Security engineer jobs in Orangetown, NY

About The Role The Sr. Security Researcher is responsible for leading and executing offensive security assessments (red teaming) against the organization's systems and networks. This role will leverage advanced penetration testing, social engineering, and other offensive security techniques to identify and exploit vulnerabilities, simulate real-world threats, and enhance the organization's overall security posture. Responsibilities Lead and execute red team engagements: Develop and execute comprehensive red team assessments, including reconnaissance, vulnerability scanning, exploitation, and post-exploitation activities. Lead and mentor junior red team members, providing guidance, training, and hands-on experience. Develop and maintain red team methodologies, tools, and infrastructure. Conduct threat modeling and risk assessments to identify potential attack vectors and prioritize targets. Develop and execute social engineering campaigns, including phishing, vishing, and physical penetration tests. Vulnerability research and exploitation: Stay abreast of the latest threat intelligence, vulnerabilities, and exploits. Research and develop new exploitation techniques and tools. Conduct in-depth analysis of vulnerabilities and their potential impact. Reporting and communication: Prepare detailed and concise reports documenting red team findings, including technical details, impact assessments, and remediation recommendations. Effectively communicate findings to technical and non-technical audiences, including senior management. Present findings and recommendations at security forums and conferences (optional). Security awareness and training: Develop and deliver security awareness training programs to employees on topics such as social engineering, phishing, and secure coding practices. Conduct security awareness campaigns to raise employee awareness of security threats and best practices. Collaboration: Collaborate with other security teams (e.g., blue team, incident response) to improve overall security posture. Work with development teams to identify and remediate security vulnerabilities in applications and systems. Build and maintain relationships with external security researchers and the cybersecurity community. Skills and Qualifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 5+ years of experience in cybersecurity, with 3+ years of hands-on experience in penetration testing, red teaming. Understanding of blended attacks. Proven experience leading and mentoring junior security professionals. Strong understanding of networking, systems administration, and programming concepts. Expertise in penetration testing methodologies and tools (e.g., Cobalt Strike, Outflank, Sliver, PowerShell Empire, Metasploit, Kali Linux, Nmap). Proficiency in scripting languages (e.g., Python, Ruby, PowerShell). Strong understanding of network protocols (e.g., TCP/IP, HTTP, DNS). Experience with vulnerability scanners, intrusion detection systems, and firewalls. Experience with cloud security (e.g., AWS, Azure, GCP) is a plus. Relevant security certifications (e.g., RTO I, RTO II, OSCP, OSCE, GPEN, CRTP) are highly desired. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Strong attention to detail and accuracy. Ability to adapt to new technologies and challenges. Project Management.

| IT - Information Security The Cyber Security Engineer Lead will design, implement, and maintain the United States Merchant Marine Academy's cybersecurity governance, compliance programs, and overall security posture. This role leads technical and administrative security efforts, including ATO lifecycle management, RMF documentation, SSP/POA&M development, vulnerability management, incident response, Zero Trust initiatives, and enterprise security monitoring. The position serves as the primary liaison to DOT, MARAD, auditors, and federal oversight bodies while ensuring continuous alignment with NIST CSF, NIST 800-53, FISMA, DOT, and MARAD cybersecurity requirements. Key Responsibilities Ensure compliance with NIST CSF and RMF frameworks to maintain accreditation and protect system confidentiality, integrity, and availability. Lead the development, update, and management of ATO packages, RMF documentation, SSPs, POA&Ms, and risk management artifacts. Provide strategic and tactical security guidance, advising on both technical and administrative controls. Direct and mature the Incident Response Program, including triage, escalation, documentation, after-action reviews, and program improvements. Administer enterprise security policies, maintain SOPs/checklists, and drive continuous monitoring processes. Lead threat and vulnerability management, including scanning, penetration test coordination, risk scoring, and remediation tracking. Conduct threat landscape assessments, business impact analyses, and provide risk treatment recommendations. Oversee creation and updates of cybersecurity procedures, including International Travel, BYOD, and secure communications. Manage recurring reviews of SSPs, POA&Ms, annual security plans, account audits, and risk acceptance packages. Serve as primary cybersecurity liaison to DOT, MARAD, auditors, and federal oversight entities. Support Zero Trust Architecture initiatives and broader enterprise security modernization. Lead quarterly and biannual Incident Response tabletop exercises and incorporate lessons learned into program updates. Coordinate ITSEC team training and cross-functional security knowledge-sharing. Maintain security documentation, templates, policies, and recurring reports (Awareness Bulletins, POA&M dashboards, CSAM reporting). Review DOT/MARAD alerts, coordinate patching, evaluate software requests, and maintain secure system configurations. Deliver cybersecurity briefings, Awareness Bulletins, Sea Year presentations, and Indoc training; participate in cyber governance meetings such as DOT Cyber Ops, CAM, vulnerability reviews, and Change Control Board meetings. Required Technical Skills Minimum 12 years of progressive cybersecurity experience. Expertise with NIST RMF, ATO, C&A processes, POA&M development, and preparation for federal audits. Experience conducting Security Testing & Evaluation, risk assessments, and developing security policies and procedures. Experience within U.S. Government contracting or federal cybersecurity environments. Strong leadership capabilities to guide Infrastructure, Applications, and Cyber teams toward a unified security posture. Demonstrated ability to communicate security requirements to technical and non-technical stakeholders and lead governance meetings with senior federal leadership. Proficiency with incident response, vulnerability management tools, security event analysis, and risk treatment methodologies. Preferred / Nice-to-Have Skills Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related field. ITIL v3 Foundation certification. CISM, CISSP, or other advanced security management certifications. Azure Security certifications. Experience with Zero Trust Architecture, cloud security standards, and federal enclave cybersecurity operations. Experience leading cybersecurity training, cyber awareness initiatives, and developing security programs. Experience working within a college or university environment. Benefits (employee contribution): Health insurance Health savings account Dental insurance Vision insurance Flexible spending accounts Life insurance Retirement plan All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

