Security engineer jobs in Georgetown, TX

Data Security Analyst (GRC Analyst 2) - (Must be local to Austin, TX) Austin, TX | Hybrid (3 Days Onsite, 2 Days Remote) Monday-Friday, 8:00 AM-5:00 PM About the Role Client is seeking an experienced Data Security Analyst (GRC Analyst 2) to support advanced information security and compliance initiatives. This hybrid role requires strong governance, risk, and compliance (GRC) expertise-ideal for professionals who excel in regulatory frameworks, self-assessments, and stakeholder collaboration. Key Responsibilities Design, configure, and manage self-assessment projects within GRC tools (Diligent preferred). Build workflows, automated notifications, and task assignments for assessment activities. Interpret and apply regulatory and industry frameworks: Texas Cybersecurity Framework (TCF) NIST Cybersecurity Framework (CSF) 2.0 HIPAA Security Rule ISO 27001, CIS Controls, and other standards Partner with business and technical stakeholders to gather evidence, track remediation, and report on compliance posture. Support internal audits, risk assessments, and continuous process improvement. Maintain documentation and contribute to maturing GRC capabilities across the organization. Required Qualifications 3+ years in GRC, cybersecurity, or compliance roles Hands-on experience with GRC platforms (Diligent strongly preferred) Strong understanding of NIST CSF 2.0, HIPAA Security Rule, Texas Cybersecurity Framework Experience designing workflows, assessments, and notification processes in GRC tools Excellent communication and stakeholder-engagement abilities Preferred Qualifications Familiarity with risk management methodologies Relevant certifications (CISA, CRISC, CISSP, CGRC)

Hi All, *** Greetings from My3tech *** Role: Data Security Analyst 2 Duration: 6+ Months Minimum Qualifications Years Skills / Experience 3 Experience in a GRC, cybersecurity, or compliance role 3 Hands-on experience with GRC platforms (Diligent preferred) Strong understanding of NIST CSF 2.0, HIPAA, and state-level frameworks (Texas Cybersecurity Framework) Experience designing workflows and notifications within GRC tools Excellent communication and stakeholder engagement skills Preferred Qualifications Years Skills / Experience Familiarity with risk management methodologies Certifications such as CISA, CRISC, CISSP, or CGRC

Must Have Technical/Functional Skills New JD requirement: Security Consultant The hiring manager has shared the following details: · The manager is looking for candidates with relevant experience in GRC audit and risk assessment. · Ideal experience: 2-4 years in that domain. · Extensive experience in incident management is not required. Role expectations: 60% - Incident Life Cycle Management, 20% - Risk Assessment and Management across all suppliers and 20% - Audit Assessment, Additionally, a manufacturing industry background would be preferred. Cyber Security assessment Analyst conducts and supports the cyber security controls risk assessment and management process across all our suppliers. Responsibilities include assessing our suppliers' current adequacy of the security controls & strategy, business continuity /disaster recovery plans, threats to the systems, and then calculating the impact of potential adverse events. Audits and assessments must be continual, as the threat profiles change constantly. The Analyst will keep executive management up to date on the results of the risk assessment and make recommendations for mitigations, or projects, to protect supplier and customer systems Roles & Responsibilities • Demonstrate strong knowledge in IT controls, risk assessments, and assessment of security measures • Identify opportunities to continuously innovate and improve the program and value delivered to organization • Ensure successful completion of the annual supplier cyber security assessments • Independently and proactively plans and performs assigned audit engagements related to security, confidentiality, integrity, information protection and availability of data • Conduct cyber security assessments & evaluate in alignment to the supplier security control framework • Ensure effectiveness of approved controls and drive risk remediations or changes from previous audit for existing certified suppliers • Inform and advise business leaders on supplier's information security risks • Provide subject matter expertise in third-party risk management. • Proactively research and work in enhancing improvements to our existing process related to documentation and security assessments. • Automate security assessment processes & tools to review the security controls for cloud-based applications • Ability to multi-task and manage multiple global projects at the same time. • Ability to work collaboratively across diverse team in a matrix type organization • Bachelor's degree in Science & Engineering or technical discipline is required. • 7 years of information security & assessment experience with increased responsibilities • In-depth knowledge of security assessment/audit principles • Understanding of networking principles and data protection • Ability to identify problems, analyze data and present conclusions • Strong verbal, written and presentations skills • Knowledge of information security frameworks such as ISO 27001 /NIST CSF is preferred • Experience in supply chain cyber assessment and related tools usage is preferred • CISA, CISM, certifications are preferred • Excellent communication skills. • Able to work as part of a virtual global team with cultural, language, and time zone differences. • Able to deal with ambiguity and work independently with minimal supervision/guidance. Education and Requirements Qualifications: Bachelor's degree in Science & Engineering or technical discipline is required. 8 years of specializing in end-to-end incident lifecycle management including detection, triage, recovery, root cause analysis Proven expertise in coordinating cross-functional response teams, optimizing playbooks and maturing incident management processes aligned to NIST, ISO and MITRE ATT&CK Knowledge of NIST 800-61, MITRE ATTA&CK, ISO 27001, CIS Controls 7 years of information security & assessment experience with increased responsibilities In-depth knowledge of security assessment/audit principles TCS Employee Benefits Summary: Discretionary Annual Incentive. Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans. Family Support: Ma ternal & Parental Leaves. Insurance Options: Auto & Home Insurance, Identity Theft Protection. Convenience & Professional Growth: Commute r Benefits & Certification & Training Reimbursement. Time Off: Vacation, Time Off, Sick Leave & Holidays. Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing.

