Security engineer jobs in Norwalk, CT - 68 jobs

Outcomes. Delivered. Voyatek, formerly GCOM Software and OnCore Consulting, delivers outcome-driven technology solutions to public sector agencies and higher education institutions nationwide. For example, our technology: Facilitates access to nutritious food for children of mothers participating in the WIC program Supports first responders in reducing opioid overdoses within their communities Empowers colleges and universities to identify and thwart financial aid fraud Equips teachers with valuable insights to identify students requiring additional support Enhances efficiency for state tax agencies, leading to 99% faster return processing and quicker refunds for taxpayers With a focus on Tax & Revenue, Health & Human Services, and Justice & Public Safety, Voyatek combines the scale to support large complex projects with the agility and accessibility of a boutique solutions provider. Together, Voyatek and its customers work to improve population wellbeing, create safer communities, and foster a thriving economy. We're more than a technology company -- we're an outcomes company. We encourage our employees to think differently, ask tough questions, and relentlessly pursue what's best for our customers and the residents they serve. We believe that the value of technology is defined by its human impact. If you agree, you've come to the right place. Voyatek is seeking applicants to occupy the position of SAP Security Analyst within our team. Client Details: The New York Power Authority (NYPA) is the largest state public power organization in the United States, renowned for its role in providing clean, affordable, and reliable energy. NYPA's mission is to power New York with clean energy while driving economic growth and sustainability. It focuses on reducing greenhouse gas emissions, modernizing the state's energy infrastructure, and promoting energy efficiency and innovation across sectors. New York Power Authority's (“NYPA”) current on-premise Enterprise Resource Planning (“ERP”) system, SAP ECC 6.0, is almost 20 years old and is approaching technological obsolescence. Systems Application and Products (“SAP”) has already released its statement of intent to end new development on that platform and is planning on removing it from standard support on December 31, 2027. Project Luminate is a program to replace NYPA's current on-premise ERP system with a cloud-based system to ensure an adaptable environment able to meet NYPA's needs. In 2023, NYPA awarded a contract to Gartner Inc. to perform a detailed readiness assessment to define key requirements that the new system has to meet and to identify current business process improvements that are critical to be addressed as a precursor to the transition to a cloud-based platform. Key Responsibilities: Participate in SAP GRC project, enhancement and support and other relevant assignments (as needed) and provisioning across various ERP application environments following the organizational guideline and procedure and perform the below activities. Configure and maintain SAP GRC tools, including Access Control, Risk Management, and Process Control and IAG. Provision and manage user accounts and access to SAP systems, ensuring that all access is granted in accordance with established policies. Design, configure, and maintain roles, authorizations, and user access within S/4HANA, ensuring appropriate access levels for users. Generate reports and conduct audits to monitor SAP security & ITGC controls and ensure compliance including SOD management and configuration. Investigate and resolve GRC-related issues, providing timely support to users and other IT teams. Maintain comprehensive documentation of security policies, procedures, and role designs. Work with cross-functional teams, including IT, business users, and auditors, to ensure alignment of security requirements and best practices. Qualifications: SAP ERP (S/4 Hana is added plus), Workday, Active Directory group, GRC AC 10.1 and above, Microsoft Azure, success factor, applicable functional knowledge for SAP security in the area like Finance, MM, ISU billing etc., SAP audit & compliance. Bachelor's degree in engineering, IT, or related field. 7-10 years of hands-on industry experience in SAP GRC AC and PC implementation and administration. Familiarity with SAP S/4HANA system landscapes, including Fiori authorizations in cloud-based environment (SAP RISE). Proficiency in using SAP security tools and configurations. Ability to identify, analyze, and resolve complex security and compliance issues. Strong interpersonal and communication skills, with the ability to effectively collaborate with diverse teams. The wage range for this role reflects the wide array of factors considered in compensation decisions. These factors include, but are not limited to, skill sets, experience, training, licensure and certifications, and geographic location. Compensation decisions are based on the unique facts and circumstances of each case. A reasonable estimate of the hourly range is $74.00 - $84.00. At Voyatek, we believe in supporting our employees with a comprehensive benefits package designed to enhance their well-being and professional growth. Please note that eligibility for certain benefits may vary based on your role and employment status. Health, Dental, and Vision Insurance Medical, Limited, & Dependent Flexible Spending Accounts (FSA) Health Savings Account (HSA) with Employer Contributions Company-Paid and Voluntary Life Insurance Long and Short-Term Disability Insurance Accident, Critical Illness, & Hospital Indemnity Insurance 401(k) Retirement Plan with Company Match and Immediate Vesting Wellhub Fitness and Wellness Platform Pet Insurance Training Opportunities Employee Referral Bonus Program We are committed to fostering a workplace that supports both your personal and professional aspirations. As part of our commitment to maintaining a compliant workplace, all final candidates will undergo and must pass a comprehensive background screening prior to starting work. This screening may include, but is not limited to, verification of employment history, education, criminal records, and other relevant checks. For certain positions, additional client-specific background screenings may be required in the future, in accordance with client requirements. Voyatek does significant work with Federal and State tax and revenue authorities. If applicable to this role, all hires will be required to obtain a Federal Public Trust Clearance (Moderate Background Investigation). This clearance process may start upon offer acceptance; and must be cleared prior to working on these projects. If you think you are a good fit for us, we encourage you to apply. Check out our career website for all open positions! Voyatek provides equal employment opportunities to all employees and applicants for employment. Voyatek will make employment decisions without regard to race, color, creed, ancestry, national origin, citizenship, sex or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status or domestic violence victim status, religion, age, disability, genetic information, service in the military, or any other characteristic protected by applicable federal, state, or local laws and ordinances. Employment decisions include all terms and conditions of employment, including recruitment and hiring, job assignment/placement, promotion, upgrading, demotion, termination, layoff, recall, transfer, leave of absence, rates of pay or other compensation, internship, and training.