The Systems Engineer Level 2 (SE2) position is a highly motivated team player with excellent interpersonal skills. The SE2 position is exempt and will work onsite 5 days per week at our client location in Valhalla, NY. You will work on requests for technical support by telephone, email, or Chat and troubleshoot diverse issues with workstations, peripherals, industry line of business applications, and server infrastructures. End-user and team member support is the overall expectation of this role. Interacting with vendor support contacts to identify and resolve issues on various computing equipment is part of this role. RESPONSIBILITIES Troubleshoot and resolve desktop, server, and line of business application incidents Complete move/add/changes of client workstations/servers Resolve escalated issues from the L1 team members Train and guide clients in software and hardware usage Collaborate with other departments to solve complex issues Tasks assigned by leadership Keep an eye on expiration of any software and hardware for your customer and recommend replacements Travel to local customer sites to preform onsite work when needed SKILLS REQUIRED Basic understanding of Active Directory OU Structure; ability to create security groups and apply NTFS permissions Basic understanding of Managed Backup software(s) and file restoration; perform a virtual disk restore Basic understanding of namespace and DFS replication; ability to identify replicated folders and namespace servers Ability to identify when an issue is DNS related; ability to check DHCP for correct settings (Gateway/DNS servers), identify DHCP device, and understand A Records, CNAME, and MX records Basic understanding of folder inherence; ability to create and modify file permissions, and identify and perform basic troubleshooting Ability to identify and troubleshoot InTune issue; modify existing InTune policies Exchange/Office 365 Understand mail flow from sender to recipient Update/change Send & Receive Connectors Legal Hold/eDiscovery/Compliance Creating new Transport rules Ability to install a network printer on the server and perform advanced diagnostics, as well as scan to email setup and scan to folder setup Experience with Network Printing including how to add a printer to Print Management, and troubleshoot existing printer GPOs and driver issues Understanding of RDGateway setup on the server; troubleshooting server-side issues; publish RemoteApp Basic understanding of network routing including the difference between dynamic & static routing Overall understanding of basic server components, knowledge of RAID, ability to identify and utilize iDRAC and Dell OMSA Experience with spam filtering: set up encryption filters, and understand mail flow and how it relates to spam filtering as well as how to whitelist/blacklist Company-wide SQL knowledge RBL checks, contacting vendors to fix Basic knowledge of SQL services, servers, and different SQL applications Ability to troubleshoot SQL Server service issues Troubleshoot ODBC and determine if issues are server or client-side Basic understanding of SAN technology and ability to patch Be able to check NAS functions Perform file-sharing operations Basic knowledge of iSCSI/FibreChannel Modify current scripts Office Deployment Tool File share/SharePoint Basic understanding of folder inherence Ability to create and modify file permissions Ability to identify and perform basic troubleshooting Create/Manage SharePoint sites JOB REQUIRMENTS High School diploma Minimum of 4 years of work experience in a Help Desk role CompTIA A+/Network+ or equivalent experience Own and maintain a personal vehicle for onsite travel, when needed Complete Technical understanding and expertise in the following: Windows Desktop DNS functionality Mail flow diagnostics VPN support File server support RDS environment support Active Directory support Solid customer service, communication, and organizational skills Ability to work under tight deadlines and shifting priorities Occasionally work past scheduled work hours to complete work tasks Including occasional nights and weekend work as needed Participate in a rotating on-call schedule Reliable and punctual MCSA certification is a plus Network (Sophos, SonicWALL, Cisco) certifications are a plus Apple OSX knowledge is a plus WHY ANATOMY IT? Anatomy IT embraces those that demonstrate a deep passion for solving the problems of healthcare with enthusiasm for building positive working relationships and winning as a team. We believe in putting our customers first, empowering our people to drive growth, being technologically innovative, simplifying the complex, delivering results to our commitments with a sense of urgency while embracing diversity, equity, and inclusion. THE COMPANY Anatomy IT helps healthcare providers deliver exceptional patient care through technology and cybersecurity solutions. With 30+ years of experience, we understand healthcare organizations' unique risks, opportunities, and challenges. Anatomy IT is one of the largest and fastest-growing healthcare IT companies, partnering with over 19,000 providers and healthcare staff nationwide, including ASCs, physician groups and hospitals. BENEFITS We love collaborating and working together as a team. Our benefits include healthcare (medical, dental & vision), 401K fund contribution, paid-time-off, short & long-term disability, and a family atmosphere of caring and concern for each team member. EQUAL OPPORTUNITY EMPLOYER We are proud to be an equal opportunity employer - and celebrate our employees' differences regardless of race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.

Title: Azure Network Engineer Duration: FTE/Permanent Salary: 120-140k We are seeking an experienced Azure Network Engineer with strong expertise in Palo Alto Networks technologies to design, deploy, and manage secure, high-performing network infrastructure across a hybrid cloud environment. This role focuses on building and supporting a scalable Azure networking solution while ensuring seamless integration with Palo Alto firewalls and security services. Key Responsibilities: Design, implement, and maintain secure and resilient network architecture using Microsoft Azure networking service (VNets, NSGs, VPN Gateways, ExpressRoute, Azure Firewall, Load Balancers) and Palo Alto Network platform (NGFW, Panorama, Prisma Access, SD-WAN). Configure and manage security policies, NAT rules, VPNs (IPSec/SSL), and advanced routing across cloud and on-prem environments. Deploy and manage Azure network components including Application Gateway, Azure Front Door, Traffic Manager, and DDoS protection. Develop and enforce Zero Trust and micro-segmentation strategies integrated with Azure Active Directory and role-based access controls. Monitor and optimize network performance, connectivity, and security using Azure Monitor, Network Watcher, Azure Sentinel, and Palo Alto monitoring tools. Troubleshoot complex network and security issues across a hybrid infrastructure and implement permanent resolutions. Support migrations and connectivity between on-premises data centers and Azure cloud environments. Maintain detailed network design documentation, operational procedures, and configuration standards. Collaborate with infrastructure, security, and cloud engineering teams to ensure network reliability, scalability, and compliance with organizational standards. Stay current with evolving Azure and Palo Alto technologies, continuously enhancing technical knowledge through training and certification. Support internal lab environments for testing, validation, and proof-of-concept development. Skills & Experience Requirements: Minimum 4 years of hands-on experience in enterprise network engineering or cloud network administration. Strong knowledge of Azure networking (VNets, NSGs, VPN Gateway, ExpressRoute, Load Balancers, Azure Firewall). Expertise with Palo Alto Networks firewalls and related technologies (NGFW, Panorama, Prisma Access, SD-WAN). Solid understanding of IP routing protocols (BGP, static routing, NAT) and tunneling/encryption protocols (SSL/TLS, IPSec, GRE). Experience integrating Azure AD, MFA, and authentication technologies such as RADIUS and LDAP. Proficiency in managing certificates, PKI, and secure communication channels. Familiarity with infrastructure automation or scripting for network configuration (PowerShell, Terraform, or ARM templates preferred). Excellent troubleshooting, analytical, and communication skills with the ability to work collaboratively across technical teams. Experience with other security or networking platforms such as Fortinet, Check Point, or AWS networking is a plus. Modern Palo Alto and Microsoft certifications required