NVIDIA is looking for security researchers passionate about offensive research across different platforms. Do you have experience with identifying hardware and software vulnerabilities, developing PoC, and tools for automation in vulnerability research? Are you creative and devious in your offensive approach? We want to hear from you! You should demonstrate ability to excel in an environment with innovative and fast paced development on the worlds most powerful integrated software and hardware computing platform. What you'll be doing: * Core job duties will identify vulnerabilities in our embedded firmware and critical system software, building proof of concepts, and collaborating with development teams to remediate them. * Candidates will invest in improving current tools and offensive practices for bug discovery and evaluation while supporting remediation efforts. We expect team members to exercise modern tools for modeling new attack vectors on unreleased and emerging technology platforms. * The most impactful candidates can simulate real attacker behaviors, break systems by exploiting design assumption and effectively communicate their findings for action. Focus will be to increase resilience of the end products against all forms of attack through close collaboration with extended SW and HW offensive security teams. * Products targets span HPC data centers, consumer electronics, autonomous platforms, AI/cloud solutions, and a variety of embedded/IOT platforms providing a rich and complex target space to exercise your skills. What we need to see: * We'd like to see proven experience and offensive security research (CVE's, publications, patents, tools, bounties) with demonstrated responsible disclosure practices. * Strong skills in reverse engineering and automation (IDA, Ghidra), fuzzing (AFL, WinAFL, Syzcaller) and exploitation (ROP, memory corruption) are important to success; as well as understanding of modern embedded cryptography and common security issues. * Experience with ARM/X86/RISCV assembly (include shellcode development) and low-level C programming paired with understanding and experience with micro-architectural attacks (side channels, fault injection, etc) is critical. * Demonstrated skill for secure code reviews of complex source projects, and exposure to code quality practices (SDL, threat modeling) that support development goals. * Candidates should be comfortable working collaboratively and remotely with others to accomplish complex team goals, enabling delivery of outstanding security for our products. * BS/BA degree or equivalent experience * 12+ years in a security related field Ways to stand out from the crowd: * Navigating complex platform concerns and ability to analyze composed systems to identify high risk components and established testing targets and objectives. * Practical skills using Hex-Rays IDA Pro and plugin/loaders development (or similar experience with Ghidra) is valuable * Leveraging innovative strategies and AI advancements to accelerate discovery and resolution of security risks. * Experience with enclave models such as NVIDIA CC, ARM TEE, Intel SGX/TDX, AMD SEV-SNP and other isolation technologies. * Development and integration of AI tooling and skills to accelerate and improve activities and or experience with offensive actions targeting AI models (LLM or other) components within those platforms. NVIDIA has continuously reinvented itself over two decades. Our invention of the GPU in 1999 fueled the growth of the PC gaming market, redefined modern computer graphics, and revolutionized parallel computing. More recently, GPU deep learning ignited modern AI - the next era of computing. NVIDIA is a "learning machine" that constantly evolves by adapting to new opportunities that are hard to solve, that only we can pursue, and that matter to the world. This is our life's work, to amplify creativity and intelligence. Make the choice to join us today! Your base salary will be determined based on your location, experience, and the pay of employees in similar positions. The base salary range is 224,000 USD - 356,500 USD for Level 5, and 272,000 USD - 425,500 USD for Level 6. You will also be eligible for equity and benefits. Applications for this job will be accepted at least until October 5, 2025. NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.

Apple's Security Engineering u0026 Architecture organization is responsible for the security of all Apple products. Passionate about safeguarding our users, we believe that the best defense requires a great offense. When it comes to securing more than a billion devices running the world's most sophisticated operating systems, that means finding vulnerabilities first. Can you make a difference on this scale? Join our extraordinary team of security researchers and help protect all Apple users. We engage in diverse activities, including vulnerability research, binary exploitation, security tooling development, fuzzing, machine learning, and many more. By developing and harnessing state-of-the-art technologies, we amplify our impact on Apple's product security. We cover a wide range of specialities, including operating systems, firmware, microarchitecture, hardware, browser, messaging applications, Bluetooth, Wi-Fi, baseband, physical attacks including side-channel and fault injection, incident response, and more. As a member of our group, your primary responsibility will be to conduct offensive security research in one or more of these areas, often in cross-functional teams. This job is for individuals with outstanding technical skills, grit, and a genuine passion for breaking systems. If this is you, we'd love to hear from you. Ability to apply AI techniques and tools, such as LLM or Machine Learning, for security research Fluency with tool development, using programming languages such as C, C++, Python, Swift, or Objective-C Experience with reverse-engineering techniques and tools like IDA or Ghidra Knowledge of Apple operating systems like iOS or mac OS is nice-to-have, but not required Offensive security research experience Strong understanding of common vulnerability classes and exploitation techniques Creative and effective problem-solving and analytical skills Outstanding collaboration skills

Inclusion at Bumble Inc. Bumble Inc. is an equal opportunity employer and we strongly encourage people of all ages, colour, lesbian, gay, bisexual, transgender, queer and non-binary people, veterans, parents, people with disabilities, and neurodivergent people to apply. We're happy to make any reasonable adjustments that will help you feel more confident throughout the process, please don't hesitate to let us know how we can help. In your application, please feel free to note which pronouns you use (For example: she/her, he/him, they/them, etc). Location: Austin, TX - Hybrid (2-3 days/week in-office) Team: Information Security Please note: We are unable to offer Visa transfers or Visa sponsorship of any kind at this time At Bumble, we're building secure, AI-powered systems that make trust and safety intrinsic to every product experience. We're looking for a Staff Product Security Engineer to lead the transformation of complex security requirements into intuitive, scalable, and developer-friendly solutions. In this role, you'll sit at the intersection of Engineering, Product, and Compliance-designing frameworks and automation that make secure-by-design development seamless. You'll empower engineers through innovative tooling, AI-driven enablement, and culture-shifting leadership that turns security into a core enabler of innovation. What You'll Do * Research, design, and deliver scalable security tools, frameworks, and automation that streamline secure development. * Build developer-centric security experiences and self-service capabilities within engineering workflows. * Leverage AI and Model Context Protocol (MCP) to create intelligent, context-aware security guidance and automation. * Collaborate with Product and Engineering to embed security into design reviews, sprints, and roadmaps. * Provide expertise across cloud-native, containerized, and service-oriented architectures (AWS, GCP, Kubernetes). * Partner with leaders across Engineering and Product to align security with developer velocity and experience. Qualifications / Must-Haves * 10+ years of experience in Application or Product Security. * Proven expertise in secure software development, threat modeling, and SDLC integration. * Hands-on experience building or integrating developer-facing security tools. * Strong understanding of cloud and container security (AWS, GCP, Kubernetes). * Demonstrated ability to influence engineering practices and drive security adoption. * Excellent communication skills and cross-functional leadership. Nice-to-Haves * Experience with AI security tooling, context-aware automation, or MCP-based architectures. * Familiarity with workflow automation platforms (n8n, Make.com, Zapier, etc.). * Experience building agentic AI systems that work collaboratively. * Understanding of AI privacy and governance in developer workflows. * Strong coding background and pragmatic build-vs-buy decision-making. Why Join Bumble * Build security solutions developers genuinely love to use. * Lead AI-assisted security innovation at global scale. * Collaborate in a high-trust, forward-thinking engineering culture. * Shape how Bumble builds and secures software for the next generation. $240,000 - $257,500 a year Location This role is based in Austin, and we ask that you're within a commutable distance to this office, so that you're able to come on-site regularly to collaborate across engineering teams, Monday - Wednesday. We have a hybrid work style and ask that all Engineers be on-site Monday - Wednesday. Please note: We are unable to offer Visa transfers or Visa sponsorship of any kind at this time Global benefits Maven Fertility We offer a $10,000 lifetime benefit opportunity to all employees and their partners around the world. This benefit can be used to support your reproductive journey - from abortion care and related travel costs to fertility treatment, egg-freezing, adoption, surrogacy, and more. Family & compassionate paid leave Family leave to support you and your loved ones when needed (including victims of domestic abuse or violent crime). 26 weeks parental leave 26 weeks paid leave for the primary caregiver following the birth, adoption, surrogacy or foster care of a child. The secondary caregiver will also receive 26 weeks paid leave after 1 year of employment. Unlimited paid time off Take the time you need when you need it. Company-wide week off Once a year, we have a company-wide week off (it's essential for some teams to continue working and they will be offered alternative time off instead). Focus Fridays Every Friday we try to have a no meeting, no deadline, no email and no Slack rule on a Friday so you can focus without distraction. Check out more of our local benefits here About Us Bumble Inc. is the parent company of Bumble Date, BFF, and Badoo. The Bumble platform enables people to build healthy and equitable relationships, through Kind Connections. Founded by Whitney Wolfe Herd in 2014, Bumble was one of the first dating apps built with women at the center and connects people across dating (Bumble Date) and friendship (BFF). BFF is a friendship app where people in all stages of life can meet people nearby and create meaningful platonic connections and community based on shared interests. Badoo, which was founded in 2006, is one of the pioneers of web and mobile dating products. AI in Bumble Inc. Hiring At Bumble, we may use AI tools to support parts of our recruitment process - such as helping us record, transcribe, and summarize conversations, and supporting job alignment by comparing resumes and job descriptions to highlight skills and potential roles that may be a good match. These tools help us work more efficiently and stay focused on you during our conversations. Importantly, all hiring decisions are made by people. AI is used only to support our team's efficiency and improve the candidate experience - not to evaluate or decide on your candidacy. Participation in AI-supported interviews and conversations is completely voluntary and will not impact your candidacy. If you'd prefer to opt out, simply let your recruiter or interviewer know at the start of a call, or anytime during the interview or conversation. Summaries and related data are retained only as long as needed in line with our internal data retention policies. If at any point you'd like a transcription or summary deleted, please contact your recruiter directly. For further information on how we hold and manage your data, please refer to our Privacy Policy.