This role is Hybrid, 3 days a week to any local, US based UL Solutions Office. We are seeking a highly skilled Cloud Security Engineer with strong Application Security expertise to join our security architecture team. This role will be responsible for designing, implementing, and maintaining secure cloud environments and applications across multi-cloud platforms, with a focus on Azure. The ideal candidate will have hands-on experience with cloud-native security tools, DevSecOps practices, and compliance frameworks such as NIST 800-53, SOC 2, and CIS Controls. Cloud Security Engineering + Design and implement security controls for cloud infrastructure (Azure, AWS, GCP). + Develop and maintain security architecture patterns (e.g., hub-and-spoke, Zero Trust). + Integrate security tools such as Wiz, Microsoft Defender for Cloud, Silverfort, and Terraform. + Conduct threat modeling and risk assessments for cloud-native services. + Collaborate with IAM, SOC, and GRC teams to align cloud security with enterprise policies. Application Security + Perform secure code reviews, static/dynamic analysis, and vulnerability assessments. + Integrate security into CI/CD pipelines using tools like Snyk, Checkmarx, or Veracode. + Guide development teams on secure coding practices and OWASP Top 10. + Design and implement API security strategies including OAuth2, OpenID Connect, and mTLS. + Support remediation of application vulnerabilities and provide technical guidance. Compliance & Governance + Map cloud and application security controls to compliance frameworks (NIST 800-53, SOC 2, CIS). + Assist in audits and evidence collection for regulatory compliance. + Maintain documentation of security architecture, policies, and procedures. + Bachelor's degree in Computer Science, Cybersecurity, or related field. + 3-4 years of experience in cloud security engineering and application security. + Strong understanding of Azure security services and architecture. + Experience with infrastructure-as-code (Terraform, Bicep). + Familiarity with Snowflake security features and data protection strategies. + Knowledge of identity and access management (Azure AD, Conditional Access, MFA). + Hands-on experience with DevSecOps tools and practices. Preferred Qualifications + Certifications: Azure Security Engineer Associate, CISSP, CCSP, OSCP, or GIAC. + Experience with multi-subscription Azure environments. + Familiarity with Zero Trust architecture and implementation. + Experience with security automation and orchestration. Soft Skills + Strong analytical and problem-solving skills. + Excellent communication and collaboration abilities. + Ability to work independently and in cross-functional teams. + Passion for continuous learning and staying current with security trends. What you'll experience working for ULS UL Solutions has been pioneering change since 1894 and we're still leading the way. From day one, we've blazed a trail protecting the planet and everyone on it. Our teams have influenced billions of products, plus services, software offerings and more. We break things, burn things and blow things up. All in the name of safety science. That's where you come in - because none of it could happen without you. It takes passion to protect people, problem-solving to safeguard personal data and conviction to make the world a more sustainable place. It takes bold ideas and brilliant minds to build a better world for future generations across the globe. This is more than a job. It's a calling. A passion to use our expertise and play our part in creating a more secure, sustainable world today - and tomorrow. As a member of our safety science community, you'll use your ideas, your energy and your ambition to innovate, challenge and ultimately, help create a safer world. Everyone here is unique. But we're also a global community, working together to help create a safer world. Join UL Solutions and you can connect with the brightest minds in the business, all bringing their distinct perspectives and diverse backgrounds together to deliver real change. Empowering our customers to keep the world safe means thinking ahead. It means investing in training and empowering our people to learn and innovate. At UL Solutions, we help build a better future - one where everyone benefits. Join UL Solutions to be at the center of safety. To learn more about us and the work we do, visit UL.com Total Rewards: We understand compensation is an important factor as you consider the next step in your career. The estimated salary range for this position is $95,000 to $120,000 and is based on multiple factors, including job-related knowledge/skills, experience, geographical location, as well as other factors. This position is eligible for annual bonus compensation with a target payout of 10% of the base salary. This position also provides health benefits such as medical, dental and vision; wellness benefits such as mental and financial health; and retirement savings (401K) commensurate with the standard rewards offered in each individual location or country. We also provide full-time employees with paid time off including vacation (15 days), holiday including floating holidays (12 days) and sick time off (72 hours). #LI-SG2 #LI-Hybrid UL LLC has been and will continue to be an equal opportunity employer. To assure full implementation of this equal employment policy, we will take steps to assure that: Persons are recruited, hired, assigned and promoted without regard to race, color, age, sex or gender, sexual orientation, gender identity, gender expression, transgender status, religion, creed, national origin, ethnicity, citizenship, ancestry, disability, genetic information, military or veteran status, pregnancy, marital or familial status, or any other protected category under applicable law.

SonSoft , Inc. is a USA based corporation duly organized under the laws of the Commonwealth of Georgia. SonSoft Inc is growing at a steady pace specializing in the fields of Software Development, Software Consultancy and Information Technology Enabled Services. Job Description LENGTH: 12 MONTHS, OPTION TO HIRE JOB ID: 1912185274 JOB TITLE: ACTIVE DIRECTORY ENGINEER - SME GC/EAD OR CITIZEN - OPTION TO HIRE POSITION SUMMARY: MUST HAVE a Security Background. Responsible for supporting and maintaining Microsoft Active Directory. Familiar with the Microsoft Windows Server Operating system, , and VMWare Virtualization technologies in the environment. This includes planning for and responding to service outages and other problems, and being a Tier 3 escalation point for moderately complex Active Directory problems beyond the knowledge of other technical support staff. Ensures customer satisfaction by advising customers on preventative maintenance and configurations which may impact product performance. Takes responsibility for potential or desired follow-up services or problem escalation. Fully qualified server engineer. High degree of troubleshooting. Self-starter needing little to no guidance. Additional Information NOTE : ONLY GCEAD , GC AND CITIZEN

What you'll do • Design and implement comprehensive data security architectures, with particular focus on database platforms (primarily SQL Server) • Develop and maintain enterprise-wide encryption strategies for securing structured and unstructured data both in transit and at rest, both and both on-premise and in the cloud • Enhance logging, monitoring and SecOps capabilities of enterprise databases and other data stores • Configure and optimize Identity and Access Management (IAM) solutions across data platforms and repositories to align to least privilege principles • Implement Data Loss Prevention (DLP) strategies and controls • Implement and maintain Information Rights Management (IRM) and Digital Rights Management (DRM) solutions • Design and implement data tokenization strategies where appropriate • Secure data processing pipelines and ensure appropriate controls for data workflows • Create and maintain data security documentation, including policies, procedures, and standards • Collaborate with development teams to ensure security best practices in data handling • Conduct vulnerability assessments of the firm's database architecture and associated data storage and processing systems • Assist in monitoring and managing security patching and upgrade processes for database platforms What's required • Bachelor's degree in computer science, cybersecurity, or related technical field • 6+ years of experience in data/database security engineering and governance • Deep expertise in database security, particularly SQL Server • Comprehensive understanding of data warehouse/data lake architectures and tools, particularly Databricks (required) • Subject matter expertise in Object Storage (eg: S3, Azure Blob, etc) and related security • Understanding of Active Directory Delegation (constrained vs. unconstrained) and associated best practices • Experience with 3rd-party SQL Server security governance and monitoring products (eg: Idera, Solarwinds) • Extensive knowledge of encryption technologies for both structured and unstructured data • Broad knowledge of secure data/file sharing solutions and ETL workflows • Experience designing and implementing data tokenization solutions • Experience with data classification and DLP technologies • Scripting/automation capabilities (eg: SQL, PowerShell, Python) • Commitment to the highest ethical standards Qualifications Ivy league colleges education preferred or huge plus. Additional Information All your information will be kept confidential according to EEO guidelines.

Duration: 6+ Months Experienced Firewall administrator for operational implementation, maintenance and configuration of firewalls. Key Responsibilities: Performs maintenance and changes in firewalls as required. Implementation of new firewalls as required Assists with troubleshooting network connectivity as it relates to firewalls Utilizes change management, request, and ticketing systems, documents status updates and problem resolutions Complete All assignments in a timely manner with an acceptable level of quality Maintains documentation related to work area Completes network change requests Follows documented processes, procedures and policies Performs customer service duties and responds to customer and project requests as defined by management Other related duties assigned as needed. Qualifications/Requirements: Bachelor's degree and with 3 to 4 years of operational experience administering Firewalls 4 or more years networking/firewall background Must have networking TCP/IP routing protocol experience Desired Characteristics: In-depth experience in security aspects of multiple platforms, operating systems, software, communications and network protocols is desired Competency in verbal, written, and presentation communications and interpersonal understanding Ability to understand customer's business needs. Leadership of work teams/groups Ability to work with all levels of employees Highly motivated and able to work effectively under minimal supervision in a fast-paced environment Team-oriented, placing priority on quality and the successful completion of team goals Organization and planning skills that include: time management, project coordination and management, and the ability to handle multiple deadlines and associated pressures. Competency in developing effective solutions to business problems Ability to analyze problems and to make decisions REQUIRED SKILLS YEARS OF EXPERIENCE WHEN THE SKILL WAS LAST USED Expert knowledge of Cisco Security products, ASA and Firepower Expert knowledge of NSX Expert knowledge of Palo Alto systems Security Certifications a Plus Must have networking TCP/IP routing protocol experience Networking/firewall background Operational experience administering Firewalls Additional Information All your information will be kept confidential according to EEO guidelines.