We are seeking a skilled and motivated Network Engineer with strong expertise in switching and routing, and a foundational understanding of cloud technologies. This role is critical to supporting and optimizing our enterprise network infrastructure while enabling cloud-integrated solutions. Key Responsibilities Design, implement, and maintain enterprise-level LAN/WAN infrastructure. Configure and troubleshoot Layer 2/3 network devices including switches, routers, and firewalls. Monitor network performance and ensure system availability and reliability. Collaborate with cloud teams to support hybrid network environments (AWS, Azure, or GCP). Lead F5 Program Document network configurations, changes, and procedures. Participate in on-call rotation and provide Tier 2/3 support for network issues. Required Skills & Qualifications 3-5+ years of hands-on experience in enterprise networking. Strong knowledge of routing protocols (OSPF, BGP, EIGRP) and switching technologies (VLANs, STP, EtherChannel). Experience with Cisco, Juniper, or similar network platforms. Basic understanding of cloud networking concepts (VPC, VPN, Direct Connect, ExpressRoute). Familiarity with network monitoring tools (SolarWinds, Wireshark, etc.). CCNA or equivalent certification preferred. Strong F5 Knowledge Nice to Have Exposure to SD-WAN, network automation (Python, Ansible), or cloud certifications (AWS/Azure Fundamentals). Experience with DDI (DNS, DHCP, IPAM) solutions like Infoblox. Soft Skills Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Ability to work independently and in a team-oriented environment. Disclaimer HCL is an equal opportunity employer, committed to providing equal employment opportunities to all applicants and employees regardless of race, religion, sex, color, age, national origin, pregnancy, sexual orientation, physical disability or genetic information, military or veteran status, or any other protected classification, in accordance with federal, state, and/or local law. Should any applicant have concerns about discrimination in the hiring process, they should provide a detailed report of those concerns to ****************** for investigation. Compensation and Benefits A candidate's pay within the range will depend on their work location, skills, experience, education, and other factors permitted by law. This role may also be eligible for performance-based bonuses subject to company policies. In addition, this role is eligible for the following benefits subject to company policies: medical, dental, vision, pharmacy, life, accidental death & dismemberment, and disability insurance; employee assistance program; 401(k) retirement plan; 10 days of paid time off per year (some positions are eligible for need-based leave with no designated number of leave days per year); and 10 paid holidays per year.

The Role We are looking for a Network Engineer to join our IT team to handle the design, implementation, and maintenance of our internal and client-side network infrastructure. You will play a key role in ensuring the stability, security, and performance of our networks, enabling us to deliver exceptional service to our clients and support our internal operations effectively. You should be comfortable with everything from troubleshooting network issues to supporting end-user systems, and contributing to network improvements within the company and on our deployed microgrids. This role will report to our Senior Manager of IT and be based at our HQ in Ridgewood, NJ, with travel up to 20% of the time. Key responsibilities will include: Network Design & Implementation: Plan, design, and implement network solutions for both internal use and client sites, utilizing routers, switches, firewalls, wireless access points, and other network devices. Conduct on-site client assessments to understand their needs and develop tailored network architectures. Ensure network designs meet performance, security, and scalability requirements, incorporating redundancy and future-proofing best practices. Network Maintenance & Optimization: Proactively monitor network performance, analyze metrics, and identify areas for improvement. Perform regular maintenance and optimization of network devices and services to ensure reliability and maximize throughput. Security & Compliance: Implement and maintain network security best practices, including firewalls, VPNs, and intrusion detection/prevention systems. Ensure the security of both internal and client systems, adhering to industry regulations. Troubleshooting & Support: Provide Tier 1/2/3 support for network-related issues, resolving escalated or complex problems remotely and on-site at client locations. Respond to inbound support requests, collaborating with the help desk to address and resolve network incidents promptly. Work with vendors and service providers to address outages and equipment failures effectively. Documentation & Reporting: Maintain comprehensive network diagrams, standard operating procedures (SOPs), and configuration records. Generate reports on network health, capacity planning, and performance trends to support strategic decision-making. Collaboration & Stakeholder Engagement: Collaborate effectively with the Sr. IT Manager and team leads to align network strategies with business objectives. Participate in cross-functional teams to evaluate and integrate new technologies, expanding and upgrading infrastructure as needed. The Ideal Candidate Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent experience). 3+ years of hands-on experience in network engineering or a similar role. Professional certifications (e.g., CCNA, CCNP) are strongly preferred. In-depth knowledge of routing protocols (e.g., BGP, OSPF), switching technologies (VLANs, STP), and firewall configurations. Familiarity with SCADA devices, FortiGate firewalls, and Teltonika modems is highly desirable. Experience with network monitoring tools (e.g., SolarWinds, Nagios, PRTG) and logging systems (SIEM solutions). Familiarity with cloud networking environments (AWS, Azure, or GCP) is a plus. Strong troubleshooting skills to diagnose and resolve network issues in both on-premise and client-site environments. Excellent problem-solving and analytical abilities. Strong communication and interpersonal skills to effectively interact with technical and non-technical stakeholders, including clients. Detail-oriented with the ability to prioritize tasks, manage time efficiently, and meet deadlines. Team player with a collaborative mindset and a customer-focused approach. Willingness to travel to US-based client sites as necessary. Ability to participate in an on-call rotation when required. This is a great opportunity to have a long-term impact on a fast-paced, private equity-backed growth business. Some of the core virtues embraced by Scales' employees include: Do the Right Thing Act Like an Owner Hustle Demand Results Go Together Evolve or Disappear We offer a competitive compensation package and a comprehensive benefits program including medical benefits, paid vacation and holidays, and 401K matching. About Scale Microgrids Scale Microgrids (“Scale”) is a fully integrated distributed energy platform focused on designing, implementing, and financing innovative distributed clean energy solutions. Through its leading technical expertise and access to scale capital, Scale helps its customers transition to a decentralized energy future by providing and financing sustainable, cost-effective, and resilient power solutions. Scale has its own proprietary microgrid solution, which provides customers with cheaper, cleaner, and more reliable power, and also partners with third-party developers to acquire and/or finance a broader range of distributed energy assets. Scale is backed by EQT, a firm with ~$250B in assets, bringing a depth of experience, resources, and capital that will enable Scale to continue pursuing our vision of powering the world with distributed energy. The investment enables Scale to own and operate billions of dollars in distributed generation assets. To learn more about Scale Microgrids, please visit ******************************** About EQT EQT is a leading purpose-driven global investment organization with EUR 246 billion in total assets under management, divided into two business segments: Private Capital and Real Assets. EQT owns portfolio companies and assets in Europe, Asia Pacific, and the Americas and supports them in achieving sustainable growth, operational excellence, and market leadership. To learn more about EQT, please visit ********************* Scale strives to attract and retain a workforce that reflects the composition of our customer base and communities. We are committed to providing a work environment that provides everyone with equal access and opportunity to contribute and drive meaningful outcomes. We encourage applicants from all backgrounds to apply and will consider qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.

