Security engineer jobs in Pflugerville, TX

Work involves assisting in supervision and service delivery control of the TxDOT Cybersecurity Operations tools team comprising of seven (8) staff augmentation contractors. Employee will ensure real-time data, metrics, and correlated incident input to the CSOC Incident Response Team. Works under minimal supervision, with extensive latitude for the use of initiative and independent judgment. DUTIES Employee will assist in supervising and managing the TxDOT Cybersecurity Operations Tools Team; will work under the management of the TXDOT Cybersecurity Officer; will be responsible for administration, maintenance, and resilience of Cybersecurity tools; real-time data, metrics, and correlated incident input to the CSOC Manager for use in daily monitoring and incident response; and support of daily operations and incident response activities. Employee will provide tooling input for end of month and annual reporting requirements as dictated by TxDOT. As appropriate, Employee will provide recommendations for improvements in daily operations, resilience, and Cybersecurity operational maturity. Employee will be responsible for planning and management of tooling deployment and operating\managing the security tool sets. Employee will be responsible for assisting in managing ongoing agency cybersecurity programs (e.g. Tabletop exercises). Team members will provide services in the following areas: • Custom Managed Scanning Services • Custom Managed Endpoint Protection • Managed CISCO Secure Network Analytics Service • Security Information and Event Management (SIEM) administration Years Skills/Experience 8 years' Technical Team Management experience 8 years' Deployment and configuration of Network Security monitoring and incident response tools (EDR, Scanners, SIEM, Netflow, etc) 8 years' Administration of Network Security monitoring and incident response tools (EDR, Scanners, SIEM, Netflow, etc) 8 years' Participation and experience in intrusion detection and incident response activities 8 years' Effective, professional business communication and reporting Years Skills/Experience 8 years' Experience with the CISCO security suite of tools 8 years' Experience with Microsoft EDR tools 8 years' Experience with Microsoft Sentinel 8 years' Experience with the Tenable suite of tools

Hi All, *** Greetings from My3tech *** Role: Data Security Analyst 2 Duration: 6+ Months Minimum Qualifications Years Skills / Experience 3 Experience in a GRC, cybersecurity, or compliance role 3 Hands-on experience with GRC platforms (Diligent preferred) Strong understanding of NIST CSF 2.0, HIPAA, and state-level frameworks (Texas Cybersecurity Framework) Experience designing workflows and notifications within GRC tools Excellent communication and stakeholder engagement skills Preferred Qualifications Years Skills / Experience Familiarity with risk management methodologies Certifications such as CISA, CRISC, CISSP, or CGRC

Must Have Technical/Functional Skills New JD requirement: Security Consultant The hiring manager has shared the following details: · The manager is looking for candidates with relevant experience in GRC audit and risk assessment. · Ideal experience: 2-4 years in that domain. · Extensive experience in incident management is not required. Role expectations: 60% - Incident Life Cycle Management, 20% - Risk Assessment and Management across all suppliers and 20% - Audit Assessment, Additionally, a manufacturing industry background would be preferred. Cyber Security assessment Analyst conducts and supports the cyber security controls risk assessment and management process across all our suppliers. Responsibilities include assessing our suppliers' current adequacy of the security controls & strategy, business continuity /disaster recovery plans, threats to the systems, and then calculating the impact of potential adverse events. Audits and assessments must be continual, as the threat profiles change constantly. The Analyst will keep executive management up to date on the results of the risk assessment and make recommendations for mitigations, or projects, to protect supplier and customer systems Roles & Responsibilities • Demonstrate strong knowledge in IT controls, risk assessments, and assessment of security measures • Identify opportunities to continuously innovate and improve the program and value delivered to organization • Ensure successful completion of the annual supplier cyber security assessments • Independently and proactively plans and performs assigned audit engagements related to security, confidentiality, integrity, information protection and availability of data • Conduct cyber security assessments & evaluate in alignment to the supplier security control framework • Ensure effectiveness of approved controls and drive risk remediations or changes from previous audit for existing certified suppliers • Inform and advise business leaders on supplier's information security risks • Provide subject matter expertise in third-party risk management. • Proactively research and work in enhancing improvements to our existing process related to documentation and security assessments. • Automate security assessment processes & tools to review the security controls for cloud-based applications • Ability to multi-task and manage multiple global projects at the same time. • Ability to work collaboratively across diverse team in a matrix type organization • Bachelor's degree in Science & Engineering or technical discipline is required. • 7 years of information security & assessment experience with increased responsibilities • In-depth knowledge of security assessment/audit principles • Understanding of networking principles and data protection • Ability to identify problems, analyze data and present conclusions • Strong verbal, written and presentations skills • Knowledge of information security frameworks such as ISO 27001 /NIST CSF is preferred • Experience in supply chain cyber assessment and related tools usage is preferred • CISA, CISM, certifications are preferred • Excellent communication skills. • Able to work as part of a virtual global team with cultural, language, and time zone differences. • Able to deal with ambiguity and work independently with minimal supervision/guidance. Education and Requirements Qualifications: Bachelor's degree in Science & Engineering or technical discipline is required. 8 years of specializing in end-to-end incident lifecycle management including detection, triage, recovery, root cause analysis Proven expertise in coordinating cross-functional response teams, optimizing playbooks and maturing incident management processes aligned to NIST, ISO and MITRE ATT&CK Knowledge of NIST 800-61, MITRE ATTA&CK, ISO 27001, CIS Controls 7 years of information security & assessment experience with increased responsibilities In-depth knowledge of security assessment/audit principles TCS Employee Benefits Summary: Discretionary Annual Incentive. Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans. Family Support: Ma ternal & Parental Leaves. Insurance Options: Auto & Home Insurance, Identity Theft Protection. Convenience & Professional Growth: Commute r Benefits & Certification & Training Reimbursement. Time Off: Vacation, Time Off, Sick Leave & Holidays. Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing.