Our client, a leading organization in the technology and networking sector, is seeking a Lead Network Security Engineer to join their dynamic team. As a Lead Network Security Engineer, you will be a hands-on leader, providing technical oversight for an engineering team throughout their services execution, ensuring engineers are technically prepared, projects are completed successfully and efficiently, and client expectations are exceeded. The ideal candidate will demonstrate strong leadership, technical expertise, and a passion for delivering innovative solutions, which will align successfully in the organization. **Job Title:** Lead Network Security Engineer **Location:** Hauppauge, New York **Pay Range:** $185,000 - $185,000 **What's the Job?** + Oversee the execution of complex network and security projects, from initial design and staging to installation, validation, and troubleshooting. + Provide guidance and quality assurance for network designs that align with business objectives, budgets, and operational support capabilities. + Support and lead troubleshooting efforts for intricate network and security issues, guiding team members during deployments. + Serve as a technical leader in client interactions, including escalations and pre-sales activities for professional services engagements. + Collaborate with sales, pre-sales, project management, and engineering teams to deliver integrated solutions and meet project goals. **What's Needed?** + Proven experience with complex multi-protocol routing and switching, including designing, configuring, and troubleshooting with Cisco best practices. + Deep knowledge of core routing and switching platforms (e.g., Cisco) and advanced networking concepts such as OSPF, BGP, EIGRP, and IP addressing design. + Strong understanding of TCP/IP protocol stack, OSI model, and TCP/UDP ports and services. + Experience deploying cloud networking solutions in AWS, Azure, and Google Cloud Platform, as well as SD-WAN solutions like Viptela or Palo Alto Prisma SD-WAN. + Ability to deploy and manage security solutions from vendors like Palo Alto Networks and Cisco, ensuring secure network infrastructure. **What's in it for me?** + Opportunity to lead and influence high-impact networking projects in a forward-thinking organization. + Access to a comprehensive benefits package and bonus opportunities. + Work in a collaborative environment that values innovation and professional growth. + Engage with cutting-edge technologies and solutions in networking and security. + Be part of a company recognized for diversity, inclusion, and ethical practices. **Upon completion of waiting period consultants are eligible for:** + Medical and Prescription Drug Plans + Dental Plan + Vision Plan + Health Savings Account + Health Flexible Spending Account + Dependent Care Flexible Spending Account + Supplemental Life Insurance + Short Term and Long Term Disability Insurance + Business Travel Insurance + 401(k), Plus Match + Weekly Pay If this is a role that interests you and you'd like to learn more, click apply now and a recruiter will be in touch with you to discuss this great opportunity. We look forward to speaking with you! **About ManpowerGroup, Parent Company of: Manpower, Experis, Talent Solutions, and Jefferson Wells.** _ManpowerGroup (NYSE: MAN), the leading global workforce solutions company, helps organizations transform in a fast-changing world of work by sourcing, assessing, developing, and managing the talent that enables them to win. We develop innovative solutions for hundreds of thousands of organizations every year, providing them with skilled talent while finding meaningful, sustainable employment for millions of people across a wide range of industries and skills. Our expert family of brands -_ **_Manpower, Experis, Talent Solutions, and Jefferson Wells_** _- creates substantial value for candidates and clients across more than 75 countries and territories and has done so for over 70 years. We are recognized consistently for our diversity - as a best place to work for Women, Inclusion, Equality and Disability and in 2023 ManpowerGroup was named one of the World's Most Ethical Companies for the 14th year - all confirming our position as the brand of choice for in-demand talent._ ManpowerGroup is committed to providing equal employment opportunities in a professional, high quality work environment. It is the policy of ManpowerGroup and all of its subsidiaries to recruit, train, promote, transfer, pay and take all employment actions without regard to an employee's race, color, national origin, ancestry, sex, sexual orientation, gender identity, genetic information, religion, age, disability, protected veteran status, or any other basis protected by applicable law.

E*Pro Consulting service offerings include contingent Staff Augmentation of IT professionals, Permanent Recruiting and Temp-to-Hire. In addition, our industry expertise and knowledge within financial services, Insurance, Telecom, Manufacturing, Technology, Media and Entertainment, Pharmaceutical, Health Care and service industries ensures our services are customized to meet specific needs. For more details please visit our website ****************** Job Description SAP Security & GRC Additional Information All your information will be kept confidential according to EEO guidelines.

Job Title: Cybersecurity & Network EngineerJob Description The Cybersecurity & Network Engineer is responsible for designing, securing, and operating the organization's IT infrastructure across on-premise and cloud environments. This hands-on role is crucial in strengthening the network backbone and enhancing the organization's cybersecurity posture. The engineer will configure firewalls, switches, and virtual environments, perform penetration tests, audits, and respond to incidents. Responsibilities + Design, implement, and maintain reliable LAN, WAN, and WLAN networks. + Configure and secure switches, routers, firewalls, VPNs, and wireless access points. + Manage routing, segmentation, and performance in virtualization environments and ensure secure on-premise to cloud connectivity. + Troubleshoot and resolve complex networking and infrastructure issues. + Conduct and support security audits, vulnerability assessments, and penetration tests. + Monitor, detect, and respond to cybersecurity events within SecOps processes. + Implement and enforce policies and controls aligned with security frameworks. + Maintain system/network hardening baselines, patch compliance, and incident recovery, including backup validation and business continuity planning. + Align network and security engineering with enterprise governance, risk, and compliance objectives. + Develop and maintain documentation, policies, SOPs, and audit evidence. + Partner with cross-functional teams to deliver secure-by-design projects and technology initiatives. Essential Skills + Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or equivalent experience. + 7+ years combined experience in cybersecurity and network engineering. + Expertise in firewall, router, and switch configuration and management. + Proficiency in network segmentation and VPN design. + Experience with security audits and vulnerability remediation. + Knowledge of Windows and Linux administration. + Understanding of virtualization and hybrid-cloud connectivity. + Familiarity with identity and access management (MFA, RBAC, PAM). + Competence in incident response and documentation. Additional Skills & Qualifications + Preferred certifications include CCNP, Security+, CISSP, or equivalent. + Analytical mindset with strong troubleshooting skills. + Attention to detail and documentation discipline. + Ability to work independently and collaboratively across teams. + Commitment to continuous learning and security excellence. Work Environment The role requires working with advanced technologies in a collaborative environment. The candidate will engage with various teams to support secure network and cybersecurity operations. The work involves both on-premise and cloud environments, ensuring robust infrastructure and data protection. Job Type & Location This is a Permanent position based out of Ronkonkoma, NY. Pay and Benefits The pay range for this position is $140000.00 - $165000.00/yr. 90 days you will be eligible to participate in our benefits program, which includes medical, dental, vision insurance, 401(k), STD, LTD, Life Insurance, etc., all of which will be described in more detail during your employee orientation. In addition, you will receive two (2) weeks of vacation, in addition to six (6) sick days, which you begin accruing upon your date of hire and can use upon the completion of 90 days Medical, dental, and vision coverage for you and your eligible dependents. We have two types of plans with many different options. The benefit package is contributory. For example, should you choose to join Oxford Liberty your weekly contribution would be $40.00 which includes the cost of health, dental and vision. This includes a gym membership reimbursement if you meet the qualifications. Short-Term Disability Plan (STD) This benefit would pay sixty percent (60%) of your regular salary for a period of time up to twelve (12) weeks should you become disabled. New York State STD This benefit provides weekly cash benefits to replace, in part, wages lost due to injuries or illnesses that do not arise out of or in the course of employment. Long-Term Disability Plan (LTD) This benefit would pay sixty percent (60%) of your regular salary for an extended period of time. 401K and Company Match Life Insurance Full-time employees are eligible for and are automatically enrolled in a group term life insurance program. The Company pays the premium for this program. Mass Mutual Life Insurance Employees have the option to purchase an additional insurance plan up to $500,000 Tuition Reimbursement Policy will reimburse an employee up to a maximum of $5,250.00 per year for continuing education through an accredited program that either offers growth in an area related to his or her current position or that which may lead to promotional opportunities. Flexible Spending Accounts help you save money by allowing you to pay for certain types of healthcare, dependent care, and commuter expenses on a pre-tax basis Supplemental/voluntary plans HSA Life Insurance Accidental Accident Cancer Care Employee Assistance Program Identity Theft Insurance (company provided) Pet Insurance Workplace Type This is a hybrid position in Ronkonkoma,NY. Application Deadline This position is anticipated to close on Feb 6, 2026. About Aston Carter: Aston Carter provides world-class corporate talent solutions to thousands of clients across the globe. Specialized in accounting, finance, human resources, talent acquisition, procurement, supply chain and select administrative professions, we extend the capabilities of industry-leading companies. We draw on our deep recruiting expertise and expansive network to meet the evolving needs of our clients and talent community with agility and excellence. With offices across the U.S., Canada, Asia Pacific and Europe, Aston Carter serves many of the Fortune 500. We are proud to be a ClearlyRated Best of Staffing double diamond winner for both client and talent service. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. If you would like to request a reasonable accommodation, such as the modification or adjustment of the job application process or interviewing process due to a disability, please email astoncarteraccommodation@astoncarter.com (%20astoncarteraccommodation@astoncarter.com) for other accommodation options.