A Few Words About Us Integrated Resources, Inc is a premier staffing firm recognized as one of the tri-states most well-respected professional specialty firms. IRI has built its reputation on excellent service and integrity since its inception in 1996. Our mission centers on delivering only the best quality talent, the first time and every time. We provide quality resources in four specialty areas: Information Technology (IT), Clinical Research, Rehabilitation Therapy and Nursing. Job Description: Network Security Analyst 6 months CTH • 3+ years of designing, implementing and supporting CISCO ISE is required Responsibilities: Work with vendor to ensure the quality design, implementation, installation/configuration, and provide technical admin support for Cisco ISE Authentication Authorization, Posture Assessment, and AnyConnect end point Malware Prevention solutions. • Upgrade Cisco ISE infrastructure including hardware, software, and AnyConnect • Perform Cisco ISE Authentication and Authorization • Enforce security Posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE • Deploy Cisco ISE Profiling and client provisioning services • Integrate Endpoint Malware Protection Services (AMP) with AnyConnect and Cisco ISE • Provide Reports, Monitoring, Troubleshooting, and Security Work with vendor on problem resolution Create policies and reports to meet the business requirements Participate in Planning, Design, and Tests Perform security audits, scan and monitor servers Investigate and report on security alerts and perform security incident reporting Requirements: Expert-level knowledge and experience with design, implementation and support of Cisco ISE 3-5 year of experience working with Network Security applications Complex routing and switching solutions (Cisco is a must, Nexus strongly preferred, other manufacturers are a plus) Advance knowledge of networking, TCP/IP, FTP, SCP, firewalls, ACLs, Authentication protocols, Authorization, VPN, PKI, RSA, and Encryption Knowledge of Directory Services including Active Directory, LDAP, and TDS Knowledge of F5 load balancers Knowledge of IT security principles, HIPAA, SOX and PCI regulations Knowledge of IDS/IPS, Malware Prevention (Sourcefire & Fireye desired, Palo Alto a plus) Business Analysis skills and ability to translate business requirements into technical requirements Excellent oral/written communication and organizational skills Security certification a plus such as CISSP, CEH or CISA Qualifications Bachelor's Degree in Computer Science, Programming, or IT required Additional Information Contact- 732-549-2030 ext 242 Harshad

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! Job Description: Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the security resilience of the bank's applications to malicious hacking activity. This senior technical role is responsible performing and leading ethical hacking assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include leading and performing research, understanding the bank's security policies, working with appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. These individuals are expected to perform application security-oriented dynamic and static assessments across a multitude of technologies including web UI, web APIs, mobile and cloud, including associated source code. Key Responsibilities in order of importance: * Perform assigned analysis of internal and external threats on information systems and predict future threat behavior. * Incorporate threat actors' tactics, techniques, and procedures into offensive security testing to identify high-value vulnerabilities/chained attacks. * Developing Proof-of-concepts for exploitation. * Perform assessments of the security, effectiveness, and practicality of multiple technology systems. * Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. * Prepare and present detailed technical information for various media including documents, reports, and notifications. * Provide clear and practical advice regarding managing risks. * Learn and develop advanced technical and leadership skills, mentor Junior and Intermediate assessors in technical tradecraft and soft skills. * Respond to security incidents and provide technical assistance to leadership across the Information Security organization. Required Skills: * Minimum of 5+ years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment * Detailed technical knowledge in at least 5 of the following areas: * security engineering * application architecture * authentication and security protocols * application session management * applied cryptography * common communication protocols * mobile frameworks * single sign-on technologies * exploit automation platforms * Web APIs * Cloud environments * LLM security * Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings * Experience performing manual web application assessments i.e., must be able to simulate a OWASP Top 10 vulnerabilities without the use of tools * Experience performing manual code reviews for security relevant issues * Experience working with DAST and SAST tools to identify vulnerabilities * Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) * Experience with vulnerability assessment tools and penetration testing techniques. * Solid programming/debugging skills, development frameworks, CVE and CWE research/reproduction * Threat Analysis, threat modelling and SBOM analysis * Innovative thinking, threat actor simulation * Technology Systems Assessment * Technical Documentation * Advisory Desired: * CEH, OSCP/OSCE/OSWE/GXPN/GPEN/GWAPT/GMOB/All Practitioner Certs [Port Swigger BSP Academy]/Cloud Cert(s)/ eWPT; eWPTX; eMAPT [INE Pentester Academy] * Strong programming/scripting skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. Shift: 1st shift (United States of America) Hours Per Week: 40

ADP is Hiring a Lead Information Security Analyst - Identity Unlock Your Career Potential: Global Security Organization at ADP. Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data. We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients. Like what you see? Apply now! Learn more about ADP at tech.adp.com/careers Responsibilities: Develop and lead IAM security programs, with a primary focus on Active Directory (on-prem and Azure AD), identity lifecycle management, authentication systems, and overall directory hygiene Provide security oversight and guidance for directory services (Active Directory, Azure AD), including accounts, Group Policy, OU structure, domain trusts, and federation services. Oversight and compliance monitoring for role-based access control (RBAC), conditional access, and least privilege principles across AD and cloud identity platforms. Oversight and compliance monitoring for SSO, MFA, Privileged Access Management (PAM), and Identity Governance & Administration (IGA) tools. Align IAM configurations and controls to meet compliance, audit, and security requirements as necessary (e.g., CIS, SOX, NIST, ISO 27001). Mentor junior team members in support of IAM security program via process documentation and knowledge sharing. Analyze identity-related incidents and participate in incident response and root cause analysis. Knowledge of modern identity strategies (Zero Trust, passwordless authentication, Just-In-Time access). To Succeed in This Role: You will have a bachelor's degree or equivalent. Skills: 5+ years of experience in IAM or Security Operations, with hands-on expertise in Active Directory and Azure AD Strong knowledge of identity protocols (LDAP, Kerberos, SAML, OAuth2, OpenID Connect) Experience with hybrid identity environments, including Azure AD Connect, conditional access, and authentication flows Familiarity with IAM and PAM solutions such as SailPoint, CyberArk, etc. Understanding of security frameworks (NIST, ISO, CIS) and regulatory compliance requirements (SOX, HIPAA, GDPR) Strong knowledge of Cloud IAM concepts and implementations across the major cloud providers (AWS, Azure, OCI, GCP) Strong scripting or automation skills (e.g., PowerShell, Python) Excellent analytical, communication, and documentation skills What are you waiting for? Apply today! Find out why people come to ADP and why they stay: **************************** (ADA version: **************************** )