CIP Cyber & Physical Security Analyst (Auditor) Texas Reliability Entity, Inc. (Texas RE) is hiring! We are seeking a CIP Cyber & Physical Security Analyst to join our team to conduct compliance engagements (audits) and internal control assessments based on risk within the Bulk Power System (Energy Sector). Who We Are At Texas RE, we affect the lives of millions of people by ensuring effective and efficient reduction of risks to the reliability and security of the Bulk Power System within the ERCOT Interconnection. The ERCOT Interconnection is located within the State of Texas and includes approximately 90% of Texas's electric load and 75% of its land area. Texas RE's teams support this this mission while enjoying a flexible work environment, open collaboration, and a culture that values diversity, equity, and inclusion. Employees work a hybrid work schedule consisting of, at least, two days in the office (Tuesdays and Wednesdays) with the option of working three days remotely. Additionally, employees have the option to take advantage of Flexible Friday, where employees may shift working hours to earlier in the week instead of on Friday afternoon. Considered candidates will be required to reside in the Austin-metro area or be able to reliably commute to the office within a reasonable amount of time. Summary of Responsibilities The Critical Infrastructure Protection (CIP) Cyber and Physical Security Analyst is responsible for performing NERC Reliability Standard compliance engagements and other compliance program activities. The position is expected to develop expertise in the areas of information technology, operational technology, security, electrical power industry, professional auditing, and risk-based compliance processes. This position prepares and performs engagements to evaluate NERC registered entities for compliance with the NERC Reliability Standards. This position has significant contact with personnel who manage, operate, plan, and oversee generation, transmission, distribution, and cyber/physical security. This position ensures information obtained is consistent and accurate and prepares documentation and reports for the engaged NERC registered entity, NERC, FERC, Texas RE management, and the Texas RE Board. The CIP Cyber and Physical Security Analyst works independently and in a collaborative team environment while reporting to the Manager, CIP Compliance Monitoring/Director, Compliance Assessments. The CIP Cyber and Physical Security Analyst is also responsible for assisting with efforts to compose guidance, respond to registered entity questions and provide outreach and training. Essential Job Duties Ability to travel up to 30%. Plans, supports, and conducts: Compliance engagements and internal control assessments of NERC registered entities required for security and reliability issues as a subject matter expert. Data analysis and correlation as necessary through statistical, judgmental, and/or mathematical methods. Internal and external training and outreach. Develops, maintains, and delivers: Detailed, accurate, and concise audit workpapers, findings, presentations, and reports. Adherence to departmental procedures and work instructions. Confidentiality and integrity of evidence, findings, reports, and any other records. Efficiently and effectively: Communicates strongly within the organization and externally with stakeholders. Collaborates with the ERO Enterprise and industry on compliance, reliability, and security matters. Works independently, proactively, and productively to ensure all work responsibilities (audits, projects, outreach, etc.) are successfully completed. General Job Requirements Bachelor's degree in Computer Science or Engineering field of study (or six years applicable experience Between 1 to 5 years in excess of degree requirements stated above of progressively responsible experience Problem solving skills Organizational skills Presentation skills Interpersonal, verbal, and written communication skills Willingness to learn, retain, and share technical knowledge and skills. Preferred Job Skills One of the following active certifications: Security: A+, Network+, Security+, Systems Security Certified Practitioner (SSCP), GIAC Critical Infrastructure Protection Certification (GCIP) Audit: Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Risk and Information Systems Control (CRISC) Knowledge of Industrial Control Systems (SCADA, distributed control systems, relays, etc.) and other utility Operational Technology or Information Technology systems. Self-motivated with the ability to manage work objectives efficiently and effectively to meet deadlines. Solutions-driven with the ability to make sound and independent judgment(s). Ability to adhere to strong professional standards when interacting with others. Company Benefits Texas RE pays 100% of employee-only coverage for medical, dental, vision, life and ADD, short-term and long-term disability, and long-term care insurance, as well as the employee assistance program. Additional benefits are offered at a minimal cost to the employee such as dependent medical, dental, voluntary life and ADD for employees, spouses, and children, additional long-term care coverage for family members, legal services and identity protection. Texas RE provides a generous 401(k) or Roth 401(k) savings plan for employees, contributing 10% of an employee's compensation towards the retirement plan with full vesting after three (3) years. Additionally, Texas RE will match 75%, up to 6%, of employee contributions, with vesting at 20% per year and full vesting at five (5) years of employment. Additional Information for Applicants Background checks (including criminal history and drug screening, education and employment verification) will be conducted prior to employment. Certain positions require travel outside the U.S.; valid passport necessary for those positions. Texas RE has restrictions on employee and employee's household members' employment and financial relationships with NERC registered entities. Additional details furnished upon request. Texas RE is committed to attracting top talent from a diverse candidate pool. During the interview process, candidates will meet with a cross-section of Texas RE employees who bring a broad set of perspectives to the discussion. Our inclusive, friendly work environment encourages employees to collaborate across and outside of our organization, while also offering opportunities for personal growth. Our team of professional, technical, and administrative staff derives its collective strength from our varied backgrounds. Texas RE is an equal employment opportunity employer and prohibits discrimination against employees or job applicants on the basis of race, color, sex (including sexual orientation, gender identity/transgender status, and pregnancy), religion, national origin, age (40 or older), disability, veteran status, marital status, genetic information, or other status protected by law.