NVIDIA is looking for security researchers passionate about offensive research across different platforms. Do you have experience with identifying hardware and software vulnerabilities, developing PoC, and tools for automation in vulnerability research? Are you creative and devious in your offensive approach? We want to hear from you! You should demonstrate ability to excel in an environment with innovative and fast paced development on the worlds most powerful integrated software and hardware computing platform. What you'll be doing: * Core job duties will identify vulnerabilities in our embedded firmware and critical system software, building proof of concepts, and collaborating with development teams to remediate them. * Candidates will invest in improving current tools and offensive practices for bug discovery and evaluation while supporting remediation efforts. We expect team members to exercise modern tools for modeling new attack vectors on unreleased and emerging technology platforms. * The most impactful candidates can simulate real attacker behaviors, break systems by exploiting design assumption and effectively communicate their findings for action. Focus will be to increase resilience of the end products against all forms of attack through close collaboration with extended SW and HW offensive security teams. * Products targets span HPC data centers, consumer electronics, autonomous platforms, AI/cloud solutions, and a variety of embedded/IOT platforms providing a rich and complex target space to exercise your skills. What we need to see: * We'd like to see proven experience and offensive security research (CVE's, publications, patents, tools, bounties) with demonstrated responsible disclosure practices. * Strong skills in reverse engineering and automation (IDA, Ghidra), fuzzing (AFL, WinAFL, Syzcaller) and exploitation (ROP, memory corruption) are important to success; as well as understanding of modern embedded cryptography and common security issues. * Experience with ARM/X86/RISCV assembly (include shellcode development) and low-level C programming paired with understanding and experience with micro-architectural attacks (side channels, fault injection, etc) is critical. * Demonstrated skill for secure code reviews of complex source projects, and exposure to code quality practices (SDL, threat modeling) that support development goals. * Candidates should be comfortable working collaboratively and remotely with others to accomplish complex team goals, enabling delivery of outstanding security for our products. * BS/BA degree or equivalent experience * 12+ years in a security related field Ways to stand out from the crowd: * Navigating complex platform concerns and ability to analyze composed systems to identify high risk components and established testing targets and objectives. * Practical skills using Hex-Rays IDA Pro and plugin/loaders development (or similar experience with Ghidra) is valuable * Leveraging innovative strategies and AI advancements to accelerate discovery and resolution of security risks. * Experience with enclave models such as NVIDIA CC, ARM TEE, Intel SGX/TDX, AMD SEV-SNP and other isolation technologies. * Development and integration of AI tooling and skills to accelerate and improve activities and or experience with offensive actions targeting AI models (LLM or other) components within those platforms. NVIDIA has continuously reinvented itself over two decades. Our invention of the GPU in 1999 fueled the growth of the PC gaming market, redefined modern computer graphics, and revolutionized parallel computing. More recently, GPU deep learning ignited modern AI - the next era of computing. NVIDIA is a "learning machine" that constantly evolves by adapting to new opportunities that are hard to solve, that only we can pursue, and that matter to the world. This is our life's work, to amplify creativity and intelligence. Make the choice to join us today! Your base salary will be determined based on your location, experience, and the pay of employees in similar positions. The base salary range is 224,000 USD - 356,500 USD for Level 5, and 272,000 USD - 425,500 USD for Level 6. You will also be eligible for equity and benefits. Applications for this job will be accepted at least until October 5, 2025. NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.

Apple's Security Engineering u0026 Architecture organization is responsible for the security of all Apple products. Passionate about safeguarding our users, we believe that the best defense requires a great offense. When it comes to securing more than a billion devices running the world's most sophisticated operating systems, that means finding vulnerabilities first. Can you make a difference on this scale? Join our extraordinary team of security researchers and help protect all Apple users. We engage in diverse activities, including vulnerability research, binary exploitation, security tooling development, fuzzing, machine learning, and many more. By developing and harnessing state-of-the-art technologies, we amplify our impact on Apple's product security. We cover a wide range of specialities, including operating systems, firmware, microarchitecture, hardware, browser, messaging applications, Bluetooth, Wi-Fi, baseband, physical attacks including side-channel and fault injection, incident response, and more. As a member of our group, your primary responsibility will be to conduct offensive security research in one or more of these areas, often in cross-functional teams. This job is for individuals with outstanding technical skills, grit, and a genuine passion for breaking systems. If this is you, we'd love to hear from you. Ability to apply AI techniques and tools, such as LLM or Machine Learning, for security research Fluency with tool development, using programming languages such as C, C++, Python, Swift, or Objective-C Experience with reverse-engineering techniques and tools like IDA or Ghidra Knowledge of Apple operating systems like iOS or mac OS is nice-to-have, but not required Offensive security research experience Strong understanding of common vulnerability classes and exploitation techniques Creative and effective problem-solving and analytical skills Outstanding collaboration skills