ADP is Hiring a Lead Information Security Analyst - Identity Unlock Your Career Potential: Global Security Organization at ADP. Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data. We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients. Like what you see? Apply now! Learn more about ADP at tech.adp.com/careers Responsibilities: Develop and lead IAM security programs, with a primary focus on Active Directory (on-prem and Azure AD), identity lifecycle management, authentication systems, and overall directory hygiene Provide security oversight and guidance for directory services (Active Directory, Azure AD), including accounts, Group Policy, OU structure, domain trusts, and federation services. Oversight and compliance monitoring for role-based access control (RBAC), conditional access, and least privilege principles across AD and cloud identity platforms. Oversight and compliance monitoring for SSO, MFA, Privileged Access Management (PAM), and Identity Governance & Administration (IGA) tools. Align IAM configurations and controls to meet compliance, audit, and security requirements as necessary (e.g., CIS, SOX, NIST, ISO 27001). Mentor junior team members in support of IAM security program via process documentation and knowledge sharing. Analyze identity-related incidents and participate in incident response and root cause analysis. Knowledge of modern identity strategies (Zero Trust, passwordless authentication, Just-In-Time access). To Succeed in This Role: You will have a bachelor's degree or equivalent. Skills: 5+ years of experience in IAM or Security Operations, with hands-on expertise in Active Directory and Azure AD Strong knowledge of identity protocols (LDAP, Kerberos, SAML, OAuth2, OpenID Connect) Experience with hybrid identity environments, including Azure AD Connect, conditional access, and authentication flows Familiarity with IAM and PAM solutions such as SailPoint, CyberArk, etc. Understanding of security frameworks (NIST, ISO, CIS) and regulatory compliance requirements (SOX, HIPAA, GDPR) Strong knowledge of Cloud IAM concepts and implementations across the major cloud providers (AWS, Azure, OCI, GCP) Strong scripting or automation skills (e.g., PowerShell, Python) Excellent analytical, communication, and documentation skills What are you waiting for? Apply today! Find out why people come to ADP and why they stay: https://youtu.be/ODb8lxBrxrY (ADA version: https://youtu.be/IQjUCA8SOoA )

E*Pro Consulting service offerings include contingent Staff Augmentation of IT professionals, Permanent Recruiting and Temp-to-Hire. In addition, our industry expertise and knowledge within financial services, Insurance, Telecom, Manufacturing, Technology, Media and Entertainment, Pharmaceutical, Health Care and service industries ensures our services are customized to meet specific needs. For more details please visit our website ****************** Job Description SAP Security & GRC Additional Information All your information will be kept confidential according to EEO guidelines.

Why us? You will be part of a team that believes that believes in employees success! They are a dynamic, fast growing company with great opportunities and an employee focused company culture. Join this fantastic team today and make a difference in your life and the lives of those around you! They are an equal opportunity employer and value diversity at our company. Job Description Strong knowledge of Information Security concepts such as: •Encryption, Cloud and Mobile Device Security •Data Loss and Prevention tools and solutions •Risk-Threat Analysis and Vulnerability Assessments •Enterprise Security Monitoring, Role-Based Access Control (RBAC) •Identity and Access Management, Computer Forensic •IT Audit and Compliance, Regulatory Requirements (HIPAA, CMS, FISMA, et. al.) •Knowledge of common vulnerability tools, and the ability to identify basic categories of vulnerability. What's in it for YOU? Salary: $120000 to $140000 10% bonus, exceptional perks and benefits Professional development training, mentoring, career coaching, and more! Sounds like you? then ping us with your most updated resume. We'd love to talk to you! We are excited about the companies growth and the role you will play with them. Qualifications Desired Skills & Experience: You hold a Bachelor's degree in any domain. You are certified in CISSP, or CISA, or CEH, required. You have more than 10 years experience working in the IT security function. You have working experience in the health care and/or financial services industries with project management and program management experience. You have good experience with Operating System, Database, Network and Application Security. Additional Information All your information will be kept confidential according to EEO guidelines.