For over 75 years, BIC has been creating ingeniously simple and joyful products that are a part of every heart and home. As a member of our team, you'll be a part of reigniting a beloved brand as we continue to reimagine everyday essentials in new, sustainable and responsible ways. Our "roll up your sleeves and get the job done" approach to work creates an environment where self-starters, problem solvers and innovative thinkers thrive. BIC team members are empowered to take ownership of their careers and bring their unique perspectives to the table to make a meaningful impact on our mission. It's a colorful world - make your mark by joining the BIC team today. As **Senior Cybersecurity Engineer,** you will collaborate and partner with a global, cross-functional team to build cybersecurity capabilities and improve maturity. This role involves designing, implementing, and managing security technology to protect the company from cyber threats. Besides, you will support incident response, investigations, playbook development and efforts to identify and mitigate risk. **In this role you will:** + Analyze, triage, and investigate alerts from various sources to determine the appropriate response or escalation + Document analysis, findings, and actions for case management and metrics + Support security incident response planning, procedure/playbook development and investigations + Participate in on-call rotation for off-hours escalations + Administer, optimize, and maintain the health of security tools, such as endpoint protection and response (EDR), network detection and response (NDR), and logging pipelines (Syslog/Cribl). + Assist with remediation of identified security risks + Minimum 6 years' experience in Information Technology or Cybersecurity + IT or cybersecurity certifications from industry recognized sources preferred **What you bring to BIC:** + Minimum 6 years' experience in Information Technology or Cybersecurity + IT or cybersecurity certifications from industry recognized sources preferred + Prior experience interpreting or analyzing log data and working with log pipelines + Triaging alerts from various sources, following playbooks, and escalating legitimate issues + Knowledge of security tools such as endpoint protection, firewalls, intrusion prevention, SIEM and EDR (CrowdStrike) + Strong understanding of Windows server and desktop operating systems, networking fundamentals, security concepts, Active Directory, Microsoft Azure, Office 365. + In-depth analytical and problem-solving skills to resolve complex issues BIC is an Equal Opportunity Employer. We strongly commit to hiring people with different backgrounds and experiences to help us build better products, make better decisions, and better serve our customers. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, veteran status, disability status, or similar characteristics. All employment is decided based on qualifications, merit, and business need. BIC is not seeking assistance or accepting unsolicited resumes from search firms for this employment opportunity. Regardless of past practice, all resumes submitted by search firms to any team member at BIC via email, or directly to a BIC team member in any form without a valid written search agreement in place for that position will be deemed the sole property of BIC, and no fee will be paid in the event the candidate is hired by BIC as a result of the referral or through other means.

The Engineer will design, deploy, maintain, monitor, optimize, and document security solutions across all of JetBlue's environments. The Engineer will conduct tests and validate that the security solutions and controls are properly implemented and effective. The Engineer participates in identifying security gaps within production systems, proposes security solutions, and drives projects to completion. Essential Responsibilities * Design, develop, and implement security solutions * Enforce information security policies, standards, and develop procedures supporting security solutions * Create project plans, define milestones, identify dependencies, and bring projects to closure * Deliver technical reports and formal testing results on test findings * Develop and maintain internal tools which automate redundant operation Intrusion Prevention System (IPS) al tasks * Respond to escalations for service issues, problems, and critical situations to support resolution and response procedures * Evaluate new technologies and/or processes to enhance security capabilities * Automate security operations using scripting (Python, Bash, PowerShell) and orchestration tools * Apply data-driven approaches to threat analysis, leveraging metrics and trends to guide remediation and prevention * Integrate automation frameworks and pipelines for security deployment * Engineer and administer SIEM platforms (e.g., Splunk, Cribl, Nxlog), including data source onboarding, log parsing, field extraction, and index optimization * Design and secure containerized and cloud-native architectures using Docker, Kubernetes, and microservices * Collaborate with teams to strengthen application and web security controls, including secure web gateways, Web application Firewall (WAF), API protection, and mitigation of OWASP Top 10 vulnerabilities * Other duties as assigned Minimum Experience and Qualifications * Bachelor's Degree in Computer Science, Information Technology, or an Engineering or relevant field; OR demonstrated capability to perform job responsibilities with a High School Diploma/GED and at least four (4) years of previous relevant work experience * Three (3) years of information security or other relevant experience * Proficiency with identity and access management principles * Proficiency with Cloud technologies such as Storage, Messaging Queues, Container Services, APIs, EventHubs, VMs * Proficiency with Networking, ACLs, and network device functions (routers, firewalls, load balancers) * Proficiency with security device functions such as Intrusion Detection and Prevention Systems, Web Application Firewalls, Data Loss Prevention, encryption, and endpoint security * Proficiency with risk, security controls, compliance, authentication, authorization, and accountability * Extensive hands-on experience with Linux-based systems (e.g., RHEL, Ubuntu, Debian), including system administration, service management (systemctl), log analysis, text editing (vim/nano), and backup operations (tar, rsync) * Strong background in cloud platforms such as Microsoft Azure, AWS, and Google Cloud Platform (GCP), including cloud-native security and architecture design * Available for occasional overnight travel (10%) * Must pass a pre-employment drug test * Must be legally eligible to work in the country in which the position is located * Authorization to work in the US is required, this position is not eligible for visa sponsorship Preferred Experience and Qualifications * Security+ (or equivalent) certification * Knowledge of Information Security principles * Ability to work collaboratively during incidents involving potential attacks (e.g., scans, MITM, DoS/DDoS, malware) * Experience in Security Automation Platforms such as Cortex XSOAR * Experience with container security and securing distributed microservice environments * Hands-on experience with SIEM tools, logging pipelines, and data analytics to support proactive threat hunting * Strong understanding of automation, orchestration, and infrastructure-as-code (Terraform, Ansible) * Demonstrated expertise in web and application security, including WAFs, secure APIs, and OWASP Top 10 mitigation * Willingness and aptitude to develop in-depth knowledge of network and endpoint security technologies and continuously improve these skills * Strong communication skills to articulate technical processes to diverse audiences Crewmember Expectations * Regular attendance and punctuality * Potential need to work flexible hours and be available for short-notice response * Able to maintain a professional appearance * Assist with light aircraft cleaning when traveling on JetBlue flights (time permitting) * Must embody JetBlue's core values: Safety, Caring, Integrity, Passion, and Fun * Promote JetBlue's #1 value of safety as a Safety Ambassador, supporting SMS components and behavioral standards * Identify and report safety or security concerns via JetBlue's confidential reporting systems * The use of ChatGPT or any other automated tool during the interview process will disqualify a candidate from being considered for the position. * Equipment: * Computer and other office equipment * Sometimes there's an additional bullet, i.e., mobile phone or tablet Work Environment: * Traditional office environment Physical Effort: * Generally not required, or up to 10 pounds occasionally, 0 pounds frequently (Sedentary) Compensation: * The base pay range for this position is between $90,500.00 and $128,600.00 per year. Base pay is one component of JetBlue's total compensation package, which may also include access to healthcare benefits, a 401(k) plan and company match, crewmember stock purchase plan, short-term and long-term disability coverage, basic life insurance, free space available travel on JetBlue, and more #LI-AC1 #LI-Hybrid JetBlue Airways is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status, or any other legally protected basis.