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

Job DescriptionSaronic Technologies is a leader in revolutionizing defense autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations for the Department of Defense (DoD) through autonomous and intelligent platforms. Saronic Technologies is a leader in defense autonomy at sea. We're seeking an Embedded Security Engineer to design, implement, and harden security for the software that runs on our autonomous surface vessels. You'll work across device identity, secure boot and update flows, secrets/key management, and secure communications-partnering closely with autonomy, platform, manufacturing, and field teams to deliver trustworthy systems that operate reliably in maritime environments. Senior Engineers: 3+ years of experience delivering security features on embedded/Linux systems, preferably in autonomy, robotics, aerospace, or defense. Staff Engineers: 8+ years of experience including technical leadership across secure boot/update pipelines, identity/PKI, and fleet-wide hardening; demonstrated ownership of mission-critical features from design through field deployment.Key Responsibilities: Design, develop, and maintain security features for embedded Linux systems (systemd-managed services, Rust/C/C++) used for navigation, control, and communications. Own per-vessel identity and mutual authentication for boat↔cloud and boat↔boat links; implement certificate/key rotation and revocation workflows. Implement signed/verified update mechanisms with rollback protection; collaborate with manufacturing on secure boot enablement and key provisioning. Integrate and operate hardware-backed key storage (e.g., TPM/secure elements) and sealed secrets for on-vessel services. Harden network paths over constrained links: TLS/mTLS, VPN overlay policies, and least-privilege service access. Reduce attack surface in embedded services (capabilities, seccomp/AppArmor where appropriate, safe process execution, input validation). Build tamper-evident, structured logging and diagnostics suitable for ship→shore analysis and incident response. Perform threat modeling, code reviews, and security testing (static/dynamic analysis, fuzzing, negative testing). Troubleshoot and debug complex security issues in fielded systems; author runbooks and safe-rollback procedures. Document designs, processes, and verification results for compliance and knowledge sharing; contribute to secure coding guidelines. Stay current on emerging security technologies and best practices relevant to embedded Linux and autonomous systems. Required Qualifications: Bachelor's or Master's degree in Computer Science, Electrical/Computer Engineering, Software Engineering, or a related field. Proficiency in Rust and/or C/C++ developing software for embedded Linux. Strong understanding of cryptographic primitives and protocols (keys, certificates, signatures, TLS/mTLS), and experience integrating them into systems. Experience with secure/verified boot, OTA/update safety, and firmware/bootloader workflows. Familiarity with VPN overlays and constrained-network security patterns. Comfortable with Linux security fundamentals (users/permissions, capabilities, sandboxing) and systemd-based service management. Excellent problem-solving skills and ability to collaborate effectively in na fast-paced, cross-functional environment. Strong written and verbal communication skills. This role requires the ability to obtain and maintain a security clearance Preferred Qualifications: Experience with TPM/secure elements, measured/verified boot, and attestation. Exposure to NixOS-based builds, Yocto, or similar embedded Linux tooling. Experience with authenticated media/telemetry pipelines and secure streaming. DoD/defense domain familiarity and prior work under export-controlled constraints. Physical Demands: Prolonged periods of sitting at a desk and working on a computer. Occasional standing and walking within the office. Manual dexterity to operate a computer keyboard, mouse, and other office equipment. Visual acuity to read screens, documents, and reports. Occasional reaching, bending, or stooping to access file drawers, cabinets, or office supplies. Lifting and carrying items up to 20 pounds occasionally (e.g., office supplies, packages). Benefits:Medical Insurance: Comprehensive health insurance plans covering a range of services Saronic pays 100% of the premium for employees and 80% for dependents Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care Saronic pays 100% of the premium under the basic plan for employees and 80% for dependents Time Off: Generous PTO and HolidaysParental Leave: Paid maternity and paternity leave to support new parents Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses Retirement Plan: 401(k) plan Stock Options: Equity options to give employees a stake in the company's success Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage Pet Insurance: Discounted pet insurance options including 24/7 Telehealth helpline Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office This role requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3) . Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.