Founded over 35 years ago, First Quality is a family-owned company that has grown from a small business in McElhattan, Pennsylvania into a group of companies, employing over 5,000 team members, while maintaining our family values and entrepreneurial spirit. With corporate offices in New York and Pennsylvania and 8 manufacturing campuses across the U.S. and Canada, the companies within the First Quality group produce high-quality personal care and household products for large retailers and healthcare organizations. Our personal care and household product portfolio includes baby diapers, wipes, feminine pads, paper towels, bath tissue, adult incontinence products, laundry detergents, fabric finishers, and dishwash solutions. In addition, we manufacture certain raw materials and components used in the manufacturing of these products, including flexible print and packaging solutions. Guided by our values of humility, unity, and integrity, we leverage advanced technology and innovation to drive growth and create new opportunities. At First Quality, you'll find a collaborative environment focused on continuous learning, professional development, and our mission to Make Things Better . We are actively seeking an experienced Cyber Security Analyst to join our Security Operations Center in Great Neck, New York, or work in a hybrid capacity from CT, GA, NY, NJ, PA, or SC. In this role, you will be responsible for incident detection, investigation and response, rules development tuning and improvement, defining and developing automations, and incorporating Threat Intelligence and Threat Hunting activities to enhance detection and mitigation strategies. Primary responsibilities include: Incident Detection and Response - Monitor and analyze alerts generated by SIEM/SOAR platforms and user reports, investigate security incidents, and execute containment and eradication procedures to minimize impact and restore normal operations. Tuning & Optimization - Continuously refine detection rules and SOC processes to reduce false positives, enhance detection accuracy, and improve overall operational efficiency. Research & Development - Explore emerging threats and attack techniques to develop and implement new detection rules to expand visibility and strengthen the organization's security posture. Threat Hunting - Proactively hunt for hidden threats by analyzing logs and identifying gaps missed by existing security tools and improve security posture. Threat Intelligence - Review threat intelligence feeds, channels and articles to identify potential risks and proactively strengthen defenses. Automation Development - Design, implement, and maintain automation solutions to streamline SOC workflows, reduce manual effort, and accelerate incident response times. Reporting - Prepare and present comprehensive reports on key SOC activities, metrics, and security trends to stakeholders and management. Penetration Testing - Participate in Red and Purple Team exercises to assess and improve the effectiveness of security controls and incident response capabilities. The ideal candidate should possess the following: Bachelor's degree in Computer Security, Cybersecurity, Information Security, or a related field preferred. Additional relevant experience may be considered in lieu of a degree. Experience with advanced SIEM content development, including custom correlation rules, dashboards, and reporting. Minimum of 1 year of experience working in a Security Operations Center (SOC) environment, either in-house or with a Managed Security Service Provider (MSSP). Proficiency in scripting languages such as Python, PowerShell, or Bash for automating security tasks and processes. Direct involvement in end-to-end incident response, including root cause determination and post-incident reporting. Experience monitoring and securing cloud environments (e.g., Microsoft Azure, AWS, Google Cloud Platform). Hands-on experience working with SIEM (e.g. Splunk, Microsoft Sentinel, Qradar) Familiarity with EDR solutions like CrowdStrike, SentinelOne, Microsoft Defender for Endpoint or Cortex XDR. Understanding and familiarity with interpreting common log sources for monitoring and investigation (e.g. Firewall, Azure AD, Windows Security Log, Email, Proxy\URL Filtering etc.) Solid grasp of prevalent attack types, including phishing, brute-force attacks, malware, and data exfiltration techniques. Excellent verbal and written communication skills, with the ability to collaborate effectively with team members both within and outside the SOC. High level of situational awareness and problem sensitivity, with the ability to proactively identify issues and escalate concerns as appropriate. Demonstrated proactive mindset, strong sense of responsibility, and urgency in addressing security incidents and tasks. Ability to work independently, manage multiple priorities, and succeed in a fast-paced, dynamic environment. Strong motivation and willingness to continually learn and grow, adapting to new tools and evolving threat landscapes. What We Offer You We believe that by continuously improving the quality of our benefits, we can help to raise the quality of life for our team members and their families. At First Quality you will receive: • Competitive base salary and bonus opportunities • Paid time off (three-week minimum) • Medical, dental and vision starting day one • 401(k) with employer match • Paid parental leave • Child and family care assistance (dependent care FSA with employer match up to $2500) • Bundle of joy benefit (year's worth of free diapers to all team members with a new baby) • Tuition assistance • Wellness program with savings of up to $4,000 per year on insurance premiums • ...and more! The estimated annual base salary range for this position is $110,000 - $140,000. Base pay is only part of our total compensation package, which also includes an attractive annual discretionary bonus and robust suite of employee benefits for which you are eligible to participate in starting on your first day of employment. Base pay offered will be determined on an individualized basis and we will consider your location, experience, and other job-related factors. First Quality is committed to protecting information under the care of First Quality Enterprises commensurate with leading industry standards and applicable regulations. As such, First Quality provides at least annual training regarding data privacy and security to employees who, as a result of their role specifications, may come in to contact with sensitive data. First Quality is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, sexual orientation, gender identification, or protected Veteran status.

Who We Are At Corebridge Financial, we believe action is everything. That's why every day we partner with financial professionals and institutions to make it possible for more people to take action in their financial lives, for today and tomorrow. We align to a set of Values that are the core pillars that define our culture and help bring our brand purpose to life: We are stronger as one: We collaborate across the enterprise, scale what works and act decisively for our customers and partners. We deliver on commitments: We are accountable, empower each other and go above and beyond for our stakeholders. We learn, improve and innovate: We get better each day by challenging the status quo and equipping ourselves for the future. We are inclusive: We embrace different perspectives, enabling our colleagues to make an impact and bring their whole selves to work. Who You'll Work With The Information Technology organization is the technological foundation of our business and works in collaboration with our partners from across the company. The team drives technology and digital transformation, partners with business leaders to design and execute new strategies through IT and operations services and ensures the necessary IT risk management and security measures are in place and aligned with enterprise architecture standards and principles. About The Role The Sr. Security Researcher is responsible for leading and executing offensive security assessments (red teaming) against the organization's systems and networks. This role will leverage advanced penetration testing, social engineering, and other offensive security techniques to identify and exploit vulnerabilities, simulate real-world threats, and enhance the organization's overall security posture. Responsibilities Lead and execute red team engagements: Develop and execute comprehensive red team assessments, including reconnaissance, vulnerability scanning, exploitation, and post-exploitation activities. Lead and mentor junior red team members, providing guidance, training, and hands-on experience. Develop and maintain red team methodologies, tools, and infrastructure. Conduct threat modeling and risk assessments to identify potential attack vectors and prioritize targets. Develop and execute social engineering campaigns, including phishing, vishing, and physical penetration tests. Vulnerability research and exploitation: Stay abreast of the latest threat intelligence, vulnerabilities, and exploits. Research and develop new exploitation techniques and tools. Conduct in-depth analysis of vulnerabilities and their potential impact. Reporting and communication: Prepare detailed and concise reports documenting red team findings, including technical details, impact assessments, and remediation recommendations. Effectively communicate findings to technical and non-technical audiences, including senior management. Present findings and recommendations at security forums and conferences (optional). Security awareness and training: Develop and deliver security awareness training programs to employees on topics such as social engineering, phishing, and secure coding practices. Conduct security awareness campaigns to raise employee awareness of security threats and best practices. Collaboration: Collaborate with other security teams (e.g., blue team, incident response) to improve overall security posture. Work with development teams to identify and remediate security vulnerabilities in applications and systems. Build and maintain relationships with external security researchers and the cybersecurity community. Skills and Qualifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 5+ years of experience in cybersecurity, with 3+ years of hands-on experience in penetration testing, red teaming. Understanding of blended attacks. Proven experience leading and mentoring junior security professionals. Strong understanding of networking, systems administration, and programming concepts. Expertise in penetration testing methodologies and tools (e.g., Cobalt Strike, Outflank, Sliver, PowerShell Empire, Metasploit, Kali Linux, Nmap). Proficiency in scripting languages (e.g., Python, Ruby, PowerShell). Strong understanding of network protocols (e.g., TCP/IP, HTTP, DNS). Experience with vulnerability scanners, intrusion detection systems, and firewalls. Experience with cloud security (e.g., AWS, Azure, GCP) is a plus. Relevant security certifications (e.g., RTO I, RTO II, OSCP, OSCE, GPEN, CRTP) are highly desired. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Strong attention to detail and accuracy. Ability to adapt to new technologies and challenges. Project Management. Compensation The anticipated salary range for this position is $140,000 to $165,000 at the commencement of employment. Not all candidates will be eligible for the upper end of the salary range. The actual compensation offered will ultimately be dependent on multiple factors, which may include the candidate's geographic location, skills, experience and other qualifications. In addition, the position is eligible for a discretionary bonus in accordance with the terms of the applicable incentive plan. Corebridge also offers a range of competitive benefits as part of the total compensation package, as detailed below. Work Location This position is based in Corebridge Financial's Jersey City, NC, Houston, TX, or Durham, NC office and is subject to our hybrid working policy, which gives colleagues the benefits of working both in an office and remotely. #LI-SAFG #LI-CW1 #LI-Hybrid Why Corebridge? At Corebridge Financial, we prioritize the health, well-being, and work-life balance of our employees. Our comprehensive benefits and wellness program is designed to support employees both personally and professionally, ensuring that they have the resources and flexibility needed to thrive. Benefit Offerings Include: Health and Wellness: We offer a range of medical, dental and vision insurance plans, as well as mental health support and wellness initiatives to promote overall well-being. Retirement Savings: We offer retirement benefits options, which vary by location. In the U.S., our competitive 401(k) Plan offers a generous dollar-for-dollar Company matching contribution of up to 6% of eligible pay and a Company contribution equal to 3% of eligible pay (subject to annual IRS limits and Plan terms). These Company contributions vest immediately. Employee Assistance Program: Confidential counseling services and resources are available to all employees. Matching charitable donations: Corebridge matches donations to tax-exempt organizations 1:1, up to $5,000. Volunteer Time Off: Employees may use up to 16 volunteer hours annually to support activities that enhance and serve communities where employees live and work. Paid Time Off: Eligible employees start off with at least 24 Paid Time Off (PTO) days so they can take time off for themselves and their families when they need it. Eligibility for and participation in employer-sponsored benefit plans and Company programs will be subject to applicable law, governing Plan document(s) and Company policy. We are an Equal Opportunity Employer Corebridge Financial, is committed to being an equal opportunity employer and we comply with all applicable federal, state, and local fair employment laws. All applicants will be considered for employment based on job-related qualifications and without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, neurodivergence, age, veteran status, or any other protected characteristic. The Company is also committed to compliance with all fair employment practices regarding citizenship and immigration status. At Corebridge Financial, we believe that diversity and inclusion are critical to building a creative workplace that leads to innovation, growth, and profitability. Through a wide variety of programs and initiatives, we invest in each employee, seeking to ensure that our colleagues are respected as individuals and valued for their unique perspectives. Corebridge Financial is committed to working with and providing reasonable accommodations to job applicants and employees, including any accommodations needed on the basis of physical or mental disabilities or sincerely held religious beliefs. If you believe you need a reasonable accommodation in order to search for a job opening or to complete any part of the application or hiring process, please send an email to ******************************************. Reasonable accommodations will be determined on a case-by-case basis, in accordance with applicable federal, state, and local law. We will consider for employment qualified applicants with criminal histories, consistent with applicable law. To learn more please visit: *************************** Functional Area: IT - Information TechnologyEstimated Travel Percentage (%): Up to 25%Relocation Provided: NoAmerican General Life Insurance Company