The OT Security Engineer, Global Information Security (GIS) will have primary responsibility for Crane's Operational Technology security solutions that protect Crane's manufacturing environments. You will implement OT and IoT security solutions throughout the enterprise and ensure that OT/IoT security solutions identify threats, uncover vulnerabilities, and measure risks of operational equipment. Coordinating with both IT and OT teams at all manufacturing sites, you will define and develop security standards and technical solutions. As a subject matter expert in the hardening and defense of OT, you will work with business units to implement security standards, securely modify systems, and implement secure network architectures during implementations of OT related projects to ensure secure system deployments. You will work closely with other GIS functional areas, supporting security engineering, administration, operations, and incident response. You will integrate the OT/IoT security solutions with other GIS and business unit tools such as SIEM, SOAR, AD, and other tools to gain a unified view of security events and respond more effectively to security incidents both for OT and IT. Responsibilities and Duties: * Support and maintain OT/IoT security tool set and associated integrations with other systems * Collaborate with the manufacturing function across lines of business to develop and define security requirements * Design OT security controls for architectures, systems and networks ensuring that alerting to threats is efficient and effective. * Identify and implement supporting security technologies for the identification of threats and defense of OT systems and provide secure methods for remote access. * Work directly with plant leaders, process engineers, and support/system vendors to ensure OT security controls are implemented * Develop and implement standard work supporting the Global OT security function and supporting solutions * Develop and maintain security models, templates, standards and procedures that can be used to leverage security capabilities in projects and operations * Assist in the identification, response, investigation, and remediation of OT security events and incidents as needed * Ensure security best practices are identified and integrated into all approaches and methodologies. * Define requirements and design standards to protect Crane's OT solutions from security threats and for mitigating the impacts of these threats. * Define reference network architectures based on industry best practices and work with business units to implement for OT solutions * Consult on business unit OT projects and provide cybersecurity expertise Qualifications and Competencies: * 2yrs experience with securing Operational Technology and related systems environments * Strong understanding and prior experience with the application of securing OT and related systems * Current deep technical understanding of common OT systems such as PCS, SCADA, PLCs, RTUs, HMIs, CNC * Deep technical understanding of TCP/IP Networking and Firewalls * Deep technical understanding of system integration methods including API's and authentication methods * Knowledgeable in NIST CSF, NIST 800-82, Purdue Model, IEC 62443 standards * Solid foundation cybersecurity domains such as network security, EDR, anomaly detection * Understanding of common OT communications protocols such as MQTT, MODBUS, DNP3, S7, G-code * Comfortable with designing and overseeing the implementation of secure OT architectures * Prior experience in the direct remediation of vulnerabilities or compensating controls within OT environments * Commitment to security training and earning corresponding certifications * Highly motivated with passion for solving complex problems * Excellent verbal and written communication skills, comfortable with presenting to Operational Teams * Flexibility to work outside regularly scheduled/normal business hours as required * Ability and desire to travel both domestically and internationally * Required: Degree in a related field or at least 4 years relevant professional experience * Required: Mobility and ability to be on your feet for long periods in a manufacturing setting * Required: Technical professional security certification such as GICSP, GRID, OSCP, CEH or similar * US Person as defined under EAR PART 772 AND ITAR 120.15 #LI-AH3 This description has been designed to indicate the general nature and level of work being performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Crane Company. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, gender, sexual orientation, general identity, national origin, disability or veteran status.

**Duration: 12 months contract (with possible extension)** ***Note: Open to candidates who are willing to relocate at their own expense.** + The Workday Application Security Analyst is responsible for ensuring the confidentiality, integrity, and availability of data within the Workday system. + They design, implement, and maintain security configurations, including roles, permissions, and access controls, to protect organizational data and comply with company policies, industry standards, and regulatory requirements. **Job Functions & Responsibilities** + Develop and implement security roles, domain security policies, data and business process security within Workday + Ensure secure integration with other on‐premise and cloud applications like GRC tools + Configure and manage access permissions to ensure users have the appropriate level of access to data and functionality + Ensure compliance with company policies, industry standards (like SOC 2), and regulatory requirements (like GDPR) + Conduct regular security audits and assessments to identify vulnerabilities and areas for improvement + Assist in investigating and responding to security incidents, identifying root causes, and implementing preventive measures + Collaborate with IT, HR, and other stakeholders to align security efforts with business needs and ensure effective communication of security policies and procedures + Create and maintain documentation for security policies, procedures, and configurations, and provide training to users on security best practices + Stay abreast of Workday updates, industry trends, and emerging security threats to continuously improve security configurations and processes + Familiarity with other ERPs like SAP is preferred + Familiarity with GRC and Workday SoD (Segregation of Duties) management is desired **Skills** + SAP ERP (S/4 HANA is a plus) + Workday + Active Directory group management + GRC AC 10.1 and above + Microsoft Clienture + SuccessFactors + Applicable functional knowledge for SAP security areas like Finance, MM, ISU billing, etc. + SAP audit & compliance **Education & Certifications** + Bachelor's degree in engineering, IT, or related field + 7-10 years of hands‐on industry experience in Workday Security implementation and administration + Strong ITGC compliance knowledge for Workday + Familiarity with Workday risk management and GRC integration + Ability to identify, analyze, and resolve complex security and compliance issues + Strong interpersonal and communication skills, with the ability to effectively collaborate with diverse teams ** About US Tech Solutions:** US Tech Solutions is a global staff augmentation firm providing a wide range of talent on-demand and total workforce solutions. To know more about US Tech Solutions, please visit *********************** (*********************************** . US Tech Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

