Security engineer jobs in Placentia, CA - 515 jobs

Senior Network Engineer (Cisco / Enterprise) Pay Range: $75/hour to $81/hour We are seeking a highly experienced Senior Network Engineer to support, design, and secure large-scale enterprise network environments. This role is hands-on and strategic, requiring deep expertise in Cisco networking, security architecture, and full lifecycle network implementations. Candidates must have extensive experience working in complex enterprise environments with 5,000-15,000+ network nodes. Responsibilities Design, architect, and provide engineering support for enterprise network and systems infrastructure Develop and implement network standards, policies, and procedures Serve as a technical mentor for Network Engineers and provide team leadership Perform maintenance, upgrades, and lifecycle management of: Routers, switches, firewalls Remote access systems Network management and monitoring systems Monitor network connectivity and ensure high-quality, reliable data transmission Provide technical support across LAN, WAN, MAN, wireless, security, and cloud-based networks Manage day-to-day network operations and ensure adherence to enterprise SLAs Evaluate new applications and technologies for impact on existing infrastructure and security posture Coordinate and support network vulnerability assessments and penetration testing efforts Implement remediation strategies and threat mitigation solutions Collaborate with project managers, IT teams, vendors, contractors, and consultants Participate in security policy creation, reviews, and compliance initiatives Design, implement, and maintain perimeter and internal network security systems Own and secure enterprise data networks, including: Network perimeter Remote access WAN Data centers Wired and wireless environments Identify, troubleshoot, and resolve complex network hardware and software issues Promote governance, compliance, scalability, performance, and reliability across the network infrastructure Required Qualifications 10+ years of experience as a Senior Network Engineer in large enterprise environments Proven hands-on experience with Cisco SDA and TrustSec (full lifecycle implementation experience strongly preferred) Extensive experience supporting enterprise networks with 5,000-15,000+ nodes 10+ years of hands-on configuration and support of Cisco routers, switches, and related infrastructure Experience in complex, multi-platform, multi-protocol network environments Strong background in planning, designing, and documenting Cisco-based enterprise networks Expertise in: LAN, WAN, MAN, Metro Ethernet Routing, topology, QoS, multicast, and network protocols MPLS, NAC, VPN, remote access solutions Firewalls, IDS/IPS, security devices, NAT/PAT ACS, Adaptive Authentication, SecurID RADIUS / LDAP / TACACS Wireless networking Packet-level network traffic analysis expertise Experience with network monitoring, analysis, and management tools Strong project management, leadership, and interpersonal skills Ability to work independently while mentoring and leading other engineers Preferred: Healthcare industry experience

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all. The exceptional EY experience. It's yours to build. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. Today's world is fuelled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performing digital forensic analysis, following security incident response standard methodologies, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process. Your key responsibilities Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified Forensically analyze end user systems and servers found to have possible indicators of compromise Analysis of artifacts collected during a security incident/forensic analysis Identify security incidents through ‘Hunting' operations within a SIEM and other relevant tools Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions Provide consultation and assessment on perceived security threats Maintain, manage, improve and update security incident process and protocol documentation Regularly provide reporting and metrics on case work Resolution of security incidents by identifying root cause and solutions Analyze findings in investigative matters, and develop fact based reports Be on-call to deliver global incident response Skills and attributes for success Resolution of security incidents by identifying root cause and solutions Analyze findings in investigative matters, and develop fact-based reports Proven integrity and judgment within a professional environment Ability to appropriately balance work/personal priorities To qualify for the role you must have Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering; Understanding of security threats, vulnerabilities, and incident response; Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis; Be familiar with legalities surrounding electronic discovery and analysis; Experience with SIEM technologies (i.e. Splunk); Deep understanding of both Windows and Unix/Linux based operating systems; Ideally, you'll also have Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH Background in security incident response in Cloud-based environments, such as Azure Programming skills in PowerShell, Python and/or C/C++ Understanding of the best security practices for network architecture and server configuration What we look for Demonstrated integrity in a professional environment Ability to work independently Have a global mind-set for working with different cultures and backgrounds Knowledgeable in business industry standard security incident response process, procedures, and life cycle Excellent teaming skills Excellent social, communication, and writing skills What we offer you The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary range/s. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more. We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $87,700 to $164,000. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $105,200 to $186,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society, and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy, and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at **************************.