CIP Cyber & Physical Security Analyst (Auditor) Texas Reliability Entity, Inc. (Texas RE) is hiring! We are seeking a CIP Cyber & Physical Security Analyst to join our team to conduct compliance engagements (audits) and internal control assessments based on risk within the Bulk Power System (Energy Sector). Who We Are At Texas RE, we affect the lives of millions of people by ensuring effective and efficient reduction of risks to the reliability and security of the Bulk Power System within the ERCOT Interconnection. The ERCOT Interconnection is located within the State of Texas and includes approximately 90% of Texas's electric load and 75% of its land area. Texas RE's teams support this this mission while enjoying a flexible work environment, open collaboration, and a culture that values diversity, equity, and inclusion. Employees work a hybrid work schedule consisting of, at least, two days in the office (Tuesdays and Wednesdays) with the option of working three days remotely. Additionally, employees have the option to take advantage of Flexible Friday, where employees may shift working hours to earlier in the week instead of on Friday afternoon. Considered candidates will be required to reside in the Austin-metro area or be able to reliably commute to the office within a reasonable amount of time. Summary of Responsibilities The Critical Infrastructure Protection (CIP) Cyber and Physical Security Analyst is responsible for performing NERC Reliability Standard compliance engagements and other compliance program activities. The position is expected to develop expertise in the areas of information technology, operational technology, security, electrical power industry, professional auditing, and risk-based compliance processes. This position prepares and performs engagements to evaluate NERC registered entities for compliance with the NERC Reliability Standards. This position has significant contact with personnel who manage, operate, plan, and oversee generation, transmission, distribution, and cyber/physical security. This position ensures information obtained is consistent and accurate and prepares documentation and reports for the engaged NERC registered entity, NERC, FERC, Texas RE management, and the Texas RE Board. The CIP Cyber and Physical Security Analyst works independently and in a collaborative team environment while reporting to the Manager, CIP Compliance Monitoring/Director, Compliance Assessments. The CIP Cyber and Physical Security Analyst is also responsible for assisting with efforts to compose guidance, respond to registered entity questions and provide outreach and training. Essential Job Duties Ability to travel up to 30%. Plans, supports, and conducts: Compliance engagements and internal control assessments of NERC registered entities required for security and reliability issues as a subject matter expert. Data analysis and correlation as necessary through statistical, judgmental, and/or mathematical methods. Internal and external training and outreach. Develops, maintains, and delivers: Detailed, accurate, and concise audit workpapers, findings, presentations, and reports. Adherence to departmental procedures and work instructions. Confidentiality and integrity of evidence, findings, reports, and any other records. Efficiently and effectively: Communicates strongly within the organization and externally with stakeholders. Collaborates with the ERO Enterprise and industry on compliance, reliability, and security matters. Works independently, proactively, and productively to ensure all work responsibilities (audits, projects, outreach, etc.) are successfully completed. General Job Requirements Bachelor's degree in Computer Science or Engineering field of study (or six years applicable experience Between 1 to 5 years in excess of degree requirements stated above of progressively responsible experience Problem solving skills Organizational skills Presentation skills Interpersonal, verbal, and written communication skills Willingness to learn, retain, and share technical knowledge and skills. Preferred Job Skills One of the following active certifications: Security: A+, Network+, Security+, Systems Security Certified Practitioner (SSCP), GIAC Critical Infrastructure Protection Certification (GCIP) Audit: Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Risk and Information Systems Control (CRISC) Knowledge of Industrial Control Systems (SCADA, distributed control systems, relays, etc.) and other utility Operational Technology or Information Technology systems. Self-motivated with the ability to manage work objectives efficiently and effectively to meet deadlines. Solutions-driven with the ability to make sound and independent judgment(s). Ability to adhere to strong professional standards when interacting with others. Company Benefits Texas RE pays 100% of employee-only coverage for medical, dental, vision, life and ADD, short-term and long-term disability, and long-term care insurance, as well as the employee assistance program. Additional benefits are offered at a minimal cost to the employee such as dependent medical, dental, voluntary life and ADD for employees, spouses, and children, additional long-term care coverage for family members, legal services and identity protection. Texas RE provides a generous 401(k) or Roth 401(k) savings plan for employees, contributing 10% of an employee's compensation towards the retirement plan with full vesting after three (3) years. Additionally, Texas RE will match 75%, up to 6%, of employee contributions, with vesting at 20% per year and full vesting at five (5) years of employment. Additional Information for Applicants Background checks (including criminal history and drug screening, education and employment verification) will be conducted prior to employment. Certain positions require travel outside the U.S.; valid passport necessary for those positions. Texas RE has restrictions on employee and employee's household members' employment and financial relationships with NERC registered entities. Additional details furnished upon request. Texas RE is committed to attracting top talent from a diverse candidate pool. During the interview process, candidates will meet with a cross-section of Texas RE employees who bring a broad set of perspectives to the discussion. Our inclusive, friendly work environment encourages employees to collaborate across and outside of our organization, while also offering opportunities for personal growth. Our team of professional, technical, and administrative staff derives its collective strength from our varied backgrounds. Texas RE is an equal employment opportunity employer and prohibits discrimination against employees or job applicants on the basis of race, color, sex (including sexual orientation, gender identity/transgender status, and pregnancy), religion, national origin, age (40 or older), disability, veteran status, marital status, genetic information, or other status protected by law.

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

Who is Zenoss? Building an exceptional company starts with the right people. Zenoss recruits and retains high-caliber people with “can-do” attitudes, creates an environment where they can innovate and achieve their best, and rewards them for delivering superior results. Zenoss is an equal opportunity employer. We value an inclusive environment and encourage diversity in the workplace. Are you a “ People Who Do ,” ready to join a team that will make its mark around the globe? As Security Engineer, you will perform a critical role in the company of managing risk, audit compliance, and maintaining and updating the company's security posture in an ever-evolving regulatory and threat landscape. You have the skills to translate security standards and regulatory criteria into software product functions, cloud infrastructure architecture, and operational processes. You conduct periodic internal audits and coordinate with third-party auditors to facilitate audit compliance and work with internal leaders to modify and elevate internal controls. You directly oversee risk assessment management processes and partner with cross-functional leaders to identify risks and collectively present them to executive leadership. You help develop and maintain data flow documentation, privacy policies, and associated processes to ensure compliance with data privacy regulations. You ensure efficient knowledge management of company processes, security details, and product features to enable rapid response to external parties evaluating Zenoss. This is an ideal role for a self-motivated professional with a passion for technology, security and audit compliance. This position can be Remote (Work from Home) or work out of our Austin, TX office. Responsibilities: Develop, implement and maintain security policies and procedures to ensure the protection of company assets and data Conduct regular security assessments and audits to identify vulnerabilities and recommend solutions Monitor and respond to security incidents, ensuring timely resolution and mitigation of risks Collaborate with cross-functional teams to integrate security best practices into our development, operations and product life cycle Stay current with industry trends and emerging threats and recommend proactive measures to enhance our security posture Assist in maintaining security compliance standards Work closely with CISO to continue to develop and maintain the company's security posture Articulate the Zenoss security program to potential and existing customers Develop metrics for program success for presentation to executive management Qualifications: Bachelor's degree in computer science, information security or related field 2+ years of experience in information security, preferably in a technology or software development environment Strong understanding of security principles, standards and best practices Experience with security tools and technologies such as SIEM, IDS/IPS, firewalls and endpoint protection Excellent communication and interpersonal skills with the ability to collaborate effectively with colleagues at all levels of the organization Relevant certifications such as CISSP, CISM or CompTIA Security+ are a plus but not required Benefits: Competitive salary Health, dental and vision insurance Flexible work schedule Opportunities for professional development and growth If you're passionate about cybersecurity and eager to make a meaningful impact in a fast-paced environment, we'd love to hear from you! A candidate's Work Status is limited to only those legally authorized to work in the United States on a full-time basis without visa sponsorship. No third-party candidates, please. More about Zenoss: Individually Unique. Better Together. When we come together, we accomplish amazing things. Zenoss is an established company with a start-up, entrepreneurial environment. We have a collaborative culture that is focused around making our customers successful. One thing we're not is a new-kid-on-the-street startup. Founded in 2005, we're far removed from a few folks in a garage with one great idea. We are a midsize company filled with people who have proven work experience, are smart, nimble, and capable. We have credibility: Zenoss helps world-renowned enterprise customers run their IT infrastructure. Some of the most critical aspects of business rely on Zenoss. It's exciting to be part of growing and servicing these types of customers.