This is a hybrid role with 1-3 days in the office in Irvington, NY. We are seeking candidates who will not require sponsorship now or in the future We are seeking a Security Engineer to join our team and protect the systems, networks, and data essential to our business. In this position, you will focus on securing our corporate IT infrastructure, maintaining regulatory compliance, and ensuring the safety of our e-commerce platforms. Dimensions and Contacts Internal Collaboration The Security Engineer collaborates extensively with various cross-functional teams within the organization. These include IT Operations, Network Engineering, Software Development, Cloud Infrastructure, and Governance, Risk, and Compliance (GRC). In this capacity, the Security Engineer offers technical security guidance, supports project teams during the solution design phase, and works directly with system owners to implement secure configurations and controls. Business Stakeholders This role involves frequent interaction with product managers, business analysts, and departmental leaders to fully understand business requirements. The Security Engineer assesses the potential security impacts of business initiatives and communicates related risks in clear and actionable terms, ensuring all stakeholders remain informed and engaged. Security and Incident Response The Security Engineer coordinates closely with the Cybersecurity team, Security Operations Center (SOC) analysts, and incident responders during threat investigations, vulnerability remediation, and security events. The individual may also serve as a technical escalation point for security-related issues, providing expertise and leadership during critical incidents. External Contacts Interaction with external parties is a key aspect of this role. The Security Engineer engages with vendors, managed service providers, penetration testers, and auditors to evaluate new technologies, validate security controls, and support both security assessments and compliance activities for the organization. Cross-Organizational Influence The Security Engineer plays an influential role across the enterprise by providing security training, raising awareness, and offering consultation to various teams. Additionally, the individual contributes to architectural decisions and participates in the development of security policies and standards. Summary of Responsibilities * Ensure that Eileen Fisher, Inc. consistently upholds PCI compliance across both retail and e-commerce channels. * Establish protection goals, objectives, and metrics in alignment with the corporate strategic plan and IT governance requirements. Lead the annual risk assessment and policy review processes. * Work with 3rd-party providers and vendors to configure, monitor, and optimize Web Application Firewalls (WAFs) to protect e-commerce and customer-facing websites. * Direct the development, implementation, and maintenance of IT security policies, standards, and procedures to support ongoing security efforts. * Provide day-to-day management for operational security responsibilities, including network, email, endpoint, application systems security, and system access controls. * Supervise incident response activities and investigations of security breaches, ensuring the appropriate dissemination of information related to such events. * Oversee patch management and additional security operations functions, including sensitive data handling and certificate management. * Review and analyze data from various security logging systems, scanners, and tools to identify potential threats and incidents. * Collaborate with IT infrastructure and application teams to embed security best practices within development and deployment workflows. * Maintain comprehensive security documentation, encompassing policies, standards, and procedures. * Design, implement, and sustain security technologies, tools, and processes (e.g., IDS/IPS, honeypot, SIEM, endpoint protection) PERFORMS OTHER RELATED DUTIES AND ASSIGNMENTS AS REQUIRED. Required Experience * Minimum of 3-5 years of experience with managing all aspects of PCI Compliance * Experience with e-commerce security, including securing payment gateways, APIs, and customer data * Knowledge of web application security (OWASP Top 10, WAF, bot mitigation) * Experience configuring and managing honeypots, IDS/IPS, and endpoint protection * Familiarity with cloud security (AWS IAM, Microsoft Defender, Azure Defender, GCP Security Command Center) * Conducting penetration testing, vulnerability management, and remediation. * Experience with identity and access management (IAM) and SSO/MFA integrations (Okta, Azure AD,) * Strong understanding of encryption, TLS/SSL, PKI, and key management. * Scripting/automation skills in Python, Bash, or PowerShell. * Hands-on experience with SIEM solutions * Experience with securing AWS and Linux environments, preferably in a regulated environment subject to HIPAA or PCI-DSS * An automation-first mindset * Preferred certifications include: o PCIP o Security+ or SSCP o Firewall/network o Cloud security certification Education: Bachelors degree or equivalent experience. The salary range for this position is $80,000 - 100,000/year depending on relevant experience. We offer a competitive total package, including health benefits, generous paid time off, wellness reimbursement, etc. EILEEN FISHER, Inc. is an equal-opportunity employer and is committed to providing a workplace free from harassment and discrimination. We are committed to recruiting, hiring, training and promoting qualified people of all backgrounds, and make all employment decisions without regard to any protected status.

We are seeking a Senior Security DevOps Engineer who will be responsible for a variety of objectives resulting in risk mitigation and remediation of internal & external security threats. This role performs advanced threat analysis, threat intelligence gathering & reporting, incident response activities, improves accuracy of security systems, improves existing processes, and works on Cybersecurity focused projects. Contract to hire Onsite 2 days a week located in New York Cybersecurity - Cyber Intelligence & Incident Response Responds to and remediates email, endpoint, threat intelligence, and network-based threats; provides forensic investigation and support. Provides after-hours support as needed for response activities. Integration experience. Collaborates with cross divisional and Cybersecurity teams to continuously improve security capabilities and response to threats in the most efficient and effective manner. Assists with projects to implement advanced technologies to prevent & identify malicious behavior within cloud environments, networks, endpoints, and email technologies. Operates products such as SIEM, SOAR, threat intelligence platforms, advanced email protection, EDR, cloud security products, IDS/IPS, Zero Trust tooling, and other security technologies. Scripting experience. Implements and performs threat analysis utilizing industry standard frameworks (kill chain/diamond model) and techniques. Proposes and helps review security plans and policies to improve environmental security. Maintains and produces metrics, operational playbooks, process diagrams and documentation for the Cybersecurity program. AWS and/or Azure knowledge. Produces and distributes operational and tactical threat intelligence reports. Other duties may be assigned as needed to address new security threats facing the enterprise. Ability to: Demonstrate great teamwork and partnership with internal teams for resolution of security-based issues. Python programming tasks and understand of programming in general. Perform security event correlation, triage, and analysis. Apply security Threat Intelligence while responding to and investigating security events or Incidents. Identify when an application, network, system, or user has been compromised by an internal or external threat. Work on multiple projects to improve security capabilities. Exercise strong understanding of defense-in-depth security best practices. Apply security engineering and architecture concepts to best understand how to employ the most effective security monitoring, response, and threat reporting. Demonstrate effective communication of security issues and topics to management and others. Work well under pressure and within a high paced environment. Maintain operational guidelines and standards for Cybersecurity.

