at a broker-dealer, clearing firm, exchange/ATS, or large fintech Professional certifications such as CISSP, CISM, CISA, CRISC, CCSP or similar Experience with AWS security services Familiarity with DevSecOps practices and secure CI/CD pipelines Experience managing data localization and cross-border data separation initiatives

Akamai- Senior Security Specialist Must have skills • SOC/SIEM, Threat Hunting, Incident Response, Endpoint Security - EDR/XDR • WAF/DDoS implementation and configuration using Cloudflare/Akamai platforms • Client management skills 10+ yrs exp Job Description: As a Senior Security Specialist, you will play a critical role in safeguarding our organization's information assets and infrastructure. Your expertise in Cybersecurity, EPP, EDR, XDR, AI Security, threat hunting, network security, WAF, cloud security, threat detection, incident response, malware analysis, data and log analysis, and timeline forensics will be instrumental in identifying and mitigating security risks. You will work collaboratively with cross-functional teams, security analysts, IT professionals, and management to ensure the protection of our systems, networks, and data. Key Responsibilities: Design, develop and implement security solutions and tools like Aurora, Palo Alto Cortex to improve security posture and protect organizations infrastructure and data. Review and validate policy configurations and utilize security tools including EPP, EDR, XDR, cloud security configurations, network security technologies to improve and fine-tuning. Work with MFX and clients for endpoint security related report review and provide technical details. Proven security engineering and administration experience with EPP, EDR, XDR technologies preferably Aurora, Cortex etc. Research the latest security best practices and technologies, staying abreast of new threats and vulnerabilities and helping disseminate this information within the groups at the company. Develop and implement cybersecurity strategies, policies, and procedures. Lead and coordinate incident response activities, including containment, eradication, and recovery. Conduct post-incident analysis to identify lessons learned and recommend improvements. Work closely with internal and external stakeholders to manage and mitigate security incidents. Provide guidance and support to junior security team members during incident response activities. Perform analysis of suspicious files and malware samples. Identify malware behavior, capabilities, and potential impact. Develop and maintain a malware analysis lab and related tools. Provide recommendations for mitigation and response to malware incidents. Stay updated with emerging malware trends and techniques. Familiarity with Cyber Kill chain and MITRE ATT&CK framework. Establish, execute, communicate, and oversee project management for MFX and clients. Education / Work Experience: Minimum 10+ years of experience in cybersecurity, network security, cloud security, threat hunting including a minimum of 5+ years of experience in Endpoint Security technologies. Work experience with securing cloud infrastructure in Azure/AWS. Experience in WAF, DDoS configurations and incident handling skills. Preferred Certifications: GIAC, CISM, CCSP, CISSP, or equivalent certification, work experience, or skills. Strong knowledge of cybersecurity principles, best practices, and industry frameworks (e.g., NIST, ISO 27001). Good to have digital forensic investigations, including timeline analysis. Knowledge / skills: Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security. Experience using endpoint security technologies like Aurora, Cortex, or similar. Strong technical experience in cloud security services - network and storage encryption, network security groups, web security and identity and access management. Administering and improving industry standard security controls using security tools like EPP, EDR, XDR etc. and driving operational excellence. Experience with multiple Operating systems (Linux, Unix, Windows) Understanding of forensic principles and methodologies, including timeline forensics (Good to have) Excellent customer relationship and strong communication (i.e., written and verbal), presentation, teamwork skills and resourcefulness.