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! Job Description: Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the vulnerability of the bank's applications to malicious hacking activity. This intermediate technical role is responsible for performing application security assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include performing research, understanding the bank's security policies, working with the appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. Key Responsibilities in order of importance: * Perform assigned analysis of internal and external threats on information systems and predict future threat behavior * Incorporate threat actors' tactics, techniques, and procedures into offensive security testing * Perform assessments of the security, effectiveness, and practicality of multiple technology systems * Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. * Prepare and present detailed technical information for various media including documents, reports, and notifications * Provide clear and practical advice regarding managed risks * Learn and develop advanced technical and leadership skills, Mentor Junior assessors in technical tradecraft and soft skills Required Skills: * Minimum of 4 years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment * Detailed technical knowledge in at least 3 of the following areas: security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services * SQL injection/XSS attack without the use of tools * Experience performing manual code reviews for security relevant issues * Experience working with SAST tools to identify vulnerabilities * Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings * Experience performing manual web application assessments i.e., must be able to simulate a * Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) * Experience with vulnerability assessment tools and penetration testing techniques * Solid programming/debugging skills * Experience of using a variety of tools, included, but not limited to, IBM AppScan, Burp and SQL Map * Threat Analysis * Innovative Thinking * Technology Systems Assessment * Technical Documentation * Advisory Desired: * CISSP, CEH, OSCP, OSWE, GPEN, PenTest+ or similar * Strong programming/scripting skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. Shift: 1st shift (United States of America) Hours Per Week: 40