Job Title: Senior Network Security Engineer Department: Information Technology Reports to: Director - Network Technology The base salary range for this position is dependent upon experience and location, ranging from: $114,332.80 - $142,916 Job Summary We are seeking a highly skilled Senior Network Security Engineer to join our team and play a key role in securing, optimizing, and transforming our enterprise network infrastructure. The ideal candidate will have deep expertise in firewall security, NAT, IPSEC, SD-WAN, routing protocols (EIGRP, BGP, OSPF), and cloud security solutions. This position will focus on managing and enhancing our security infrastructure, which includes: * Cisco ASA, Checkpoint, Fortinet FortiGate, Palo Alto Firewalls. * Radware for DDoS protection. * Zscaler ZIA/ZPA for cloud security. * SD-WAN for optimized global connectivity. * EIGRP, BGP, and OSPF-based network routing. * NAT policy design and implementation A key initiative for this role is leading the migration from Checkpoint to Fortinet firewalls while ensuring seamless network security operations. Additionally, the engineer will support and enhance our SD-WAN deployment for optimized global connectivity and application performance. Key Responsibilities * Lead the migration from Checkpoint to Fortinet, including policy conversion, rule optimization, and traffic validation. * Manage and maintain Cisco ASA, Palo Alto, Fortinet, and Checkpoint firewalls across corporate, cloud, and remote sites. * Design and optimize firewall rule sets for improved security, performance, and compliance. * Perform risk assessments and firewall audits to ensure network security best practices. * Manage and optimize SD-WAN architecture to improve application performance and reduce latency. * Implement policy-based traffic steering, failover mechanisms, and WAN optimization. * Ensure seamless integration between SD-WAN, firewalls, cloud security solutions, and on-prem networks. * Troubleshoot SD-WAN performance issues, routing conflicts, and connectivity problems. * Work with network and security engineers to ensure secure connectivity between on-premises, branch locations, and cloud. * Design and implement NAT policies, including static NAT, dynamic NAT, and PAT (Port Address Translation). * Configure and troubleshoot EIGRP, BGP, and OSPF for enterprise and cloud routing. * Optimize routing policies to ensure high availability, redundancy, and performance. * Work closely with the network engineering team to enhance SD-WAN, inter-site, and cloud connectivity. * Administer and optimize Zscaler ZIA/ZPA solutions for secure cloud access and web filtering. * Implement zero-trust security policies for cloud applications and remote users. * Troubleshoot Zscaler tunnels, proxy configurations, and application access issues. * Implement and maintain Radware DDoS protection to safeguard network infrastructure from volumetric and application-layer attacks. * Configure IPS/IDS solutions to detect and mitigate security threats. * Work with SOC teams to analyze and respond to security incidents. * Lead firewall, SD-WAN, NAT, and routing issue troubleshooting affecting business-critical applications. * Perform packet capture analysis and use security logs to diagnose network issues. * Work with vendors (Cisco, Fortinet, Palo Alto, Zscaler) to resolve complex technical issues. * Develop and enforce firewall and network security policies in compliance with NIST, CIS benchmarks, and ISO 27001 standards. * Conduct regular security audits and risk assessments. * Maintain up-to-date documentation of firewall rules, SD-WAN policies, and security configurations. * Develop scripts (Python, Bash, PowerShell) for automating firewall audits and SD-WAN policy updates. * Optimize firewall and SD-WAN policies to reduce latency and improve efficiency. * Implement network automation frameworks to streamline security operations. Required Skills & Experience * 5-8 years of experience in network security engineering. * Expertise in Fortinet FortiGate, Checkpoint, Palo Alto, and Cisco ASA firewalls. * Strong knowledge of SD-WAN solutions (Fortinet SD-WAN, Cisco SD-WAN, Prisma Access). * Experience configuring and troubleshooting EIGRP, BGP, and OSPF routing protocols. * Hands-on experience managing Zscaler ZIA/ZPA for cloud security. * Proficiency in VPN technologies (IPSec, SSL, GRE, DMVPN, L2TP) and their security implications. * Strong skills in NAT, firewall rule optimization, and routing table analysis. * Experience with Radware DDoS protection, IPS/IDS, and threat mitigation. * Knowledge of zero-trust security architectures and secure SD-WAN implementation. * Strong analytical skills for troubleshooting network security issues, including packet captures and firewall logs. Preferred Qualifications * Certifications: Fortinet NSE 4/7, Checkpoint CCSA/CCSE, Palo Alto PCNSA/PCNSE, Cisco CCNP Security, Zscaler ZCCP, SD-WAN certifications. * Experience with AWS, Azure, and GCP cloud security best practices. * Familiarity with SIEM solutions for security event monitoring. * Experience automating security tasks using Python, Ansible, or Terraform. #LI-Onsite #LI-VF1 Company: AVANGRID MANAGEMENT COMPANY, LLC. Mobility Information Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. At Avangrid we provide fair and equal employment and advancement opportunities for all employees and candidates regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status, disability, protected veteran status or any other status protected by federal, state, or local law. If you are an individual with a disability or a disabled veteran who is unable to use our online tool to search for or to apply for jobs, you may request a reasonable accommodation by contacting our People and Organization department at ********************. Avangrid employees may be assigned a system emergency role and in the event of a system emergency, may be required to work outside of their regular schedule/job duties. This is applicable to employees that will work in Connecticut, Maine, Massachusetts, and New York within Avangrid Network and Corporate functions. This does not include those that will work for Avangrid Power. Avangrid employees may also be assigned a NERC Reliability Standards compliance role supporting Critical Infrastructure Protection (CIP) and/or Operations and Planning (O&P) responsibilities. This is applicable to employees that will work in electric transmission, operations, and cyber security business areas in Connecticut, Maine, Massachusetts, and New York within Avangrid Network and Corporate business areas. NERC Reliability Standards compliance roles and responsibilities may include additional access protections, training, audit engagement, and required evidence retention, and will be communicated by the employee's management. Job Posting End Date: February-25-2026

The Information Security Analyst plays a key role in advancing the company's Governance, Risk & Compliance (GRC) program by protecting enterprise information assets and ensuring compliance with regulatory, contractual, and ethical standards. This position offers hands-on experience across multiple security domains including policy governance, risk management, AI governance, and data security, making it an excellent opportunity for early career professionals or recent graduates passionate about cybersecurity and emerging technology risks. In this role, you will collaborate with teams across Information Security, IT, and Legal to drive initiatives that safeguard sensitive data, maintain compliance obligations, and promote responsible use of artificial intelligence and other advanced technologies. Responsibilities Governance & Policy Management Assist in developing, maintaining, and aligning information security policies with frameworks such as NIST CSF, ISO 27001, SOC 2, CIS, and the NIST AI RMF. Contribute to documentation and control mapping for new or updated regulations related to AI, privacy, and data protection (e.g., GDPR, CCPA, NIST 800-53 Rev 5). Support internal policy review cycles, ensuring consistent version control and executive approval. Risk Management Participate in enterprise risk assessments, including third-party, application, and AI model risk reviews. Help identify, document, and track remediation of security and privacy risks within the GRC platform (e.g., Drata, ServiceNow GRC, OneTrust, Vanta, etc.). Support the development of risk metrics and dashboards for leadership reporting. Learn to evaluate AI-related risks such as model bias, data leakage, data lineage, model transparency, and unintended data exposure. Data Governance & Data Security Assist with data classification, retention, and handling standards, ensuring sensitive data is appropriately protected. Support data inventory and mapping efforts to improve visibility where critical data resides. Help review access controls, encryption standards, and secure data transfer processes in coordination with IT teams. Collaborate with the IT team to ensure alignment between data quality, privacy, and security controls. Compliance & Audit Support Gather and organize evidence for internal and external audits (ISO 27001, PCI, HIPAA, etc.). Maintain control documentation and track audit remediation activities. Support continuous monitoring of compliance requirements and updates to regulatory obligations, including emerging AI governance and data-related laws. AI Governance Support Contribute to inventories of AI tools and use cases across the enterprise. Assist in risk assessments for AI systems, ensuring they align with responsible AI principles such as fairness, accountability, and transparency. Collaborate with IT and legal teams to ensure that AI use complies with company policies. Security Awareness & Communication Help design and distribute training materials related to cybersecurity, data protection, and responsible AI practices. Support internal campaigns promoting secure data handling and ethical technology usage. Prepare metrics, dashboards, and presentations for leadership briefings. Continuous Improvement Participate in projects that automate or streamline GRC processes, such as policy lifecycle management or risk scoring. Stay informed about new threats, regulatory trends, and AI governance frameworks. Engage in ongoing professional development and certification opportunities. Qualifications Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Data Science, or a related field is preferred 0-2 years of experience in cybersecurity, risk management, compliance, or data governance (internship or coursework acceptable). Understanding of cybersecurity principles, risk management, and data privacy fundamentals. Basic familiarity with AI systems, data governance concepts, or information security practices. Strong analytical, communication, and documentation skills. Ability to manage multiple priorities in a fast-paced environment. Proficient in Microsoft Excel, PowerPoint, and data analysis or GRC tools. Exposure to frameworks such as NIST CSF, ISO 27001, SOC 2, NIST AI RMF, or COBIT. Must be able to work in the U.S. without sponsorship Per applicable state requirements, the annual pay range for this position ($60,500 - $84,000) which consists of base salary (subject to performance), reflects the hiring range for candidates. Also note, an individual's offer may vary from this range as it may be impacted by additional factors, including but not limited to the candidate's hiring location, qualifications, experience, and market factors.