As passionate about our people as we are about our mission. Why Join Q2? Q2 is a leading provider of digital banking and lending solutions to banks, credit unions, alternative finance companies, and fintechs in the U.S. and internationally. Our mission is simple: build strong and diverse communities through innovative financial technology-and we do that by empowering our people to help create success for our customers. What Makes Q2 Special? Being as passionate about our people as we are about our mission. We celebrate our employees in many ways, including our "Circle of Awesomeness" award ceremony and day of employee celebration among others! We invest in the growth and development of our team members through ongoing learning opportunities, mentorship programs, internal mobility, and meaningful leadership relationships. We also know that nothing builds trust and collaboration like having fun. We hold an annual Dodgeball for Charity event at our Q2 Stadium in Austin, inviting other local companies to play, and community organizations we support to raise money and awareness together. As an Application Security Engineer, you will play a critical role in safeguarding the security of our software products and development lifecycle. This role focuses on managing and optimizing code scanning tools, identifying vulnerabilities, and ensuring secure coding practices are embedded into every stage of software development. You will collaborate with engineering teams to provide actionable security guidance, design metrics to measure security effectiveness, and create strategies to continuously improve application security. By integrating cutting-edge tools and techniques, you will ensure that our applications meet the highest standards of security and resilience, ultimately protecting the organization and its users from emerging threats. Key Responsibilities * Manage and optimize code scanning tools (e.g., SAST, DAST) to detect and remediate security vulnerabilities. * Provide security guidance and best practices to engineering teams throughout the software development lifecycle. * Design, maintain, and report on application security metrics and dashboards to track progress and effectiveness. * Perform security assessments, including threat modeling and architecture reviews for new features and applications. * Collaborate with DevOps and CI/CD teams to integrate security tools seamlessly into development pipelines. * Stay up-to-date on the latest security threats, vulnerabilities, and remediation strategies to evolve application security practices. * Deliver secure coding training and resources to engineering teams to foster a security first culture. * Own and lead the Security Champions program to drive secure practices and cross-functional engagement. Things You Will Need to Be Successful in This Role * Typically requires a Bachelor's degree in a technical field such as Computer Science, Information Security, Information Technology or equivalent experience and may require up to 2 years of related experience; or an advanced degree without experience. * Proficiency with code scanning tools (e.g., SAST, DAST) * Deep understanding of secure coding practices and standards (e.g., OWASP Top Ten). * Hands-on experience with programming languages such as Python, Java, JavaScript, or C#. * Familiarity with CI/CD pipelines and integrating security tools into DevOps workflows. * Strong analytical skills to interpret scan results and prioritize remediation efforts. * Certifications (Preferred): CSSLP or relevant security certifications. * Excellent communication and collaboration skills to work effectively with cross-functional teams. * A proactive and detail-oriented mindset to identify and mitigate risks early in the development lifecycle. This position requires fluent written and oral communication in English. Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time. Health & Wellness * Hybrid Work Opportunities * Flexible Time Off * Career Development & Mentoring Programs * Health & Wellness Benefits, including competitive health insurance offerings and generous paid parental leave for eligible new parents * Community Volunteering & Company Philanthropy Programs * Employee Peer Recognition Programs - "You Earned it" Click here to find out more about the benefits we offer. Our Culture & Commitment: We're proud to foster a supportive, inclusive environment where career growth, collaboration, and wellness are prioritized. And our benefits go beyond healthcare-offering resources for physical, mental, and professional well-being. Click here to find out more about the benefits we offer. Q2 employees are encouraged to give back through volunteer work and nonprofit support through our Spark Program (see more). We believe in making an impact-in the industry and in the community. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, or veteran status. Applicants in California or Washington State may not be exempt from federal and state overtime requirements

We are looking for a skilled Security Engineer to analyze software designs and implementations from a security perspective, and identify and resolve security issues. You will include the appropriate security analysis, defences and countermeasures at each phase of the software development lifecycle, to result in robust and reliable software. Responsibilities Implement, test and operate advanced software security techniques in compliance with a technical reference architecture Perform on-going security testing and code review to improve software security Troubleshoot and debug issues that arise Provide engineering designs for new software solutions to help mitigate security vulnerabilities Contribute to all levels of the architecture Maintain technical documentation Consult team members on secure coding practices Develop a familiarity with new tools and best practices Requirements Proven work experience as a software security engineer Detailed technical knowledge of techniques, standards and state-of-the-art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation Software development experience in one of the following core languages: Ruby on Rails, Java, Javascript and .NET Adequate knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures) and of network/web related protocols Interest in all aspects of security research and development BS degree in Computer Science or related field