Headquartered in the United States, TP-Link Systems Inc. is a leading global provider of networking devices and smart home products. Consistently ranked as the world's top provider of Wi-Fi devices, TP-Link is dedicated to delivering innovative solutions that improve people's lives by offering faster, more reliable connectivity. Serving customers in over 170 countries, we are committed to expanding our global footprint. At TP-Link Systems Inc., we believe that technology has the power to transform the world for the better. Our mission is to design reliable, high-performance products that connect users worldwide to the limitless possibilities of technology. We are driven by our core values of professionalism, innovation, excellence, and simplicity. Our goal is to help clients achieve outstanding global performance and to provide consumers with a seamless, effortless technology experience. TP-Link Systems Inc. is seeking a skilled and proactive Sr. Security Compliance Analyst who will be responsible for developing and overseeing TP-Link's enterprise security governance framework, ensuring compliance with regulatory requirements, industry standards, and internal policies. This individual will collaborate with cross-functional teams to embed security into business operations, manage risk, and enhance security resilience across TP-Link's enterprise ecosystem. Key Responsibilities: Security Governance & Policy Development Develop, implement, and maintain security policies, standards, and guidelines aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Establish and lead a security governance framework to ensure consistent application of security controls across the enterprise. Risk Management & Compliance Identify, assess, and mitigate security risks across TP-Link's global operations. Ensure compliance with regulatory requirements such as GDPR, CCPA, NIST CSF, and other applicable cybersecurity frameworks. Oversee security audits, risk assessments, and third-party security evaluations. Partner with legal, IT, and business leaders to address security compliance gaps. Third-Party & Supply Chain Security Develop and enforce security requirements for vendors, suppliers, and third-party partners. Conduct security assessments of supply chain partners to identify and mitigate potential risks. Security Awareness & Training Develop and lead security awareness programs to educate employees on cybersecurity risks and best practices. Foster a security-first culture across all levels of the organization. Provide guidance and training on security governance processes for internal stakeholders. Incident Response & Continuous Improvement Support security incident response efforts by ensuring governance processes facilitate rapid detection and response. Lead post-incident analysis to refine security policies and controls. Monitor emerging threats, regulatory changes, and industry trends to evolve TP-Link's security governance strategies. Requirements Qualifications Education: Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field. Experience: 5+ years of experience in security governance, risk management, or compliance in a global technology or networking company. Proven track record in developing and implementing security governance frameworks for enterprise security. Experience managing compliance with industry standards and regulations (ISO 27001, NIST CSF, SOC 2, GDPR, CCPA, etc.). Hands-on experience with supply chain security, third-party risk management, and vendor security assessments. Skills: Deep understanding of security frameworks (ISO 27001, NIST, CIS, SOC 2) and regulatory requirements. Strong expertise in risk management methodologies, security policy development, and compliance auditing. Proficient in conducting security assessments, third-party risk evaluations, and internal security reviews. Ability to communicate complex security concepts to business and technical stakeholders effectively. Strong leadership skills with experience in cross-functional collaboration and executive reporting. Benefits Salary range: $100,000-$150,000 Free snacks and drinks, and provided lunch on Fridays Fully paid medical, dental, and vision insurance (partial coverage for dependents) Contributions to 401k funds Bi-annual reviews, and annual pay increases Health and wellness benefits, including free gym membership Quarterly team-building events At TP-Link Systems Inc., we are continually searching for ambitious individuals who are passionate about their work. We believe that diversity fuels innovation, collaboration, and drives our entrepreneurial spirit. As a global company, we highly value diverse perspectives and are committed to cultivating an environment where all voices are heard, respected, and valued. We are dedicated to providing equal employment opportunities to all employees and applicants, and we prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Beyond compliance, we strive to create a supportive and growth-oriented workplace for everyone. If you share our passion and connection to this mission, we welcome you to apply and join us in building a vibrant and inclusive team at TP-Link Systems Inc. Please, no third-party agency inquiries, and we are unable to offer visa sponsorships at this time.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Raytheon is seeking a well-qualified Systems Security Engineer II (P2) to join our Systems Security Engineering (SSE) team in developing solutions to protect the Warfighter's technology advantage. Systems Security Engineering creates holistic security solutions leveraging Cyber Security, Software Assurance and Supply Chain Risk Management to support Program Protection Implementation on embedded weapons systems. Join our highly visible team and perform technically challenging assignments, which will directly contribute to protecting our nation and our Warfighters. This is an onsite position at Raytheon in Fullerton, CA. What You Will Do Lead the patch team, ensuring on-time delivery of patches to our customer Perform analysis on cybersecurity collected data and test results Validate secure configuration of routers, switches, firewalls, servers, operating systems, applications, and other assets, using DoD approved scanning and assessment tools such as Nessus, STIG, Evaluate STIG, and/or RADIX Create and maintain Linux Bash and Python scripts Create patch artifacts such as patch media and information assurance posture reports Qualifications You Must Have Typically requires a Bachelor's Degree in Science, Technology, Engineering or Mathematics (STEM) and 2 years of prior relevant experience Active and transferable U.S. government issued DoD Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Experience in System Security Engineering, computer technology reverse engineering, cybersecurity or embedded security Qualifications We Prefer Experience with scrum planning and scrum tools such as Jira Experience in the SSE implementation throughout the entire life cycle Experience contributing to a team environment for the purpose of developing creative solutions to technical problems Cyber Certifications in accordance with DoDD 8570/DoDD 8140 such as CISSP, GSLC, CEH Experience supporting the development of Risk Management Framework (RMF) documents and controls validation testing for Authority to Operate (ATO) accreditations Candidate must exhibit an exceptional degree of ingenuity, creativity and resourcefulness Excellent communication, technical writing, oral presentation and interpersonal skills What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation Relocation Eligible - Relocation assistance is available As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

**Country:** United States of America ** Onsite **U.S. Citizen, U.S. Person, or Immigration Status Requirements:** Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance **Security Clearance:** Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Raytheon is seeking a well-qualified **Systems Security Engineer II (P2)** to join our Systems Security Engineering (SSE) team in developing solutions to protect the Warfighter's technology advantage. Systems Security Engineering creates holistic security solutions leveraging Cyber Security, Software Assurance and Supply Chain Risk Management to support Program Protection Implementation on embedded weapons systems. Join our highly visible team and perform technically challenging assignments, which will directly contribute to protecting our nation and our Warfighters. This is an onsite position at Raytheon in Fullerton, CA. **What You Will Do** + Lead the patch team, ensuring on-time delivery of patches to our customer + Perform analysis on cybersecurity collected data and test results + Validate secure configuration of routers, switches, firewalls, servers, operating systems, applications, and other assets, using DoD approved scanning and assessment tools such as Nessus, STIG, Evaluate STIG, and/or RADIX + Create and maintain Linux Bash and Python scripts + Create patch artifacts such as patch media and information assurance posture reports **Qualifications You Must Have** + Typically requires a Bachelor's Degree in Science, Technology, Engineering or Mathematics (STEM) and 2 years of prior relevant experience + Active and transferable U.S. government issued DoD Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance + Experience in System Security Engineering, computer technology reverse engineering, cybersecurity or embedded security **Qualifications We Prefer** + Experience with scrum planning and scrum tools such as Jira + Experience in the SSE implementation throughout the entire life cycle + Experience contributing to a team environment for the purpose of developing creative solutions to technical problems + Cyber Certifications in accordance with DoDD 8570/DoDD 8140 such as CISSP, GSLC, CEH + Experience supporting the development of Risk Management Framework (RMF) documents and controls validation testing for Authority to Operate (ATO) accreditations + Candidate must exhibit an exceptional degree of ingenuity, creativity and resourcefulness + Excellent communication, technical writing, oral presentation and interpersonal skills **What We Offer** + Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation + Relocation Eligible - Relocation assistance is available **_As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote._** The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. _RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act._ **Privacy Policy and Terms:** Click on this link (******************************************************** to read the Policy and Terms Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