The Role We are looking for a Network Engineer to join our IT team to handle the design, implementation, and maintenance of our internal and client-side network infrastructure. You will play a key role in ensuring the stability, security, and performance of our networks, enabling us to deliver exceptional service to our clients and support our internal operations effectively. You should be comfortable with everything from troubleshooting network issues to supporting end-user systems, and contributing to network improvements within the company and on our deployed microgrids. This role will report to our Senior Manager of IT and be based at our HQ in Ridgewood, NJ, with travel up to 20% of the time. Key responsibilities will include: Network Design & Implementation: Plan, design, and implement network solutions for both internal use and client sites, utilizing routers, switches, firewalls, wireless access points, and other network devices. Conduct on-site client assessments to understand their needs and develop tailored network architectures. Ensure network designs meet performance, security, and scalability requirements, incorporating redundancy and future-proofing best practices. Network Maintenance & Optimization: Proactively monitor network performance, analyze metrics, and identify areas for improvement. Perform regular maintenance and optimization of network devices and services to ensure reliability and maximize throughput. Security & Compliance: Implement and maintain network security best practices, including firewalls, VPNs, and intrusion detection/prevention systems. Ensure the security of both internal and client systems, adhering to industry regulations. Troubleshooting & Support: Provide Tier 1/2/3 support for network-related issues, resolving escalated or complex problems remotely and on-site at client locations. Respond to inbound support requests, collaborating with the help desk to address and resolve network incidents promptly. Work with vendors and service providers to address outages and equipment failures effectively. Documentation & Reporting: Maintain comprehensive network diagrams, standard operating procedures (SOPs), and configuration records. Generate reports on network health, capacity planning, and performance trends to support strategic decision-making. Collaboration & Stakeholder Engagement: Collaborate effectively with the Sr. IT Manager and team leads to align network strategies with business objectives. Participate in cross-functional teams to evaluate and integrate new technologies, expanding and upgrading infrastructure as needed. The Ideal Candidate Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent experience). 3+ years of hands-on experience in network engineering or a similar role. Professional certifications (e.g., CCNA, CCNP) are strongly preferred. In-depth knowledge of routing protocols (e.g., BGP, OSPF), switching technologies (VLANs, STP), and firewall configurations. Familiarity with SCADA devices, FortiGate firewalls, and Teltonika modems is highly desirable. Experience with network monitoring tools (e.g., SolarWinds, Nagios, PRTG) and logging systems (SIEM solutions). Familiarity with cloud networking environments (AWS, Azure, or GCP) is a plus. Strong troubleshooting skills to diagnose and resolve network issues in both on-premise and client-site environments. Excellent problem-solving and analytical abilities. Strong communication and interpersonal skills to effectively interact with technical and non-technical stakeholders, including clients. Detail-oriented with the ability to prioritize tasks, manage time efficiently, and meet deadlines. Team player with a collaborative mindset and a customer-focused approach. Willingness to travel to US-based client sites as necessary. Ability to participate in an on-call rotation when required. This is a great opportunity to have a long-term impact on a fast-paced, private equity-backed growth business. Some of the core virtues embraced by Scales' employees include: Do the Right Thing Act Like an Owner Hustle Demand Results Go Together Evolve or Disappear We offer a competitive compensation package and a comprehensive benefits program including medical benefits, paid vacation and holidays, and 401K matching. About Scale Microgrids Scale is redefining resilience, with advanced microgrids that go beyond traditional backup power solutions to give businesses the power to adapt and thrive amid all of today's growing energy challenges. As a vertically-integrated provider of turnkey advanced microgrid systems, Scale combines project design, engineering, and execution expertise with microgrid-as-a-service financing to offer our customers systems that are optimized to deliver maximum value from day one while ensuring ultra-reliable operations and fast time-to-power. Scale is backed by EQT, a firm with ~$250B in assets, bringing a depth of experience, resources, and capital that will enable Scale to continue pursuing our vision of powering the world with distributed energy. The investment enables Scale to own and operate billions of dollars in distributed generation assets. To learn more about Scale Microgrids, please visit ******************************** About EQT EQT is a leading purpose-driven global investment organization with EUR 246 billion in total assets under management, divided into two business segments: Private Capital and Real Assets. EQT owns portfolio companies and assets in Europe, Asia Pacific, and the Americas and supports them in achieving sustainable growth, operational excellence, and market leadership. To learn more about EQT, please visit ********************* Scale strives to attract and retain a workforce that reflects the composition of our customer base and communities. We are committed to providing a work environment that provides everyone with equal access and opportunity to contribute and drive meaningful outcomes. We encourage applicants from all backgrounds to apply and will consider qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.