We're an industry-leading health technology company on a mission to help people get better. We started in 2011 with one simple idea. Make it easier for practitioners to access the products they trust so they can deliver better care. That simple idea grew into a platform that powers every part of care. Today, more than 125,000 practitioners use Fullscript for clinical insights, lab interpretations, patient analytics, education, and access to high-quality supplements. Over 10 million patients rely on Fullscript to stay connected to their care plans and follow through on treatment. We build tools that make care smarter and more human. Tools that save time, simplify decisions, and help practitioners stay closely connected to the people they care for. When everything they need is in one place, they can focus on what matters most: helping people get better. This is your invitation. Bring your ideas, your grit, and your care for people.Join us and shape the future of care. Fullscript is seeking a seasoned Staff Security Engineer to join our security team as a senior technical leader. In this role, you'll shape the technical vision for product and AI security across the organization, mentoring teammates and driving impact through deep technical expertise and cross-functional collaboration.What you'll do: Lead the design and implementation of robust security architectures for Fullscript's applications, and AI initiatives. Collaborate closely with engineering teams to embed security into the development lifecycle, including threat modeling, security coding practices, and design reviews. Drive AI security best practices, ensuring responsible deployment, and mitigation of risks such as data poisoning, prompt injection, or model exploitation. Mentor engineers and other security team members, fostering a culture of security awareness and technical excellence across the organization. Conduct technical risk assessments, security research, and code reviews to proactively identify and remediate vulnerabilities. Influence cross-functional teams through technical leadership, helping define security standards and strategies that scale across Fullscript's products and AI ecosystem. Stay ahead of emerging threats, attack vectors, and AI-specific security challenges to guide strategic decisions for the organization's security posture. What you bring to the table: Deep technical expertise in application security, and secure software development. Experience with AI/ML security. Strong understanding of modern software architectures, cloud environments, and APIs. Proven ability to influence and mentor engineers across teams, fostering security-first thinking and best practices. Hands-on experience with security tooling and automation, including static/dynamic analysis, monitoring, and observability systems. Strong problem solving skills, able to balance security rigor with product velocity. Excellent communication and collaboration skills, able to translate complex security concepts to technical and non-technical stakeholders. Additional experience we value: Experience with protecting / hardening of health data. Experience securing Ruby on Rails, Javascript, GraphQL applications. Familiarity with regulatory and compliance frameworks relevant to software and AI security is a plus (e.g. SOC 2, NIST). What we can offer you: Generous PTO and competitive pay. Fullscript's RRSP match program for financial health. Flexible benefits package and workplace wellness program. Training budget and company-wide learning initiatives. Discount on Fullscript catalog of products. Ability to work Wherever You Work Well* Why Fullscript Great work happens when people feel supported, trusted, and inspired. At Fullscript, we stay curious and keep finding smarter ways to make care better. We grow together, take on new challenges, and focus on impact. We put people first, work as a team, and leave egos at the door. What to Know Before You Apply We're grateful for the interest in joining Fullscript. To make sure your application reaches our hiring team, please apply directly through our careers page. We're not able to respond to individual messages about open roles on email or social channels. Fullscript is an equal opportunity employer committed to creating an inclusive workplace. Accommodations are available upon request at [email protected]. All offers are contingent on successful background checks conducted in compliance with federal, state, and provincial laws.We use AI tools to support parts of the hiring process, including screening and reviewing responses. Final hiring decisions are always made by people and follow all applicable privacy and employment laws in Canada and the U.S. Learn More ***************************** HQ on instagram Let's make healthcare whole We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Support senior cybersecurity staff in evaluating cybersecurity risks across commercial real estate (CRE) environments. Responsibilities include assisting with network security assessments, reviewing access controls, identifying common misconfigurations, running vulnerability scans, documenting networks/systems, and preparing clear reports. Scope spans both IT and OT (building systems such as BMS/BAS, HVAC, access control, CCTV). Key Responsibilities Perform asset discovery and initial scans to identify hosts, services, and firmware versions (e.g., Nmap). Review firewalls, VPNs, and endpoint security to identify misconfigurations and vulnerabilities Evaluate switch/router configurations for proper segmentation Document current-state diagrams and asset inventories Assess BMS/BAS, IoT, and physical security systems for cyber risk with minimal disruption to operations. Identify common gaps (weak/default credentials, unpatched systems, outdated TLS, flat networks, exposed management interfaces, insecure vendor remote access). Support remediation by coordinating with IT teams, vendors, and property managers; verify fixes and retest critical findings. Prepare and maintain assessment artifacts: asset lists, risk-rated findings, evidence, compliance checklists, and client-ready reports. Track emerging threats and advisories relevant to smart buildings/IoT and CRE environments; summarize impact for the team. Qualifications Associate's or Bachelor's in Cybersecurity/IT (or 2+ years equivalent hands-on experience). Familiarity with core security technologies: Firewalls (e.g., Fortinet, Palo Alto), IAM/MFA (e.g., Entra ID/Azure AD), and EDR (e.g., SentinelOne). Intermediate networking: TCP/UDP, routing basics, Layer-3 switches, VPNs (IPsec/SSL), VLANs, ACLs, NAT, DHCP/DNS, Wi-Fi/WPA3. Working knowledge of Windows client/server; basic Linux familiarity. Strong documentation and communication skills; ability to translate technical findings into clear business impact. Nice to Have Exposure to vulnerability management tooling and concepts. OT/IoT awareness: BACnet/Modbus basics, safety-first testing on live control networks, maintenance-window/change-control etiquette. Firewalls and platforms: Palo Alto, Fortinet, Check Point; switch stacks (Cisco Catalyst/Meraki, UniFi). Identity, privileged access, and remote access hygiene Endpoint and device management Scripting/automation Ticketing and knowledge tools (ServiceNow/Jira/Confluence); diagramming (Visio/draw.io). Familiarity with frameworks and benchmarks: NIST CSF 2.0, CIS Controls Travel: Regular on-site visits to local properties (50%) with occasional out-of-area travel (5-10%) Benefits Medical, dental, and vision insurance Life insurance Long-term disability Paid vacation Paid holidays Simple IRA (401K equivalent) for eligible employees Stocked snack bar Company-sponsored outings Fitness center onsite