Support senior cybersecurity staff in evaluating cybersecurity risks across commercial real estate (CRE) environments. Responsibilities include assisting with network security assessments, reviewing access controls, identifying common misconfigurations, running vulnerability scans, documenting networks/systems, and preparing clear reports. Scope spans both IT and OT (building systems such as BMS/BAS, HVAC, access control, CCTV). Key Responsibilities Perform asset discovery and initial scans to identify hosts, services, and firmware versions (e.g., Nmap). Review firewalls, VPNs, and endpoint security to identify misconfigurations and vulnerabilities Evaluate switch/router configurations for proper segmentation Document current-state diagrams and asset inventories Assess BMS/BAS, IoT, and physical security systems for cyber risk with minimal disruption to operations. Identify common gaps (weak/default credentials, unpatched systems, outdated TLS, flat networks, exposed management interfaces, insecure vendor remote access). Support remediation by coordinating with IT teams, vendors, and property managers; verify fixes and retest critical findings. Prepare and maintain assessment artifacts: asset lists, risk-rated findings, evidence, compliance checklists, and client-ready reports. Track emerging threats and advisories relevant to smart buildings/IoT and CRE environments; summarize impact for the team. Qualifications Associate's or Bachelor's in Cybersecurity/IT (or 2+ years equivalent hands-on experience). Familiarity with core security technologies: Firewalls (e.g., Fortinet, Palo Alto), IAM/MFA (e.g., Entra ID/Azure AD), and EDR (e.g., SentinelOne). Intermediate networking: TCP/UDP, routing basics, Layer-3 switches, VPNs (IPsec/SSL), VLANs, ACLs, NAT, DHCP/DNS, Wi-Fi/WPA3. Working knowledge of Windows client/server; basic Linux familiarity. Strong documentation and communication skills; ability to translate technical findings into clear business impact. Nice to Have Exposure to vulnerability management tooling and concepts. OT/IoT awareness: BACnet/Modbus basics, safety-first testing on live control networks, maintenance-window/change-control etiquette. Firewalls and platforms: Palo Alto, Fortinet, Check Point; switch stacks (Cisco Catalyst/Meraki, UniFi). Identity, privileged access, and remote access hygiene Endpoint and device management Scripting/automation Ticketing and knowledge tools (ServiceNow/Jira/Confluence); diagramming (Visio/draw.io). Familiarity with frameworks and benchmarks: NIST CSF 2.0, CIS Controls Travel: Regular on-site visits to local properties (50%) with occasional out-of-area travel (5-10%) Benefits Medical, dental, and vision insurance Life insurance Long-term disability Paid vacation Paid holidays Simple IRA (401K equivalent) for eligible employees Stocked snack bar Company-sponsored outings Fitness center onsite

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

We're looking for a Staff Security Engineer to join Procore's Security Engineering team. In this role, you'll be a key technical leader responsible for designing and implementing foundational security controls that protect our platform, data, and users. Your primary goal is to drive the implementation of a secure, scalable, and resilient cloud product and infrastructure by default. As a Staff Security Engineer, you'll partner with Product & Technology, Engineering, IT, and GRC to embed security into the development lifecycle. Use your deep expertise in cloud architecture, data protection, and identity and access management to design and implement robust, automated security guardrails across our SaaS ecosystem. This is a high-impact opportunity to solve complex security challenges and protect the data of millions of users-Apply today. This position reports into the Senior Director, Security Engineering and will be based in our Austin, TX office. We're looking for someone to join us immediately. What you'll do: * Design and build automated pipelines for authoritative asset inventory and Software Bill of Materials (SBOM) generation. * Design and implement scalable IAM guardrails for cloud (AWS/GCP/Azure) and corporate (Okta) environments, including PAM and service-to-service authentication. * Drive the technical roadmap for data protection, including key management (KMS), encryption-at-rest/in-transit, and tokenization. * Build and implement secure-by-default configurations for our containerized (Kubernetes, EKS) and IaC (Terraform) workflows. * Partner with SRE and GRC teams to engineer technical resilience patterns, auto-healing systems, and verifiable disaster recovery capabilities. * Act as a senior technical expert to provide authoritative context on security controls and architecture to our GRC and Internal Audit teams. * Mentor other engineers and help scale security knowledge across the organization. * Lead the evaluation and implementation of new security technologies and platforms from proof-of-concept to production. What we're looking for: * Bachelor's degree in Computer Science or equivalent practical experience. * 6+ years of experience in a hands-on technical security role, with at least 3 years focused on cloud security in a large-scale SaaS environment. * Deep expertise in multiple security domains including product/application security, IAM, IaaS, network, etc. * Deep expertise with at least one major cloud provider (AWS preferred) and its security services (IAM, KMS, Security Hub, GuardDuty). * Strong experience with identity and access management platforms (Okta, Azure AD) and concepts (SAML, OAuth 2.0, OIDC, SCIM). * Proven experience building security guardrails for IaC (Terraform), CI/CD pipelines, and container orchestration (Kubernetes). * Strong understanding of data protection principles, including encryption, key management, tokenization, and data loss prevention (DLP). * A "builder" mindset with a passion for automation (Python, Go, or similar) and shipping solutions as code. * Excellent communication skills with the ability to translate complex technical concepts for technical and non-technical stakeholders. Additional Information Base Pay Range: This role may also eligible for Equity Compensation. Procore is committed to offering competitive, fair, and commensurate compensation, and has provided an estimated pay range for this role. Actual compensation will be based on a candidate's job-related skills, experience, education or training, and location. This position requires access to technology, software, and data that is controlled or restricted under U.S. law, regulation, executive order, or government contract. For Los Angeles County (unincorporated) Candidates: Procore will consider for employment all qualified applicants, including those with arrest or conviction records, in accordance with the requirements of applicable federal, state, and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act. A criminal history may have a direct, adverse, and negative relationship on the following job duties, potentially resulting in the withdrawal of the conditional offer of employment: 1. appropriately managing, accessing, and handling confidential information including proprietary and trade secret information, as well as accessing Procore's information technology systems and platforms; 2. interacting with and occasionally having unsupervised contact with internal/external customers, stakeholders, and/or colleagues; and 3. exercising sound judgment.