ADP is hiring a Lead Cloud Security Analyst in our Roseland, NJ office. This is a hybrid role. As a Lead Cloud Security Analyst, you will join a highly skilled team providing world-class infrastructure and network security assessments and security consultation for ADP's Global Security Organization (GSO). This team is responsible for the execution of ADP's global Compliance and Vulnerability Management Program (CVM) program for infrastructure and network across Cloud and on-premises locations. Services provided to the organization include Vulnerability management program management including Zero-day vulnerability response & Secure OS Build Compliance for cloud/container infrastructure as well as on-premises servers/endpoints. You will focus on supporting CVM Cloud initiatives by leveraging a variety of security tools. Working closely with product and technology teams, with your knowledge of industry standards, you will be ensuring our infrastructure meets and maintains the requirements of our CVM security program. To succeed in this position, you'll need knowledge and experience in securing cloud environments (AWS is a MUST) and in developing or being a part of a vulnerability management program working with a variety of product/DevOps teams. Experience with the use of security tools for scanning and detection coupled with the ability to analyze the results across a large data set using database and scripting tools. Balance that with ability to stay ahead of threats and security trends while refining processes in a rapidly changing environment to drive and evolve the program. Like what you see? Apply now! Learn more about ADP at tech.adp.com/careers WHAT YOU'LL DO: Here's what you can expect on a typical day in the life of a Lead Cloud Security Analyst at ADP. Develop: Using existing tools, leverage available data to prioritize what should be addressed to reduce risk in the environment. Measure: Develop metrics to track and show the performance of the program. Communicate: From working with technical teams to understand/solve security issues to summarizing status for senior management. Challenges: Across hundreds of products and a large global infrastructure, no day is the same and we must be prepared to respond to challenges presented. Risk Management: Understand and evaluate/respond to risks/vulnerabilities and how to mitigate them. Experience You'll Need: Deep understanding of information security specifically in the realm of vulnerability management (VM) Deep understanding of Cloud Security (AWS - Must, Other Cloud environments - Preferred) Experience managing/building VM programs - defining and building metrics, automation of response and remediation (guidance) Strong analytical/problem solving skills and cross functional knowledge across multiple development and security disciplines. Understanding of security and compliance tools such as Qualys, Crowdstrike etc. Experience working with CSPM tools such as Wiz, Prisma, Dome9/Cloudguard, etc. Ability to communicate security-related concepts to a broad range of technical and non-technical staff. Experience in scripting languages (Python - Preferred) and SQL Queries (Strong emphasis on Data Analytics) To Succeed in This Role: You'll have a bachelor's degree OR equivalent. Any of the following are a plus but not necessary: CISSP, CISM, etc. YOU'LL LOVE WORKING HERE BECAUSE YOU CAN: Team collaboration. Courage comes from how associates are willing to have difficult conversations, speak up, be an owner, and challenge one another's ideas to net out the best solution. Deliver at epic scale. We deliver real user outcomes using strong judgment and good instincts. We're obsessed with the art of achieving simplicity with a focus on client happiness and productivity. Be surrounded by curious learners. We align ourselves with other smart people in an environment where we grow and elevate one another to the next level. We encourage our associates to listen, stay agile, and learn from mistakes. Act like an owner & doer. Mission-driven and committed to navigating change, you will be encouraged to take on any challenge and solve complex problems. No tasks are beneath or too great for us. We are hands-on and willing to master our craft. Give back to others. Always do the right thing for our clients and our community and humbly give back to the community where we live and work. Support our associates in times of need through ADP's Philanthropic Foundation. Join a company committed to equality and equity. Our goal is to impact lasting change through our actions. What are you waiting for? Apply today! Find out why people come to ADP and why they stay: https://youtu.be/ODb8lxBrxrY (ADA version: https://youtu.be/IQjUCA8SOoA )

E*Pro Consulting service offerings include contingent Staff Augmentation of IT professionals, Permanent Recruiting and Temp-to-Hire. In addition, our industry expertise and knowledge within financial services, Insurance, Telecom, Manufacturing, Technology, Media and Entertainment, Pharmaceutical, Health Care and service industries ensures our services are customized to meet specific needs. For more details please visit our website ***************** We have been retained for providing recruiting assistance, for direct hires, by one of the world-leading information technology consulting, services, and business process outsourcing organization that envisioned and pioneered the adoption of the flexible global business practices that today enable companies to operate more efficiently and produce more value. Job Description Required Skills: • knowledge of SAP Identity Management 7.2 version • knowledge of SAP IDM integration points with SAP and non-SAP products/tools • LDAP/Active Directory, PD-Org, NWBC, Solution Manager 7.1. • Experience in SAP security, SAP GRC is a plus. • Basis experience is a plus • 6+ years of SAP Identity Management Implementation and support experience. • Experience as the SAP IDM SME in at least 2 implementations • Experience with gap analysis and strategic roadmap/blueprint development • Experience in configuring SAP IDM for user provisioning in a complex SAP landscape comprising of ABAP, JAVA and duel stack systems as well as non-SAP systems • Involve in Onsite-Offshore coordination activities (handover-takeover, off business hour activity tracking, offshore reporting) • Provide SAP IDM support to SAP implementation as well as support teams and internal customers/clients Additional Information All your information will be kept confidential according to EEO guidelines.

Why us? You will be part of a team that believes that believes in employees success! They are a dynamic, fast growing company with great opportunities and an employee focused company culture. Join this fantastic team today and make a difference in your life and the lives of those around you! They are an equal opportunity employer and value diversity at our company. Job Description Strong knowledge of Information Security concepts such as: •Encryption, Cloud and Mobile Device Security •Data Loss and Prevention tools and solutions •Risk-Threat Analysis and Vulnerability Assessments •Enterprise Security Monitoring, Role-Based Access Control (RBAC) •Identity and Access Management, Computer Forensic •IT Audit and Compliance, Regulatory Requirements (HIPAA, CMS, FISMA, et. al.) •Knowledge of common vulnerability tools, and the ability to identify basic categories of vulnerability. Sounds like you? then ping us with your most updated resume. We'd love to talk to you! We are excited about the companies growth and the role you will play with them. Qualifications Desired Skills & Experience: You hold a Bachelor's degree in any domain. You are certified in CISSP, or CISA, or CEH, required. You have more than 1 year experience working in the IT security function. You have good experience with Operating System, Database, Network and Application Security. Additional Information All your information will be kept confidential according to EEO guidelines. Ping me at **********************

Denver, Colorado;Seattle, Washington; Jersey City, New Jersey; Boston, Massachusetts; Washington, District of Columbia; Charlotte, North Carolina; Jacksonville, Florida; Chicago, Illinois **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (****************************************************************************************** **:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! **Job Description:** Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the vulnerability of the bank's applications to malicious hacking activity. This intermediate technical role is responsible for performing application security assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include performing research, understanding the bank's security policies, working with the appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. Key Responsibilities in order of importance: + Perform assigned analysis of internal and external threats on information systems and predict future threat behavior + Incorporate threat actors' tactics, techniques, and procedures into offensive security testing + Perform assessments of the security, effectiveness, and practicality of multiple technology systems + Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. + Prepare and present detailed technical information for various media including documents, reports, and notifications + Provide clear and practical advice regarding managed risks + Learn and develop advanced technical and leadership skills, Mentor Junior assessors in technical tradecraft and soft skills Required Skills: + Minimum of 4 years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment + Detailed technical knowledge in at least 3 of the following areas: security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services + SQL injection/XSS attack without the use of tools + Experience performing manual code reviews for security relevant issues + Experience working with SAST tools to identify vulnerabilities + Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings + Experience performing manual web application assessments i.e., must be able to simulate a + Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) + Experience with vulnerability assessment tools and penetration testing techniques + Solid programming/debugging skills + Experience of using a variety of tools, included, but not limited to, IBM AppScan, Burp and SQL Map + Threat Analysis + Innovative Thinking + Technology Systems Assessment + Technical Documentation + Advisory Desired: + CISSP, CEH, OSCP, OSWE, GPEN, PenTest+ or similar + Strong programming/scripting skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your **"Know your Rights (************************************************************************************** "** poster. **View the LA County Fair Chance Ordinance (************************************************************************************************** .** Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.