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

The Security Operations team is responsible for designing and driving information security initiatives at Tricentis including defining and enforcing policy, engineering defensive controls, and responding to incidents. We are seeking a candidate with a strong technical background who can adapt and thrive within a fast-growing SaaS environment. As a Senior Security Analyst, you will be a key component of our front-line defense and overall security posture. Responsibilities Include: Monitoring and reacting to security events Assisting in incident response efforts Planning, coordinating, and/or executing security assessments of networks, systems, applications, and cloud platforms Working with system owners and stakeholders to mitigate issues found in security assessments Assist with governance, risk, and compliance initiatives as needed Developing and curating threat intelligence Working with the greater Information Security team to define and implement security policies, procedures, and controls General awareness of developments in information security and help in guiding the company's response Providing security expertise and advice to other teams within the company Collaborating with other teams to solve business challenges Basic Qualifications: 5+ years of experience in information security concepts, controls, and technology Extensive experience with servers/workstations, computer networks, cloud platforms, their built-in security capabilities and hardening options Experience in a global SOC environment Experience with Azure and/or AWS cloud environments Experience with Log Management/SIEM tools Experience with EDR, Antivirus, and security tools Familiarity with the following security related disciplines with deep experience in several: Vulnerability management Forensic Analysis Application Security Cloud Security Posture Management IAM Penetration Testing Malware analysis Deep technical troubleshooting skills Familiarity with industry or regulatory compliance standards (CIS, NIST, SOC2, etc) Technical degree, certification, and/or 5+ years of experience related to information security Excellent communication skills, and the ability to explain security best practices to a non-technical audience Willingness and aptitude for learning new skills and adapting to new technologies Experience with programming and/or automation software Why Tricentis? Tricentis is currently investing heavily in our information security efforts so that means investing in YOU. We've allocated a budget for training, certifications, conference attendance, etc. and support participation in industry groups as well as speaking at events. As you are joining a company in a growth phase, we are interested in developing individuals that show leadership qualities into those that will build and oversee future teams. In addition to significant growth opportunities, you will get to help build our security stack, sourced from best-in-breed solutions and tooling. Tricentis Core Values: Knowing what we need to achieve and how to achieve it is important. Tricentis core values define our ways of working and the behaviors we model that create an enjoyable and successful Tricentis life. Demonstrate Self-Awareness: Own your strengths and limitations. Finish What We Start: Do what we say we are going to do. Move Fast: Create momentum and efficiency. Run Towards Change: Challenge the status quo. Serve Our Customers & Communities: Create a positive experience with each interaction. Solve Problems Together: We win or lose as one team. Think Big & Believe: Set extraordinary goals and believe you can achieve them. Why You'll Love Working at Tricentis: Market conform salary + success-oriented bonus Supportive and engaged leadership team 401(k) plan, full benefits package available Company paid Disability and Life Insurance Hybrid work environment Tricentis is proud to be an equal opportunity workplace. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran.

SpyCloud is on a mission to make the internet a safer place by disrupting the criminal underground. SpyCloud's solutions thwart cyberattacks and protect more than 4 billion accounts worldwide. Cybersecurity is an exciting, evolving space, and being at the forefront of the fight to disrupt cybercrime makes SpyCloud a special place to work. If you're driven to align your career with a fantastic mission, look no further! *This role can be hybrid out of Austin (preferred) or remote in the United States with occasional travel to the office (around once per quarter) We are looking for a passionate Senior Security Data Analyst/Python Developer to help us parse, transform, and analyze dirty data. The ideal candidate has a thorough understanding of Python, Data analysis techniques, AWS, ETL patterns, and Automation techniques. Our Stack: Python Linux Databases: Relational and NoSQL AWS (EC2, RDS, SQS, S3, Lambda, API Gateway, and more) What You'll Do: Parse and transform structured and unstructured datasets. Build Python-based automation for the parsing platform. Bring order to dirty and/or unstructured data. Develop ETL-style automation scripts. Maintain and improve the existing codebase and infrastructure. Manage the weekly data ingestion process. Collaborate with the team to design and build innovative data systems. Data analysis based on the consumption of blogs for the marketing team. Develop processes, standards and CI/CD pipelines to manage our codebase. Leverage AI to automatically parse data. Requirements: 5-7 years of professional experience as a Python developer. A love of working with data. Familiarity with cleaning/transforming data. Experience building data solutions and automation tools using Python. Proficient in Linux bash/ksh scripting and Regular Expressions. Interest in cybersecurity. Strong understanding of computer science fundamentals (data structures, algorithms, data processing). Experience with relational and NoSQL databases. Excellent communication skills. Great team player. Self-directed, empathetic, and eager to automate repetitive tasks. Able to switch contexts as business needs change. Nice to Have: Background or strong interest in cybersecurity. Familiarity with Git version control system. Experience with AWS (Compute, Storage, Database). Experience working with Infrastructure as Code (we use Terraform and Ansible). SpyCloud is not sponsoring visas at this time. U.S.-Based Benefits + Perks (for Full Time Employees): At SpyCloud, we are committed to working alongside individuals who are equally passionate about preventing cybercrime, regardless of their department or role. Guided by our core values in all business decisions, we prioritize unity in our mission and ensure all SpyCloud employees have the support and benefits they need to stay focused on our goals. In addition to our engaging workspace in South Austin, flexible and remote-friendly work options, and competitive salary package, we offer our employees a comprehensive benefits package that includes: 401(k) with Employer Contribution Health, Vision, and Dental Insurance Health Savings Account (HSA) available with Employer Contribution Employer Paid Life, Short-term, and Long-term Disability Insurance Generous PTO Plan and 16 paid holidays per year U.K.-Based Benefits + Perks (for Full Time Employees): Retirement Savings Plan with Employer Contribution Employer Provided Private Health Insurance and Healthcare Cashplan Employer Paid Life Insurance and Income Replacement Generous Holiday Plan and 14 paid holidays per year About SpyCloud: SpyCloud is on a mission to disrupt the cycle of cybercrime. As the leader in Cybercrime Analytics, our solutions thwart cyberattacks that originate from the use of stolen data, including account takeover, ransomware, and online fraud. More than 550 customers and partners trust SpyCloud to protect users' identities, prevent targeted attacks, and unmask adversaries attempting to harm businesses and their customers. To learn more and see insights on your company's exposed data, visit SpyCloud. Our Mission: Our mission is to make the internet a safer place by disrupting the criminal underground. Together with our customers and partners, we aim to end criminals' ability to profit from stolen information. Who We Are: SpyCloud is a place for innovative, collaborative, and problem-solvers to thrive. Individually, we're amazing, but together, we're unstoppable. We celebrate diversity and various perspectives and aim to create an inclusive and supportive environment for all. We are proud to be an Equal Employment Opportunity and Affirmative Action employer of choice. All aspects of employment decisions will be based on merit, performance, and business needs. We do not discriminate on the basis of any status protected under federal, state, or local law. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. Women, minorities, individuals with disabilities, and protected veterans are encouraged to apply. SpyCloud complies with applicable state and local laws governing nondiscrimination in employment. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. SpyCloud expressly prohibits any form of workplace harassment. Improper interference with the ability of SpyCloud's employees to perform their job duties may result in discipline up to and including discharge. SpyCloud shares the right to work and participates in the E-Verify program in all locations. If you need assistance or accommodation due to a disability, you may contact us. Our Culture: Our culture is something really special. We're all driven to disrupt the cybercriminal economy as we keep customer accounts safe from compromise. We support a truly worthy and serious mission, but we have fun doing it together. If you are driven, inventive, and collaborative, you'll fit right in. SpyCloud's Recruitment Policy: We will never ask an applicant for sensitive or personal financial information during the recruitment process. We advise all applicants seeking employment with SpyCloud to review available information on recruitment fraud. Anyone who suspects that they have been contacted by someone falsely representing SpyCloud should email ********************. Compensation Transparency Policy: At SpyCloud, we believe in transparency and fairness in compensation. We strive to ensure that all employees are fairly compensated for their contributions, and we openly discuss our compensation philosophy and structure. We are committed to providing competitive salaries and benefits packages to attract and retain top talent, and we encourage open dialogue and feedback regarding compensation matters. Learn more and apply: SpyCloud Careers