The System Security Engineer Level II is required to be a highly skilled and hands-on security engineer, and will be responsible for helping to maintain and expand the infrastructure of the entire Cambro network, ensuring that they are protected from cyber threats and attacks, ensuring compliance, and responding to incidents. In this role, the responsibility is to manage, monitor, and maintain our Network IT infrastructure from CVEs, cyber threats, manage and implement device firmware and software updates. Also, the role is required to assist in projects and initiatives to support, upgrade, and maintain our technical environment to improve network security. The role requirement is to be proficient with cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. The role requires to have a multi-disciplined background including experience with Cybersecurity Operations, firewalls, IDS/IPS, switches, VLANs, routing protocols, IPsec, VPN tunnels, multi factor authentication and e-mail security. In addition, they must have a solid understanding of virtualized servers, Windows workstations and services. This role is required to have the network monitoring skills and technologies for detecting unusual activity, investigate security breaches and lead incidence response. ESSENTIAL JOB FUNCTIONS • Monitor network traffic for anomalies, investigate alerts and respond to security incidents. • Conduct regular vulnerability scans, risk assessments, patch management and mitigation across network devices. • Ensure adherence to cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. • Able to proactively scan servers and network devices for vulnerable ports and protocols and rogue devices. • Manage our firewall environment with the ability to create route policies and apply cybersecurity recommendations • Install and configure Network Equipment (Switches, Firewalls, and other networking hardware) • Perform (Layer 2) switch administration and configuration on Cisco/Ruckus switches. Including configuring LAGs, interfaces, creating trunks, creating, and managing segmented VLANs. • Possess a solid understanding of Windows Server services and roles including installation and configuration • Create certificates for network devices and servers that have a web management capability • A strong understanding of Windows Active Directory and can design, implement, and configure and troubleshoot Active Directory issues • Create, Manage and Deploy Group Policy Objects (GPO's) to deploy applications and implement security including windows firewalls • Effectively use PowerShell to automate and standardize administrative tasks • Capable of installing a Linux VM and execute basic Linux commands and managing Linux appliances • Manage our virtualized server environment managing, creating VM's and patching the VMware environment. • Strong understanding of Virtual Switches, Port Groups (Distributed and Standard) • Manage the Active Backup for Business on Synology and other advanced Synology administration features • Maintain and monitor Backup solutions. • Manage our users email accounts using the cloud service M365 from Microsoft • Responsible for creating and maintaining server and network documentation to include tasks and procedures • Proactively monitor our network using a variety of tools to help identify potential network and server issues • Assist in patching our entire infrastructure when needed using a variety of tools • Maintains strong technical abilities, knowledge of new and changing technologies • Prepare for emergencies by creating and/or updating action plans • Jumping into time-sensitive projects wherever needed • Showing flexibility and a willingness to learn • Maintain healthy communication with IT Staff, IT Customers and Vendors • Actively participate in IT Infrastructure and Operations projects, managing, completing, communicating, and fully documenting assigned tasks and deliverables. • Maintain reliable and consistent attendance, including being punctual, and dependable in order to meet the needs of the department and the organization. • Execute each essential duty satisfactorily to perform job successfully. • Follows all safety procedures required in work area, wears PPE as needed, attends all safety meetings, and reports safety issues regarding equipment or unsafe/hazardous conditions. • Performs effectively as a team member, able to work well with others, open to receiving and give feedback, and treats everyone with respect. • Takes ownership of own work and behavior, accepts accountability for own actions, encourages solutions, and communicates status of work/projects. • Follow all department quality standards/criteria. Raise concerns and issues to immediate manager. • Able to understand and demonstrate Cambro company culture, display company core values (Safety, Quality, Respect, and Service). • Understands department's key performance indicators and contributes to achieve these goals both individually and as a team. • Maintains reliable and consistent attendance, including being punctual, dependable, and flexible to potential schedule changes to meet the needs of the department and the organization. • Executes each essential duty satisfactorily to perform job successfully. • Follows all safety procedures required in work area, wears PPE as needed, attends all safety meetings, and reports safety issues regarding equipment or unsafe/hazardous conditions. • Performs effectively as a team member, able to work well with others, open to receive and give feedback, and treats everyone with respect. • Takes ownership of own work and behavior, accepts accountability for own actions, encourages solutions, and communicates status of work/projects. • Follows all department quality standards/criteria. Raises concerns and issues to management. • Understands department's key performance indicators (KPIs) and contributes to achieve these goals both individually and as a team. • Other duties as needed or required. ADDITIONAL RESPONSIBILITIES • Ability to be on call 24 hours a day, 7 days a week for global operations, by periodically providing off-hours, evening, and weekend support to accommodate maintenance windows and issue resolution • Occasional travel to various Cambro locations domestically and internationally as required (15%) • May occasionally guide less experienced associates to help with technical projects • Some travel may be required. REQUIRED QUALIFICATIONS The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. • Bachelor's degree (B.A.) from a four-year accredited college or university. • 5-10 years of experience in IT security, network, administration, and support roles. • Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form. • Ability to adapt and adjust plans to meet changing needs. • Proficient in Microsoft Office Suite • Experience with Fortinet solutions, EDR, email security solutions • Solid knowledge of cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. • Solid working knowledge of Layer 2 (VLANs, Inter-VLANs, VTP Domains, bridge groups, MVRP, ACL's) technologies and network segmentation. • Strong knowledge of DNS records including reverse zones and maintaining DNS records • Strong DHCP Knowledge to include DHCP Fail over and able to configure DCHP relay on Switches • Solid understanding of routing protocols, static routes and ARP cache • Proficient in creating and implementing certificates on layer 2 devices (Switches, Firewalls, Linux Appliances) • Strong troubleshooting skills and possess the ability to find security and network issues in a timely manner • Strong Windows administration skills including Active Directory/GPO's and security policies • Solid working knowledge of Virtualization, such as VMware ESXi servers and vCenter 7.x • Solid working knowledge of Veeam/Bacula/Exagrid backup software to manage backup and restore procedures • Must be able to follow instructions and procedures and ask questions if something is unclear • Excellent documentation skills including ability to create network drawings • Self-motivated and energetic with the ability to manage time efficiently without supervision and to work effectively under pressure • Strong customer service and communication skills • Excellent organizational skills and strong sense of urgency • Familiarity with various network types including LANs, WANs, SDWAN, WLANs, SANs, and VoIP networks • Great accuracy and attention to detail PREFERRED QUALIFICATIONS • Experience in Business Continuity and disaster recovery is a plus • Knowledge of Ruckus Access Points and Switches • Knowledge of IBMi PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Sitting, walking, standing, bending at the neck, bending at the waist, squatting, climbing, kneeling, crawling, twisting at the neck and waist, repetitive use of hands, simple grasping, power grasping, fine manipulation, pushing and pulling, reaching above and below the shoulder, carrying/lifting up to 50 lbs. Driving cars and other IT equipment Working around equipment and machinery Exposure to excessive noise Exposure to dust, gas, fumes or chemicals Working at heights Use of special visual or auditory protective equipment Walking on uneven ground PPE Requirements Safety glasses Steel-toe slip-resistant shoes - When in production area Hearing protection (e.g. ear plugs, ear muffs) - When in production area Face covering (mask) in accordance with company policy. Hardhat/bump camp IT Application COMPENSATION RANGE: $97,000- $120,000 Salary may vary based on experience. CAMBRO is proud to be an equal-opportunity workplace. All qualified applicants will receive consideration for employment without regard to and will not be discriminated against based upon race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic information, military or veteran status, or other characteristics protected by law.