At Jamf, we believe in an open, flexible culture based on respect and trust. Our track record and thriving work environment all stem from the freedom we grant ourselves to get the job done right. We take pride in helping tens of thousands of customers around the globe succeed with Apple. The secret to our success lies in our connectivity, while operating with a high degree of flexibility. Work-life balance remains our priority while feeling connected is important to maintain our strong culture, achieve our goals, and thrive as #OneJamf. What you'll do at Jamf: The Senior Security Operations Engineer will work with the Cloud and Delivery team to continue to build, automate and maintain cloud security services in Azure. They will be responsible for leading the Security Design and Architecture, Log Collection, Security Incident Management, Identity and Access Management, Vulnerability and Patch management. They will be responsible for maintaining operation of the environment in accordance with our service level agreements and providing support to both our staff and customers. This role if offered as remote in Minneapolis, MN; Eau Claire, WI; or Austin, TX. You may be required to work periodically at a Jamf office or collaborative work location with other Jamf employees in your area for certain events or moments that matter. We are only able to accept applications for those based in one of these locations. What you can expect to do in this role: Mentors and advises others in related components and broad fundamental expertise areas Manages identity and access control in Azure Responsible for the tools, configuration, administration and related processes around our log file collection and monitoring Provides the framework, processes and execution to ensure support of Jamfs data leakage prevention Responsible for Web application firewall and related prevention, detection and mitigation of DDoS attack Vulnerability Management: Accountable for the prevention, detection and mitigation of vulnerabilities through industry standard tools, configuration, administration and internal procedures Performs regular firewall audits in line with our procedures. Provides the appropriate documentation, supporting evidence and follow up on identified issues requiring remediation Responsible for tooling, processes and follow up actions related to our external port scanning needs and practices Handles the identification, planning and implementation of any server hardening needs. Works collaboratively with Operations and other internal teams to communicate, document and implement Performs security incident analysis, response and remediation Participates in design and implementation of security automation workflows Helps manage security data reporting and visualization platform #LIRemote What we are looking for: Minimum of 4 years IT security principles, security operations, techniques, and technologies. (Required) Minimum of 4 years experience working with Linux/Unix command line interfaces, including Shell or Python scripting (Required) Minimum of 4 years experience with industry standard configuration management and deployment tools (e.g. Ansible, Azure Resource Manager or other) (Required) Minimum of 2 years experience administering some or all of the following Azure Services: (Virtual Machines, SQL Database, Load Balancer, Storage) (Preferred) Minimum of 2 years experience working with monitoring (Logic Monitor, AppDynamics, Zabbix, etc) and logging tools (Splunk, Sumologic, or ELK (ElasticSearch/Logstash/Kibana)) (Preferred) Advanced knowledge of containerization concepts and Kubernetes (Preferred) Basic knowledge of MySQL or Postgres (Preferred) 4 year / Bachelor's Degree (Preferred) A combination of relevant experience and education may be considered The following certification is preferred: Microsoft Certified: Azure Security Engineer Associate OTHER REQUIREMENTS: This position will perform work that the U.S. government has specified can only be performed by a U.S. citizen located physically in the U.S., and therefore any employment offer will be contingent upon verification of both of these requirements. Applicants who are not U.S. citizens or who are located outside of the U.S. are strongly encouraged to apply for other positions at Jamf, which is an equal-opportunity employer. SECURITY AND PRIVACY REQUIREMENTS: Participation in ongoing security training is mandatory Established security protocols will be adhered to, sensitive data will be handled responsibly, and data protection practices are followed, including understanding relevant privacy regulations and reporting breaches Acknowledging the Jamf Code of Conduct, where applicable security and privacy policies can be found, is a requirement of all roles at Jamf How we help you reach your best potential: Named a 2025 Best Companies to Work For by U.S. News Named a 2024 Best Technology Company to Work For by U.S. News Named one of Forbes Most Trusted Companies in 2024 Named a 2024 Best Companies to Work For by U.S. News Our developers work in agile delivery teams to produce new features, improve software components, and are the subject matter experts for our Jamf product offerings. You will have the opportunity to make a real and meaningful impact for more than 75,000 global customers with the best Apple device management solution in the world. We constantly push the boundaries of technology, our developers support new innovations and OS releases the moment they are made available by Apple. Several Jamf engineers are named in patents and with team names like CatDog, ThunderSnow and Dalek you can expect to have some fun while building cutting-edge software. You will have the opportunity to work with a small and empowered team where the culture is based on trust, ownership, and respect. We offer a clear career path that enables you to grow under supportive leadership and management Visit our Jamf Engineering blog to learn more about the innovative projects our team is working on and what we learn from each challenge we solve. A blog written by engineers, for engineers at medium.com/jamf-engineering 22 of 25 world's most valuable brands rely on Jamf to do their best work (as ranked by Forbes). Over 100,000 Jamf Nation users, the largest online IT community in the world. The below annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/annual salary to be offered to the selected candidate. Factors include, but are not limited to the scope and responsibilities of the role, the selected candidate's work experience, education and training, the work location as well as market and business considerations. Pay Transparency Range$103,100-$219,700 USD What it means to be a Jamf? We are a team of free-thinkers, can-doers, and problem-crushers. We value humility and the relentless pursuit of knowledge. Our culture flows from a spirit of selflessness and relentless self-improvement - driving both personal growth and collective progress throughout our company. We unite around common goals while respecting personal approaches, believing that fulfilled individuals create a thriving, vibrant workplace. Our aim is simple: hire exceptionally good people who are incredibly good at what they do and let them do it. We provide the support and resources to let everyone be their authentic, best selves at work, at rest, and at play. We are committed to supporting the continual improvement of Apple in the workplace, the organizations that rely on them and the people who keep it all running smoothly. Above it all, waves our banner of #OneJamf - and the knowledge that when we stand together, we accomplish so much more than we could alone. We seek individuals who share this unwavering journey toward growth to join us in our quest for constant improvement. What does Jamf do? Jamf extends the legendary Apple experience people enjoy in their personal lives to the workplace. We believe the experience of using a device at work or school should feel the same, and be as secure as, using a personal device. With Jamf, customers are able to confidently automate Mac, iPad, iPhone and Apple TV deployment, management, and security - anytime, anywhere - to protect the data and applications used by employees in the workplace, students learning in the classroom, and streamline communications in healthcare between patients and providers. More than 2,500 Jamf strong worldwide, we are free-thinkers, can-doers, and problems crushers who are encouraged to bring their whole selves to work each and every day. Get social with us and follow the conversation at #OneJamf Jamf is committed to creating an inclusive & supportive work environment for all candidates and employees. Candidates with disabilities or religious beliefs are encouraged to reach out if they need additional support or alternative options to our recruiting processes to accommodate their disability or religious belief. If you need an accommodation, please contact your Recruiter or Recruiting Coordinator directly. Requests for accommodation will be handled confidentially by Recruiting and will not be shared with the hiring manager. Jamf is an equal opportunity employer and does not discriminate against individuals who request reasonable accommodation for disability or religious beliefs. To request accommodations please email us at *******************

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.