At Jamf, we believe in an open, flexible culture based on respect and trust. Our track record and thriving work environment all stem from the freedom we grant ourselves to get the job done right. We take pride in helping tens of thousands of customers around the globe succeed with Apple. The secret to our success lies in our connectivity, while operating with a high degree of flexibility. Work-life balance remains our priority while feeling connected is important to maintain our strong culture, achieve our goals, and thrive as #OneJamf. What you'll do at Jamf: The Senior Security Operations Engineer will work with the Cloud and Delivery team to continue to build, automate and maintain cloud security services in Azure. They will be responsible for leading the Security Design and Architecture, Log Collection, Security Incident Management, Identity and Access Management, Vulnerability and Patch management. They will be responsible for maintaining operation of the environment in accordance with our service level agreements and providing support to both our staff and customers. This role if offered as remote in Minneapolis, MN; Eau Claire, WI; or Austin, TX. You may be required to work periodically at a Jamf office or collaborative work location with other Jamf employees in your area for certain events or moments that matter. We are only able to accept applications for those based in one of these locations. What you can expect to do in this role: Mentors and advises others in related components and broad fundamental expertise areas Manages identity and access control in Azure Responsible for the tools, configuration, administration and related processes around our log file collection and monitoring Provides the framework, processes and execution to ensure support of Jamfs data leakage prevention Responsible for Web application firewall and related prevention, detection and mitigation of DDoS attack Vulnerability Management: Accountable for the prevention, detection and mitigation of vulnerabilities through industry standard tools, configuration, administration and internal procedures Performs regular firewall audits in line with our procedures. Provides the appropriate documentation, supporting evidence and follow up on identified issues requiring remediation Responsible for tooling, processes and follow up actions related to our external port scanning needs and practices Handles the identification, planning and implementation of any server hardening needs. Works collaboratively with Operations and other internal teams to communicate, document and implement Performs security incident analysis, response and remediation Participates in design and implementation of security automation workflows Helps manage security data reporting and visualization platform #LIRemote What we are looking for: Minimum of 4 years IT security principles, security operations, techniques, and technologies. (Required) Minimum of 4 years experience working with Linux/Unix command line interfaces, including Shell or Python scripting (Required) Minimum of 4 years experience with industry standard configuration management and deployment tools (e.g. Ansible, Azure Resource Manager or other) (Required) Minimum of 2 years experience administering some or all of the following Azure Services: (Virtual Machines, SQL Database, Load Balancer, Storage) (Preferred) Minimum of 2 years experience working with monitoring (Logic Monitor, AppDynamics, Zabbix, etc) and logging tools (Splunk, Sumologic, or ELK (ElasticSearch/Logstash/Kibana)) (Preferred) Advanced knowledge of containerization concepts and Kubernetes (Preferred) Basic knowledge of MySQL or Postgres (Preferred) 4 year / Bachelor's Degree (Preferred) A combination of relevant experience and education may be considered The following certification is preferred: Microsoft Certified: Azure Security Engineer Associate OTHER REQUIREMENTS: This position will perform work that the U.S. government has specified can only be performed by a U.S. citizen located physically in the U.S., and therefore any employment offer will be contingent upon verification of both of these requirements. Applicants who are not U.S. citizens or who are located outside of the U.S. are strongly encouraged to apply for other positions at Jamf, which is an equal-opportunity employer. SECURITY AND PRIVACY REQUIREMENTS: Participation in ongoing security training is mandatory Established security protocols will be adhered to, sensitive data will be handled responsibly, and data protection practices are followed, including understanding relevant privacy regulations and reporting breaches Acknowledging the Jamf Code of Conduct, where applicable security and privacy policies can be found, is a requirement of all roles at Jamf How we help you reach your best potential: Named a 2025 Best Companies to Work For by U.S. News Named a 2024 Best Technology Company to Work For by U.S. News Named one of Forbes Most Trusted Companies in 2024 Named a 2024 Best Companies to Work For by U.S. News Our developers work in agile delivery teams to produce new features, improve software components, and are the subject matter experts for our Jamf product offerings. You will have the opportunity to make a real and meaningful impact for more than 75,000 global customers with the best Apple device management solution in the world. We constantly push the boundaries of technology, our developers support new innovations and OS releases the moment they are made available by Apple. Several Jamf engineers are named in patents and with team names like CatDog, ThunderSnow and Dalek you can expect to have some fun while building cutting-edge software. You will have the opportunity to work with a small and empowered team where the culture is based on trust, ownership, and respect. We offer a clear career path that enables you to grow under supportive leadership and management Visit our Jamf Engineering blog to learn more about the innovative projects our team is working on and what we learn from each challenge we solve. A blog written by engineers, for engineers at medium.com/jamf-engineering 22 of 25 world's most valuable brands rely on Jamf to do their best work (as ranked by Forbes). Over 100,000 Jamf Nation users, the largest online IT community in the world. The below annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/annual salary to be offered to the selected candidate. Factors include, but are not limited to the scope and responsibilities of the role, the selected candidate's work experience, education and training, the work location as well as market and business considerations. Pay Transparency Range$103,100-$219,700 USD What it means to be a Jamf? We are a team of free-thinkers, can-doers, and problem-crushers. We value humility and the relentless pursuit of knowledge. Our culture flows from a spirit of selflessness and relentless self-improvement - driving both personal growth and collective progress throughout our company. We unite around common goals while respecting personal approaches, believing that fulfilled individuals create a thriving, vibrant workplace. Our aim is simple: hire exceptionally good people who are incredibly good at what they do and let them do it. We provide the support and resources to let everyone be their authentic, best selves at work, at rest, and at play. We are committed to supporting the continual improvement of Apple in the workplace, the organizations that rely on them and the people who keep it all running smoothly. Above it all, waves our banner of #OneJamf - and the knowledge that when we stand together, we accomplish so much more than we could alone. We seek individuals who share this unwavering journey toward growth to join us in our quest for constant improvement. What does Jamf do? Jamf extends the legendary Apple experience people enjoy in their personal lives to the workplace. We believe the experience of using a device at work or school should feel the same, and be as secure as, using a personal device. With Jamf, customers are able to confidently automate Mac, iPad, iPhone and Apple TV deployment, management, and security - anytime, anywhere - to protect the data and applications used by employees in the workplace, students learning in the classroom, and streamline communications in healthcare between patients and providers. More than 2,500 Jamf strong worldwide, we are free-thinkers, can-doers, and problems crushers who are encouraged to bring their whole selves to work each and every day. Get social with us and follow the conversation at #OneJamf Jamf is committed to creating an inclusive & supportive work environment for all candidates and employees. Candidates with disabilities or religious beliefs are encouraged to reach out if they need additional support or alternative options to our recruiting processes to accommodate their disability or religious belief. If you need an accommodation, please contact your Recruiter or Recruiting Coordinator directly. Requests for accommodation will be handled confidentially by Recruiting and will not be shared with the hiring manager. Jamf is an equal opportunity employer and does not discriminate against individuals who request reasonable accommodation for disability or religious beliefs. To request accommodations please email us at *******************