What you do Be responsible for Pre Sales Support & End User Support for, but not limited to the design, configuration, and operation of complete building low voltage systems, including fire, security, and other low voltage control sub-systems (i.e. lighting, nurse call, data networks, etc.) to meet the intent of the project requirements. Accountable to field teams for quality, timeliness and efficiency of designs. Develops complex software programs, commissions and troubleshooting to ensure proper operations of the building control system. Provides detailed information and submittals to communicate design and operation to customers, consultants, Johnson Controls field installation team and subcontractors. How will you do it - Sales Support and End User Support · Possible job walks with the Sales Team on the initial design phase · Designs and configures are technically complex building control systems as defined by the contract documents. · Creates flow diagrams, sequence of operations, bill of material, network layouts and electrical schematics as required. · Develop and tests software programs necessary to operate the system per the project requirements' intent. · Coordinates the creation of necessary drawings and equipment schedules for submittals and installation. · Assists in the loading and commissioning of all system and network-level controllers as required. · Assists in validation of complete system functionality and troubleshoots problems with subcontractors and other trades to ensure proper operation. · Provides field change information to the project team for the creation of as-built drawings and software. · Keeps management and JCI contractor or customer informed of job progress and issues. · Assists in performing site-specific training for owner/operator on the total building control system. · Participates in release meeting with the project field team. · Performs value engineering to provide cost effective results while maintaining customer satisfaction. · Adheres to safety standards. · High degree of employee and subcontractor safety. What we look for Required Qualifications · Minimum of seven years of experience, or an associate degree in a related technical field with seven years of relevant work experience required. · Demonstrated knowledge of the construction, mechanical, electrical, or HVAC service industry. · Demonstrated knowledge of mechanical drawings, electrical wiring diagrams, control theory, automatic temperature controls, building automation systems and other building subsystems. · Demonstrated experience in the integration of low voltage building sub-systems using various industry protocols (i.e. LON, BACnet, etc.). · Ability to relate technical knowledge to a non-technical audience. · Demonstrated advanced computer skills required, particularly computer-related drafting tools, such as Visio. Preferred Qualifications · Bachelor's degree in engineering with a minimum of five years of experience, or an associate degree in a related technical field with seven years of relevant work experience required. · Understanding of IP networking for building automation systems. · Understanding of Tridium/Niagara Framework HIRING SALARY RANGE: $100K to $125K (Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, location and alignment with market data.) This role offers a competitive Bonus plan that will take into account individual, group, and corporate performance. This position includes a competitive benefits package. For details, please visit the About Us tab on the Johnson Controls Careers site at ***************************************** Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability or any other characteristic protected by law. To view more information about your equal opportunity and non-discrimination rights as a candidate, visit EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit here.

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: Secure the Magic by protecting information systems and platforms. Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. Strengthen the business through optimizing execution, application, and technology used to protect the Company. Innovate by investing in core capabilities to enhance operational efficiency. Team Description: Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. What You'll Do: Independent audit support for: SOX 404 ITGCs PII PCI ISPS Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. Develop and lead the Control Assurance Programs (ISPS and SOX). Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) Ensure for timely management response of audit findings into our corporate SOCD/SAD. Oversee ISPS Management Audit coordination and open action plans. Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. Management of GRC workflows around coordination of certifications and attestations. Partner with leadership to support the PCI-DSS compliance program. Develop training materials, coordinate training sessions, and monitor compliance with training requirements. Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. Provide executive level updates on Compliance programs Must Haves (Years of Experience, languages, programs, tools, etc.): Minimum of 8 years of related work experience, with 3 in management roles IT SOX experience and proven experience in supporting IT audit/compliance functions Experience in managing people Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives Interpersonal skills with the ability to work with teams cross-functionally Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators Detail-oriented but able to understand the big picture. Highly organized and efficient Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments Experience with cloud-based services, specifically AWS Nice To Haves (see above): Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR Experience working with companies that have a heavy microservice architecture Education: Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. Job Posting Segment: Enterprise Technology Job Posting Primary Business: Corporate Global Information Security Primary Job Posting Category: Security Governance Employment Type: Full time Primary City, State, Region, Postal Code: Glendale, CA, USA Alternate City, State, Region, Postal Code: USA - CA - 2450 Broadway, USA - NY - 7 Hudson Square Date Posted: 2025-11-21

GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: * Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Build-time controls: Managing applications/products security controls and activities during development. * Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities * Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. * Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Support or develop components of the security analytics platform. * Contribute to investigations, threat hunting, and incident response activities in a supporting role. * Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. * Support the security operations team with the vulnerability management lifecycle for products and services under your purview. * Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities * Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. * Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. * Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. * Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). * Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. * Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. * Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. * Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. * Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. * Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. * Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. * Experience engaging with vendors in design partnerships. * Experience overseeing vulnerability and threat management at the platform and application levels. * Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. * Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. $146,000 - $170,000 a year In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