The Security Operations team is responsible for designing and driving information security initiatives at Tricentis including defining and enforcing policy, engineering defensive controls, and responding to incidents. We are seeking a candidate with a strong technical background who can adapt and thrive within a fast-growing SaaS environment. As a Senior Security Analyst, you will be a key component of our front-line defense and overall security posture. Responsibilities Include: Monitoring and reacting to security events Assisting in incident response efforts Planning, coordinating, and/or executing security assessments of networks, systems, applications, and cloud platforms Working with system owners and stakeholders to mitigate issues found in security assessments Assist with governance, risk, and compliance initiatives as needed Developing and curating threat intelligence Working with the greater Information Security team to define and implement security policies, procedures, and controls General awareness of developments in information security and help in guiding the company's response Providing security expertise and advice to other teams within the company Collaborating with other teams to solve business challenges Basic Qualifications: 5+ years of experience in information security concepts, controls, and technology Extensive experience with servers/workstations, computer networks, cloud platforms, their built-in security capabilities and hardening options Experience in a global SOC environment Experience with Azure and/or AWS cloud environments Experience with Log Management/SIEM tools Experience with EDR, Antivirus, and security tools Familiarity with the following security related disciplines with deep experience in several: Vulnerability management Forensic Analysis Application Security Cloud Security Posture Management IAM Penetration Testing Malware analysis Deep technical troubleshooting skills Familiarity with industry or regulatory compliance standards (CIS, NIST, SOC2, etc) Technical degree, certification, and/or 5+ years of experience related to information security Excellent communication skills, and the ability to explain security best practices to a non-technical audience Willingness and aptitude for learning new skills and adapting to new technologies Experience with programming and/or automation software Why Tricentis? Tricentis is currently investing heavily in our information security efforts so that means investing in YOU. We've allocated a budget for training, certifications, conference attendance, etc. and support participation in industry groups as well as speaking at events. As you are joining a company in a growth phase, we are interested in developing individuals that show leadership qualities into those that will build and oversee future teams. In addition to significant growth opportunities, you will get to help build our security stack, sourced from best-in-breed solutions and tooling. Tricentis Core Values: Knowing what we need to achieve and how to achieve it is important. Tricentis core values define our ways of working and the behaviors we model that create an enjoyable and successful Tricentis life. Demonstrate Self-Awareness: Own your strengths and limitations. Finish What We Start: Do what we say we are going to do. Move Fast: Create momentum and efficiency. Run Towards Change: Challenge the status quo. Serve Our Customers & Communities: Create a positive experience with each interaction. Solve Problems Together: We win or lose as one team. Think Big & Believe: Set extraordinary goals and believe you can achieve them. Why You'll Love Working at Tricentis: Market conform salary + success-oriented bonus Supportive and engaged leadership team 401(k) plan, full benefits package available Company paid Disability and Life Insurance Hybrid work environment Tricentis is proud to be an equal opportunity workplace. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran.

SpyCloud is on a mission to make the internet a safer place by disrupting the criminal underground. SpyCloud's solutions thwart cyberattacks and protect more than 4 billion accounts worldwide. Cybersecurity is an exciting, evolving space, and being at the forefront of the fight to disrupt cybercrime makes SpyCloud a special place to work. If you're driven to align your career with a fantastic mission, look no further! *This role can be hybrid out of Austin (preferred) or remote in the United States with occasional travel to the office (around once per quarter) We are looking for a passionate Senior Security Data Analyst/Python Developer to help us parse, transform, and analyze dirty data. The ideal candidate has a thorough understanding of Python, Data analysis techniques, AWS, ETL patterns, and Automation techniques. Our Stack: Python Linux Databases: Relational and NoSQL AWS (EC2, RDS, SQS, S3, Lambda, API Gateway, and more) What You'll Do: Parse and transform structured and unstructured datasets. Build Python-based automation for the parsing platform. Bring order to dirty and/or unstructured data. Develop ETL-style automation scripts. Maintain and improve the existing codebase and infrastructure. Manage the weekly data ingestion process. Collaborate with the team to design and build innovative data systems. Data analysis based on the consumption of blogs for the marketing team. Develop processes, standards and CI/CD pipelines to manage our codebase. Leverage AI to automatically parse data. Requirements: 5-7 years of professional experience as a Python developer. A love of working with data. Familiarity with cleaning/transforming data. Experience building data solutions and automation tools using Python. Proficient in Linux bash/ksh scripting and Regular Expressions. Interest in cybersecurity. Strong understanding of computer science fundamentals (data structures, algorithms, data processing). Experience with relational and NoSQL databases. Excellent communication skills. Great team player. Self-directed, empathetic, and eager to automate repetitive tasks. Able to switch contexts as business needs change. Nice to Have: Background or strong interest in cybersecurity. Familiarity with Git version control system. Experience with AWS (Compute, Storage, Database). Experience working with Infrastructure as Code (we use Terraform and Ansible). SpyCloud is not sponsoring visas at this time. U.S.-Based Benefits + Perks (for Full Time Employees): At SpyCloud, we are committed to working alongside individuals who are equally passionate about preventing cybercrime, regardless of their department or role. Guided by our core values in all business decisions, we prioritize unity in our mission and ensure all SpyCloud employees have the support and benefits they need to stay focused on our goals. In addition to our engaging workspace in South Austin, flexible and remote-friendly work options, and competitive salary package, we offer our employees a comprehensive benefits package that includes: 401(k) with Employer Contribution Health, Vision, and Dental Insurance Health Savings Account (HSA) available with Employer Contribution Employer Paid Life, Short-term, and Long-term Disability Insurance Generous PTO Plan and 16 paid holidays per year U.K.-Based Benefits + Perks (for Full Time Employees): Retirement Savings Plan with Employer Contribution Employer Provided Private Health Insurance and Healthcare Cashplan Employer Paid Life Insurance and Income Replacement Generous Holiday Plan and 14 paid holidays per year About SpyCloud: SpyCloud is on a mission to disrupt the cycle of cybercrime. As the leader in Cybercrime Analytics, our solutions thwart cyberattacks that originate from the use of stolen data, including account takeover, ransomware, and online fraud. More than 550 customers and partners trust SpyCloud to protect users' identities, prevent targeted attacks, and unmask adversaries attempting to harm businesses and their customers. To learn more and see insights on your company's exposed data, visit SpyCloud. Our Mission: Our mission is to make the internet a safer place by disrupting the criminal underground. Together with our customers and partners, we aim to end criminals' ability to profit from stolen information. Who We Are: SpyCloud is a place for innovative, collaborative, and problem-solvers to thrive. Individually, we're amazing, but together, we're unstoppable. We celebrate diversity and various perspectives and aim to create an inclusive and supportive environment for all. We are proud to be an Equal Employment Opportunity and Affirmative Action employer of choice. All aspects of employment decisions will be based on merit, performance, and business needs. We do not discriminate on the basis of any status protected under federal, state, or local law. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. Women, minorities, individuals with disabilities, and protected veterans are encouraged to apply. SpyCloud complies with applicable state and local laws governing nondiscrimination in employment. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. SpyCloud expressly prohibits any form of workplace harassment. Improper interference with the ability of SpyCloud's employees to perform their job duties may result in discipline up to and including discharge. SpyCloud shares the right to work and participates in the E-Verify program in all locations. If you need assistance or accommodation due to a disability, you may contact us. Our Culture: Our culture is something really special. We're all driven to disrupt the cybercriminal economy as we keep customer accounts safe from compromise. We support a truly worthy and serious mission, but we have fun doing it together. If you are driven, inventive, and collaborative, you'll fit right in. SpyCloud's Recruitment Policy: We will never ask an applicant for sensitive or personal financial information during the recruitment process. We advise all applicants seeking employment with SpyCloud to review available information on recruitment fraud. Anyone who suspects that they have been contacted by someone falsely representing SpyCloud should email ********************. Compensation Transparency Policy: At SpyCloud, we believe in transparency and fairness in compensation. We strive to ensure that all employees are fairly compensated for their contributions, and we openly discuss our compensation philosophy and structure. We are committed to providing competitive salaries and benefits packages to attract and retain top talent, and we encourage open dialogue and feedback regarding compensation matters. Learn more and apply: SpyCloud Careers