Duration: 6+ Months Experienced Firewall administrator for operational implementation, maintenance and configuration of firewalls. Key Responsibilities: Performs maintenance and changes in firewalls as required. Implementation of new firewalls as required Assists with troubleshooting network connectivity as it relates to firewalls Utilizes change management, request, and ticketing systems, documents status updates and problem resolutions Complete All assignments in a timely manner with an acceptable level of quality Maintains documentation related to work area Completes network change requests Follows documented processes, procedures and policies Performs customer service duties and responds to customer and project requests as defined by management Other related duties assigned as needed. Qualifications/Requirements: Bachelor's degree and with 3 to 4 years of operational experience administering Firewalls 4 or more years networking/firewall background Must have networking TCP/IP routing protocol experience Desired Characteristics: In-depth experience in security aspects of multiple platforms, operating systems, software, communications and network protocols is desired Competency in verbal, written, and presentation communications and interpersonal understanding Ability to understand customer's business needs. Leadership of work teams/groups Ability to work with all levels of employees Highly motivated and able to work effectively under minimal supervision in a fast-paced environment Team-oriented, placing priority on quality and the successful completion of team goals Organization and planning skills that include: time management, project coordination and management, and the ability to handle multiple deadlines and associated pressures. Competency in developing effective solutions to business problems Ability to analyze problems and to make decisions REQUIRED SKILLS YEARS OF EXPERIENCE WHEN THE SKILL WAS LAST USED Expert knowledge of Cisco Security products, ASA and Firepower Expert knowledge of NSX Expert knowledge of Palo Alto systems Security Certifications a Plus Must have networking TCP/IP routing protocol experience Networking/firewall background Operational experience administering Firewalls Additional Information All your information will be kept confidential according to EEO guidelines.

E*Pro Consulting service offerings include contingent Staff Augmentation of IT professionals, Permanent Recruiting and Temp-to-Hire. In addition, our industry expertise and knowledge within financial services, Insurance, Telecom, Manufacturing, Technology, Media and Entertainment, Pharmaceutical, Health Care and service industries ensures our services are customized to meet specific needs. For more details please visit our website ***************** We have been retained for providing recruiting assistance, for direct hires, by one of the world-leading information technology consulting, services, and business process outsourcing organization that envisioned and pioneered the adoption of the flexible global business practices that today enable companies to operate more efficiently and produce more value. Job Description Required Skills: • knowledge of SAP Identity Management 7.2 version • knowledge of SAP IDM integration points with SAP and non-SAP products/tools • LDAP/Active Directory, PD-Org, NWBC, Solution Manager 7.1. • Experience in SAP security, SAP GRC is a plus. • Basis experience is a plus • 6+ years of SAP Identity Management Implementation and support experience. • Experience as the SAP IDM SME in at least 2 implementations • Experience with gap analysis and strategic roadmap/blueprint development • Experience in configuring SAP IDM for user provisioning in a complex SAP landscape comprising of ABAP, JAVA and duel stack systems as well as non-SAP systems • Involve in Onsite-Offshore coordination activities (handover-takeover, off business hour activity tracking, offshore reporting) • Provide SAP IDM support to SAP implementation as well as support teams and internal customers/clients Additional Information All your information will be kept confidential according to EEO guidelines.

For over 75 years, BIC has been creating ingeniously simple and joyful products that are a part of every heart and home. As a member of our team, you'll be a part of reigniting a beloved brand as we continue to reimagine everyday essentials in new, sustainable and responsible ways. Our "roll up your sleeves and get the job done" approach to work creates an environment where self-starters, problem solvers and innovative thinkers thrive. BIC team members are empowered to take ownership of their careers and bring their unique perspectives to the table to make a meaningful impact on our mission. It's a colorful world - make your mark by joining the BIC team today. As Senior Cybersecurity Engineer, you will collaborate and partner with a global, cross-functional team to build cybersecurity capabilities and improve maturity. This role involves designing, implementing, and managing security technology to protect the company from cyber threats. Besides, you will support incident response, investigations, playbook development and efforts to identify and mitigate risk. In this role you will: Analyze, triage, and investigate alerts from various sources to determine the appropriate response or escalation Document analysis, findings, and actions for case management and metrics Support security incident response planning, procedure/playbook development and investigations Participate in on-call rotation for off-hours escalations Administer, optimize, and maintain the health of security tools, such as endpoint protection and response (EDR), network detection and response (NDR), and logging pipelines (Syslog/Cribl). Assist with remediation of identified security risks Minimum 6 years' experience in Information Technology or Cybersecurity IT or cybersecurity certifications from industry recognized sources preferred What you bring to BIC: Minimum 6 years' experience in Information Technology or Cybersecurity IT or cybersecurity certifications from industry recognized sources preferred Prior experience interpreting or analyzing log data and working with log pipelines Triaging alerts from various sources, following playbooks, and escalating legitimate issues Knowledge of security tools such as endpoint protection, firewalls, intrusion prevention, SIEM and EDR (CrowdStrike) Strong understanding of Windows server and desktop operating systems, networking fundamentals, security concepts, Active Directory, Microsoft Azure, Office 365. In-depth analytical and problem-solving skills to resolve complex issues BIC is an Equal Opportunity Employer. We strongly commit to hiring people with different backgrounds and experiences to help us build better products, make better decisions, and better serve our customers. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, veteran status, disability status, or similar characteristics. All employment is decided based on qualifications, merit, and business need. BIC is not seeking assistance or accepting unsolicited resumes from search firms for this employment opportunity. Regardless of past practice, all resumes submitted by search firms to any team member at BIC via email, or directly to a BIC team member in any form without a valid written search agreement in place for that position will be deemed the sole property of BIC, and no fee will be paid in the event the candidate is hired by BIC as a result of the referral or through other means.