The Information Security organization at Sony Pictures Entertainment is responsible for protecting our content, systems, and data from being stolen, damaged, or destroyed. To do so, we are continuously improving our tools, capabilities, and processes to stay ahead of evolving threats. The Manager, Information Security Productions is accountable for operationalizing the Information Security Productions program across all SPE U.S. productions. This includes driving consistent implementation of approved security standards, tools, and controls; ensuring data-driven visibility into production security risk; and supporting compliance and readiness reporting to leadership. Success in this role requires strong cross-functional collaboration across Information Security, IT, S3, and production teams to embed security into creative workflows without friction, while ensuring protection of SPE's most valuable assets-our stories and intellectual property. This role will also ensure program consistency with regional and global counterparts, contribute to automation and standardization of key controls, and support ongoing improvement of information security for productions practices across the production lifecycle. Key indicators of success in this role will be: Business leaders have near real-time visibility into production information security risk using meaningful, actionable metrics that drive timely and effective decision-making. Consistent application of approved tools, workflows, and controls across productions, ensuring compliance and readiness reporting aligns with studio KPIs. Production teams trust SPE to provide a secure, highly available, and easy-to-use digital production environment that safeguards our content and data. Information Security, Physical Security, and IT operate as unified partners to protect SPE productions from concept to archive. Within this organization, we value learning, agility, and collaboration. The Manager, Information Security Productions (CC, US) will be a key contributor to Sony Pictures Entertainment's goal of being the most trusted studio in the industry. Responsibilities Provide visibility and actionable insight into Information Security risk across active U.S. productions. Monitor, analyze, and report on production security posture and key control performance metrics for each production. Partner with global InfoSec, Risk, Threat Intelligence, Incident Response, Training, and Governance teams to align production needs with enterprise programs. Prepare and present dashboards and reports on security trends, compliance status, and improvement opportunities. Support the development of production-specific metrics and KPIs to measure control effectiveness. With IT and Physical Security, maintain security controls in place for productions to most effectively meet our business goals. Operationalize the Production Information Security Program across U.S. productions. Ensure consistent implementation of approved security tools, policies, and workflows within productions. Coordinate adoption of automated controls with productions, such as provisioning, watermarking, and access telemetry. Support the standardization and scalability of production security practices across production titles and business units. Ensure and track production security culture, awareness, and response readiness. Amplify the reach of security training and awareness initiatives by coordinating rollout to productions, ensuring consistent messaging and participation tracking. Gather feedback from productions to help refine information security for productions training and awareness efforts. Partner with Incident Response to ensure clear communications, timely follow-up, and closure of corrective actions. Track cultural and operational readiness indicators (e.g., onboarding rates, reporting engagement, post-incident improvements) to measure program maturity and continuous improvement. Qualifications 5+ Years of experience in Information Security, Information Technology or a related field 5+ Years of experience in an organization directly involved in movie, television and/or other entertainment production, or equivalent educational experience. Bachelor's degree preferred Strong understanding of the technologies, tools and processes used in production of movies and/or television. Knowledge of Information Security frameworks, standards and best practices and their relevance to business success Specific knowledge of processes, tools and practices used to maintain confidentiality in the context of movie and television productions. Ability to develop and maintain meaningful metrics to track program and process effectiveness. Strong planning and analytical skills Strong communications skills The anticipated base salary for this position is $115,000-$150,000. This role may also qualify for annual incentive and/or comprehensive benefits. The actual base salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location of the position. Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. SPE will consider qualified applicants with arrest or conviction records in accordance with applicable law. To request an accommodation for purposes of participating in the hiring process, you may contact us at SPE_Accommodation_Assistance@spe.sony.com.

at The Azoff Music Company LLC Information Security Analyst About the RoleWe are looking for an Information Security Ånalyst to operate and maintain our information security systems. As a mid-size entertainment company with global reach, we manage sensitive intellectual property and digital assets that demand the highest level of security. This role will be responsible for helping to design, implement, and maintain a robust information security program that aligns with business objectives and compliance requirements. Key Responsibilities Governance, Risk Management, and Compliance Establish and maintain security policies, standards, and procedures that comply with applicable regulations (e.g., GDPR, CCPA, SOC 2, ISO 27001, PCI-DSS). Oversee risk assessments and audits, ensuring remediation plans are executed effectively. Manage vendor security evaluations and third-party risk management programs. Operational Security Oversee incident detection, response, and recovery processes to ensure rapid containment and resolution of security events. Implement and monitor security controls across endpoints, networks, and cloud infrastructure. This may include selecting, implementing, and monitoring security software, reviewing network settings like firewall rules and access policies, inspecting hardware and software for vulnerabilities. Lead vulnerability management, penetration testing, and threat intelligence initiatives. Awareness and Culture Develop and deliver ongoing security training and awareness programs for all employees. Champion a culture of security across departments, ensuring staff understand their role in protecting company assets. Mentor junior technical staff on information security best practices, operations, and technology. Technology and Innovation Partner with IT and digital teams to integrate security into technology architecture and workflows. Evaluate and implement advanced security tools, automation, and analytics for proactive threat management. Stay current with emerging threats, trends, and technologies in cybersecurity and the entertainment industry. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. 5+ years of progressive experience in information security. Proven experience supporting enterprise security programs, preferably in media, entertainment, or technology environments. Strong knowledge of cloud security, identity and access management, and data loss prevention. Strong knowledge of Conditional Access Policies and Device Compliance in Microsoft Entra ID. Experience implementing and managing SSO and SCIM configurations. Familiarity managing PAM solutions like Microsoft Privileged Identity Management. Strong programming (Python) and/or scripting skills (PowerShell/Bash) Familiarity with common device management tools like Intune, Jamf, Mosyle, Addigy, etc. Professional certifications such as Security +, Network +, CISSP, CCSP or CASP, or similar highly desired. Excellent communication and stakeholder management skills - able to translate complex technical risks into clear business implications. We will not be able to support sponsorship or visas for this position at this time. The base salary range for this role is $120,000 - $150,000 depending upon experience.Our offices are located in Westwood Village, Los Angeles, CA. Employees work in the office Monday through Thursday and from home on Fridays. We offer a very competitive benefits package, annual bonus, and a creative and dynamic working environment. This position is based in California and is subject to California employment laws and workplace safety requirements, including the Company's Covid vaccination policy. Reasonable accommodations will be considered in accordance with applicable law. Successful candidates will be required to show proof of being vaccinated against COVID-19. This requires having a two-dose series and a booster, or a single dose series and a booster. Reasonable accommodations will be considered on a case-by-case basis for exemptions to this requirement in accordance with applicable law. Disclaimer: This job description only provides an overview of job responsibilities that are subject to change. We are an Equal Opportunity Employer