Junior Information Security Analyst 12 month Contract (with strong potential for extension and career advancement) Our client is seeking a Junior Information Security Analyst to assist in supporting and enhancing cybersecurity initiatives across their organization. This role will focus on implementing and monitoring security controls aligned with the NIST Risk Management Framework, NIST Cybersecurity Framework, and Texas Information Security Standards. This is a great opportunity for an early-career professional eager to gain deep experience in information security within an enterprise environment. Required Qualifications: Bachelor's degree in Cybersecurity, Information Technology, or a related field Security certifications such as CompTIA Security+, GSEC, or equivalent 2+ years of experience in information security, cybersecurity, or a related IT field Working knowledge of common security frameworks including: NIST Risk Management Framework (RMF) NIST Cybersecurity Framework (CSF) Texas Information Security Standards Experience with basic project planning and system development methodologies Strong analytical, communication, and documentation skills Ability to work independently with minimal supervisio Familiarity with enterprise-level IT systems or public-sector environments is highly preferred Key Responsibilities: Assist in implementing and monitoring security measures across systems and applications Support security risk assessments and compliance reviews Help maintain and document security policies, procedures, and standards Coordinate with internal teams and external vendors on security initiatives Assist in identifying and recommending improvements to existing security processes Participate in incident response and audit support activities Support research and evaluation of emerging cybersecurity tools and technologies Genius Road, LLC is proud to be a Certified Women's Business Enterprise, an Equal Opportunity Employer and values diversity. All employment is decided on the basis of qualifications, merit and business need.

Title: Manager, Information Security & Compliance Duration: Fulltime Permanent with Client ________________________________ Responsibilities: Provide leadership, management, and guidance to the Operational Technology Security & Compliance team. Oversee and manage the security patch management, password management, configuration management and logging solution. Develop and maintain maintenance and configuration procedures, schedules and related evidentiary documentation. Manage on-call schedule. Maintain security system standards and NERC compliance in accordance with good utility practices. Manage daily system monitoring, verifying the integrity and availability of hardware, server resources, systems and key processes, reviewing and verifying system and application logs. Coordinate testing and implementing operating system patches in the operations technology environment. Ensure NERC CIP requirements are implemented when performing any work. Requirements: 5+ years of experience managing information security and compliance team. 10+ years of experience with security and compliance functions (Access Management, Threat and Vulnerability Management, Security Monitoring, Patch Management, Password Management, Configuration Management and Logging). Experience supporting CIP compliance is a plus. Experience working with a team required to operate in 24/7 shifts. Strong writing and communication skills. Commitment to providing excellent customer service. Qualifications NERC CIP Additional Information All your information will be kept confidential according to EEO guidelines.

We're looking for a Security Engineer to join Procore's Security Engineering team. In this role, you'll be a senior member of the team, responsible for building and running the foundational security controls that protect our platform, data, and users. Your primary goal is to build and maintain a secure, scalable, and resilient cloud product and infrastructure. As a Security Engineer, you'll partner with Engineering, IT, Security Operations, and GRC to integrate security into new and existing systems. Use your strong experience in cloud security, data protection, and identity and access management to build and deploy automated security controls across our SaaS ecosystem. This is a critical role in strengthening our security posture and protecting the data of millions of users-Apply today. This position reports into the Senior Director, Security Engineering and will be based in our Austin, TX office. We're looking for someone to join us immediately. What you'll do: * Assist in supporting and running pipelines for asset inventory and Software Bill of Materials (SBOM) generation. * Help configure and manage user identities in our cloud and corporate IAM platforms. * Learn about and assist with data protection tools and processes, such as key rotation and access reviews. * Follow best practices to implement secure configurations for our infrastructure under supervision. * Work with team members to test and document security procedures and recovery steps. * Provide data and run reports to support our GRC and Internal Audit teams. * Monitor security alerts and escalate potential issues to senior team members. * Assist in testing and validating new security tools. What we're looking for: * Bachelor's degree in Computer Science or a related field, or equivalent project/internship experience. * 3+ years of experience via internships, co-ops, or related IT/CS roles. * Basic understanding of core security concepts (e.g., "what is IAM?", "what is encryption?"). * Familiarity with at least one major cloud provider (AWS preferred) through coursework or projects. * A strong interest in learning about identity and access management, cloud security, and automation. * Familiarity with IaC (Terraform) or container (Kubernetes) concepts is a plus. * Basic understanding of data protection principles. * A desire to learn automation and scripting (Python, Go, or similar). * Good written and verbal communication skills and a curious, "can-do" attitude. Additional Information Base Pay Range: This role may also eligible for Equity Compensation. Procore is committed to offering competitive, fair, and commensurate compensation, and has provided an estimated pay range for this role. Actual compensation will be based on a candidate's job-related skills, experience, education or training, and location. This position requires access to technology, software, and data that is controlled or restricted under U.S. law, regulation, executive order, or government contract. For Los Angeles County (unincorporated) Candidates: Procore will consider for employment all qualified applicants, including those with arrest or conviction records, in accordance with the requirements of applicable federal, state, and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act. A criminal history may have a direct, adverse, and negative relationship on the following job duties, potentially resulting in the withdrawal of the conditional offer of employment: 1. appropriately managing, accessing, and handling confidential information including proprietary and trade secret information, as well as accessing Procore's information technology systems and platforms; 2. interacting with and occasionally having unsupervised contact with internal/external customers, stakeholders, and/or colleagues; and 3. exercising sound judgment.