Junior Information Security Analyst 12 month Contract (with strong potential for extension and career advancement) Our client is seeking a Junior Information Security Analyst to assist in supporting and enhancing cybersecurity initiatives across their organization. This role will focus on implementing and monitoring security controls aligned with the NIST Risk Management Framework, NIST Cybersecurity Framework, and Texas Information Security Standards. This is a great opportunity for an early-career professional eager to gain deep experience in information security within an enterprise environment. Required Qualifications: Bachelor's degree in Cybersecurity, Information Technology, or a related field Security certifications such as CompTIA Security+, GSEC, or equivalent 2+ years of experience in information security, cybersecurity, or a related IT field Working knowledge of common security frameworks including: NIST Risk Management Framework (RMF) NIST Cybersecurity Framework (CSF) Texas Information Security Standards Experience with basic project planning and system development methodologies Strong analytical, communication, and documentation skills Ability to work independently with minimal supervisio Familiarity with enterprise-level IT systems or public-sector environments is highly preferred Key Responsibilities: Assist in implementing and monitoring security measures across systems and applications Support security risk assessments and compliance reviews Help maintain and document security policies, procedures, and standards Coordinate with internal teams and external vendors on security initiatives Assist in identifying and recommending improvements to existing security processes Participate in incident response and audit support activities Support research and evaluation of emerging cybersecurity tools and technologies Genius Road, LLC is proud to be a Certified Women's Business Enterprise, an Equal Opportunity Employer and values diversity. All employment is decided on the basis of qualifications, merit and business need.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.

Title: Manager, Information Security & Compliance Duration: Fulltime Permanent with Client ________________________________ Responsibilities: Provide leadership, management, and guidance to the Operational Technology Security & Compliance team. Oversee and manage the security patch management, password management, configuration management and logging solution. Develop and maintain maintenance and configuration procedures, schedules and related evidentiary documentation. Manage on-call schedule. Maintain security system standards and NERC compliance in accordance with good utility practices. Manage daily system monitoring, verifying the integrity and availability of hardware, server resources, systems and key processes, reviewing and verifying system and application logs. Coordinate testing and implementing operating system patches in the operations technology environment. Ensure NERC CIP requirements are implemented when performing any work. Requirements: 5+ years of experience managing information security and compliance team. 10+ years of experience with security and compliance functions (Access Management, Threat and Vulnerability Management, Security Monitoring, Patch Management, Password Management, Configuration Management and Logging). Experience supporting CIP compliance is a plus. Experience working with a team required to operate in 24/7 shifts. Strong writing and communication skills. Commitment to providing excellent customer service. Qualifications NERC CIP Additional Information All your information will be kept confidential according to EEO guidelines.