As an Analyst, Information Security (Compliance) you will be part of Team focusing adherence to Macau Cyber Security Law (MCSL), ISO27001 (latest) standard, regulatory requirements, and in-house policies. PRIMARY RESPONSIBILITIES: * Ensure Melco Information Security Policy is compliant with Macau Cyber Security Law (MCSL) and to carried out required activities accordingly. * Enforce Melco Information Security Policy based on industrial standards (e.g. ISO27001 latest) and best practices across all Melco properties and locations * Oversee security control systems to prevent or deal with violation of Information Security Policies and Standards * Review and revise Information Security policies, procedures, standards and checklists periodically to ensure compliance to the latest standards and best practices * Coordinate/support an information security awareness program to deliver risk communication, awareness and training for audiences, which may range from senior leaders to field staff * Coordinate/support internal/external audit activities; perform annual internal audit in conjunction with internal policy, regulation and governance. Ensure audit findings and corrective actions are closed out accordingly * Review change/service request tickets in ticketing system within agreed SLA * Remain informed on current standards, trends and issues in the information security industry * Ensure cloud product (e.g. AWS, Azure, Alibaba) compliance to an array of cyber-security industry frameworks * Support Information Security Operation Calendar activities * Produce required dashboard for management reviews (e. Compliance, Vulnerability reports) QUALIFICATIONS: Experience * 2+ years' working of experience in a related field. * Requires in depth experience and knowledge of enterprise IT concerns and technologies * Experience with managing a compliance and/or security organization, including planning and executing security policies and standards development * Experience in ISO 27001 latest standard * Experience in Macau Cyber Security Law is a plus * 1+ years in information security preferred to include management or administration in least 6 of the following disciplines: * Network Security and firewalls (CCSP/CCIE - Security, CCNA) * Relational Database Security * Remote Access/VPN solutions * Information Security Auditing * Intrusion Detection and Response * Anti-virus systems * Messaging Security * Security policy and procedure development * Windows and Active Directory security * Access management processes * Security benchmarking requirements (CIS) * Security compliance for Regulatory requirements (NERC/SOX/HIPPA/FISMA) * Security Strategic Planning and Risk Management * Web and application based security * Encryption (PKI/Kerberos/SSL) * Cloud Technologies Education * Bachelor's degree in Management Information System, Computer Science, or related disciplines * An information security or other similar technical certification such as Certified Information Systems Auditor (CISA) and Certified Information Systems Security Professional (CISSP) is highly desirable Skills / Competencies * Knowledge of security policies, standards, regulatory requirements such as ISO 27001, PCI-DSS, GDPR, MCSL * Fluent in of written and spoken English. Fluency in Cantonese and Mandarin will also be an advantage * Good knowledge of cloud platforms (e.g. AWS, Azure, Alibaba) a plus * Proven excellence in researching, organizing, writing, and presenting technical information via report writing and presentation (PowerPoint, Excel) * Capacity to work independently and in a team environment, with leadership ability and project management skills * Ability to multi-task and have solid project management skills. * Ability to understand the relationship between business processes, priorities, risk and their underlying * technologies and security risks * Ability to keep pace with a fast pace and growing company * Strong analytical and inter-personal skills to communicate technical information to non-technical background * users PERSONAL COMPETENCIES: * Displays a high commitment to delivering results * Leads others to achieve business objectives * Communicates effectively * Displays the highest level of integrity * Ability to maintain discretion * Self-motivated * Approachable

About UsAt Next Health, we are redefining health optimization by integrating cutting-edge medical innovation with preventative, data-driven wellness. Through our technology-forward platform and luxury clinical environments, we empower our members to take control of their well-being with personalized longevity solutions. We are rapidly expanding across the U.S., and we are seeking visionary leaders to help scale our digital infrastructure and member experience. Your ImpactAs the Front Desk Receptionist at Next Health, you will be the first point of contact for our patients, visitors, and vendors. You will play a critical role in creating a positive patient experience and ensuring that our operations run smoothly. Job DescriptionAs the Front Desk Receptionist, you will be responsible for: Greeting patients and visitors with a welcoming and professional demeanor Checking in patients and verifying their demographic and payment information Scheduling appointments and managing the clinic schedule Assisting patients with questions and concerns Maintaining patient records and updating them as needed.Coordinating with other departments and healthcare providers to ensure seamless patient care. What to Expect In this role, you can expect to: Interact with a diverse group of patients and visitors Manage multiple tasks and responsibilities simultaneously Use electronic medical records and scheduling software Work closely with other departments and healthcare providers Provide excellent customer service and patient care What You'll BringWe're looking for someone who has: 1+ years of experience in a medical office or healthcare setting Excellent communication and interpersonal skills Strong attention to detail and organizational skills Ability to manage multiple tasks and ************************************** Super AdminExperience with electronic medical records and scheduling software Knowledge of medical terminology and insurance billing practicesA passion for providing exceptional customer service and patient care Aptitude for sales Passion for and knowledge of health & wellness services.Exceptional at customer service.Display a genuine interest in helping other people.Excited to learn new things and be on the cutting edge of health & wellness. Our Culture & PerksWe're a patient-centered healthcare clinic with a culture that values empathy, respect, and teamwork. We offer: Competitive salary and benefits package Opportunities for professional growth and developmentA supportive and inclusive work environment Meaningful work that makes a difference in patient's lives Expected CompensationThe expected compensation for this position is $21 per hour, plus benefits. Pay offered may vary depending on multiple individualized factors, job-related knowledge, skills, and experience. The total compensation package for this position may also include other elements dependent on the position offered. Details of participation in these benefit plans will be provided if an employee receives an offer of employment. Additional Information: As part of our selection process, all candidates may be required to participate in an in-person interview with a Next Health representative at one of our locations, whenever possible, prior to a final hiring decision.Next Health is an Equal Opportunity employer, committed to promoting a diverse and inclusive workplace. All qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, age, national origin, disability, protected veteran status, gender identity or expression, or any other characteristic protected by applicable federal, state, or local laws. We are dedicated to ensuring equal employment opportunities for all applicants and employees, including those with criminal histories, arrest records, or conviction records, in accordance with relevant laws. This includes compliance with the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act, where applicable. Qualified individuals with a disability who require assistance during the application or recruitment process, have the right to request a reasonable accommodation. Please submit your request to ********************. We kindly ask that applicants refrain from calling our office regarding job inquiries. All application-related questions should be directed to ********************. Thank you for your understanding.

**Be visionary** Teledyne Technologies Incorporated provides enabling technologies for industrial growth markets that require advanced technology and high reliability. These markets include aerospace and defense, factory automation, air and water quality environmental monitoring, electronics design and development, oceanographic research, deepwater oil and gas exploration and production, medical imaging and pharmaceutical research. We are looking for individuals who thrive on making an impact and want the excitement of being on a team that wins. **Job Description** Teledyne Controls is a global leader in delivering innovative avionics systems and data management solutions for both civil and military aircraft operators. Our cutting-edge technologies enable real-time access, analysis, and utilization of critical flight data, enhancing safety, efficiency, and operational performance across the aviation industry. Become part of a team that thrives on innovation and excellence in a dynamic, mission-driven environment. **Join Our Team as a Systems Security Engineer!** As an Entry-Level Avionics Security Engineer, you will play a key role in safeguarding next-generation avionics systems. This position combines hands-on testing, vulnerability analysis, and collaborative design support to ensure robust security across connected products. You'll work closely with engineering teams and customers to implement secure architectures, monitor emerging threats, and contribute to innovative solutions that meet stringent aerospace security standards. If you're ready to take on the challenge of securing cutting-edge avionics products and thrive in a dynamic environment, we want to hear from you! **Essential Duties and Responsibilities** include the following. Other duties may be assigned. + Collaborate with engineering teams, program management, and customers to define and communicate security requirements and updates. + Perform testing and validation of security features and controls to ensure compliance and effectiveness. + Contribute to security assessments, including risk analysis, threat modeling, and penetration testing activities. + Monitor and evaluate Common Vulnerabilities and Exposures (CVEs) for relevance to Teledyne products. + Execute test scenarios to assess product security resilience under various conditions. + Participate in trade studies and evaluations of security processes, tools, and technologies. + Support design teams in strengthening security architecture and implementing secure solutions for new and existing products. + Assist in customer-facing technical reviews, including preliminary and critical design presentations. + Stay informed on emerging security threats and trends to proactively enhance product security. + Contribute to the development and integration of security features for connected avionics systems. + Promote security awareness through education, communication, and best-practice initiatives. **Qualifications** + Bachelor degree in engineering or other technical field and 0-2 years of experience (can include coursework, projects and internships). + Basic understanding of Security Architecture principles, including cryptography, authentication, network security, and public key infrastructure mechanisms to secure product, network, and system boundaries, as well as inter-system communications. + Familiarity with networking concepts, including design and troubleshooting. + Basic knowledge of system design concepts and application development. + Awareness of security implementations in cloud environments, such as AWS. + Understanding of the design, auditing, analysis, support, and troubleshooting of security systems. + Basic knowledge of embedded system security and Linux. + Experience with scripting using Python, Bash, or PowerShell is a plus. + Must be a U.S. Person (includes U.S. citizens, lawful permanent residents, refugees, and asylees) **Salary Range:** $58,100.00-$77,400.000 **Pay Transparency** The anticipated salary range listed for this role is only an estimate. Actual compensation for successful candidates is carefully determined based on several factors including, but not limited to, location, education/training, work experience, key skills, and type of position. Teledyne conducts background checks on qualified applicants who receive a conditional offer of employment in accordance with applicable laws, regulations and ordinances. Background checks may include, but are not limited to, education verification, employment history and verification, criminal convictions, Motor Vehicle Report (MVR & driving history), reference check, credit checks/credit history and drug testing. All qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Teledyne and all of our employees are committed to conducting business with the highest ethical standards. We require all employees to comply with all applicable laws, regulations, rules and regulatory orders. Our reputation for honesty, integrity and high ethics is as important to us as our reputation for making innovative sensing solutions. Teledyne is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other characteristic or non-merit based factor made unlawful by federal, state, or local laws. You may not realize it, but Teledyne enables many of the products and services you use every day **.** Teledyne provides enabling technologies to sense, transmit and analyze information for industrial growth markets, including aerospace and defense, factory automation, air and water quality environmental monitoring, electronics design and development, oceanographic research, energy, medical imaging and pharmaceutical research.

Job DescriptionThe Company: VeSync is a portfolio company with brands that cover different categories of health & wellness products. We wouldn't be surprised if you have one of our Levoit air purifiers in your living room or a COSORI air fryer whipping up healthy and delicious meals for you every night. We're a young and energetic company, we've had tremendous success, and we are constantly growing our team. As we garner more industry attention - just check out our accomplishments and awards by CES Innovation, iF Design, IGA, and Red Dot - we also need driven and talented people to join our team. That brings us to you, and what you'll be joining. Our teams are smart and diligent and take ownership of their work - they're confident in their work but know how to collaborate with open ears and a spirit of learning. If you're down-to-earth, approachable, and easy to strike up a conversation with, this may be a great fit for you. Check out our brands:levoit.com \u007C cosori.com \u007C etekcity.com The Opportunity: The Information Security Analyst is responsible for supporting the organization's security posture by implementing, monitoring, and maintaining security controls across systems, networks, and cloud environments. This role works closely with senior security team members to identify risks, respond to incidents, and ensure compliance with security standards and regulatory requirements.What you will do at VeSync: Information Security Operations & Planning Support the implementation and maintenance of information security controls to protect company data and assets across on-premise and cloud environments. Assist in analyzing business processes, systems, and data flows to identify security gaps and improvement opportunities. Apply industry best practices and frameworks such as the NIST Cybersecurity Framework (CSF) to support confidentiality, integrity, and availability of information assets. Policy Support & Compliance Assist in the development, implementation, and maintenance of information security policies, standards, and procedures. Support compliance efforts with industry standards and regulations (e.g., ISO 27001, NIST, GDPR). Help track evidence and controls using compliance and GRC tools such as OneTrust, Drata, or similar platforms. Monitor regulatory and security trends and escalate relevant changes to senior team members. System, Network, and Cloud Security Monitor and help maintain security controls for systems, networks, and public cloud platforms (AWS, Azure, GCP). Assist with configuration, monitoring, and tuning of cloud security services and tools. Use security tools and dashboards (e.g., SIEM, security scorecards) to identify potential threats and vulnerabilities. Support AWS security services and baseline configurations. Security Monitoring & Incident Response Monitor security alerts and events using SIEM and security monitoring tools. Participate in incident response activities, including investigation, containment, remediation, and post-incident analysis. Assist with blue team activities, tabletop exercises, and response drills to improve readiness. Document incidents and lessons learned. Identity & Access Management Support user access reviews, permission audits, and access control processes. Assist with identity management systems to ensure appropriate authentication and authorization controls. Help identify and remediate excessive or inappropriate access. Risk Assessment & Vulnerability Management Participate in risk assessments and vulnerability identification efforts. Assist with vulnerability scanning, tracking, and remediation coordination. Support risk documentation and reporting aligned with frameworks such as NIST CSF. Help track and report basic security metrics and KPIs. Security Awareness & Documentation Support the delivery of security awareness training and phishing simulations. Assist in developing security documentation, including procedures, controls, detection rules, and response playbooks. Maintain clear and accurate security documentation for audits and operational use. What you bring to the role: Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent experience). 3-6 years of experience in information security or a related IT/security role. Hands-on experience with security monitoring, incident response, vulnerability management, or risk assessment. Familiarity with cloud environments (AWS, Azure, or GCP) and basic cloud security concepts. Working knowledge of security frameworks and standards such as NIST CSF, ISO 27001, and CIS. Understanding of network security fundamentals, including firewalls, IDS/IPS, endpoint protection, and logging. Experience with SIEM or security monitoring tools such as Splunk, QRadar, Rapid7, or Wazuh. Strong analytical, troubleshooting, and communication skills. Preferred Qualifications Experience supporting compliance or audit activities. Familiarity with GRC or compliance automation tools (OneTrust, Drata, or similar). Relevant security certifications such as Security+, CEH, GSEC, or progress toward CISSP/CISM. Location: This is an on-site, office-based role in Tustin, CA. Salary: Starting at $90K Annually Perks and Benefits: 100% covered Medical/Dental/Vision insurance for employee AND spouse + dependents! 401K with 4% employer match (eligible after 90 days of employment) and immediate 100% vesting Generous PTO policy + paid holidays Life Insurance Voluntary Life Insurance Disability Insurance Critical Illness Coverage Accident Insurance Healthcare FSA Dependent Care FSA Travel Assistance Program Employee Assistance Program (EAP) Fully stocked kitchen

This position is responsible for ensuring that the Bank's Security operations and preventive controls are managed and maintained in accordance with established Information Security policies, standards and procedures, published regulations and industry best practices. Primarily responsible for the constant review of vendor security controls in comparison with policies and industry frameworks, risk assessments, determination of control gaps and their remediation. ESSENTIAL FUNCTIONS Performs vendor security risk assessments to determine inherent risk on proposed projects and assesses vendor security controls to determine residual risk. Evaluates the potential exposure to application security risks and threats based on industry security frameworks and recommends appropriate mitigation. Assesses security practices including Information Security governance, Identity and access control, Incident monitoring and response, Vulnerability assessment and Penetration tests, Network Security and Endpoint Security, among others. Acts as liaison with Third Party Risk Management, Information Technology and business department Relationship Managers related to vendor risk assessments. Reports information security risks and follows-up remediations. Remediates audit and regulatory findings and recommendations related to Information Security and Vendor Risk Management. QUALIFICATIONS Education: College degree in Information Technology or Information Security or equivalent; Security+, SSCP, CISSP, CISM or similar information security certifications preferred. Experience: Minimum two years of experience in Information Security Risk, Information Security Operations or Security Auditing. Proven experience on third-party risk management and vendor security assessments. Working knowledge of security practices such as Endpoint Security, Network Security, Security Operations and Security Governance required. Experience working with Vendor Risk Management (VRM) applications preferred. Skills/Ability: Proven ability to initiate and manage projects. Excellent communication and problem-solving skills. Strong inter-personal communication and collaboration skills. Self-starter, highly motivated, and able to work with general supervision. OTHER DETAILS $28.84 - $33.65 / hour Pay determined based on job-related knowledge, skills, experience, and location. This position may be eligible for a discretionary bonus.

Job Description Headquartered in the United States, TP-Link Systems Inc. is a leading global provider of networking devices and smart home products. Consistently ranked as the world's top provider of Wi-Fi devices, TP-Link is dedicated to delivering innovative solutions that improve people's lives by offering faster, more reliable connectivity. Serving customers in over 170 countries, we are committed to expanding our global footprint. At TP-Link Systems Inc., we believe that technology has the power to transform the world for the better. Our mission is to design reliable, high-performance products that connect users worldwide to the limitless possibilities of technology. We are driven by our core values of professionalism, innovation, excellence, and simplicity. Our goal is to help clients achieve outstanding global performance and to provide consumers with a seamless, effortless technology experience. TP-Link Systems Inc. is seeking a skilled and proactive Sr. Security Compliance Analyst who will be responsible for developing and overseeing TP-Link's enterprise security governance framework, ensuring compliance with regulatory requirements, industry standards, and internal policies. This individual will collaborate with cross-functional teams to embed security into business operations, manage risk, and enhance security resilience across TP-Link's enterprise ecosystem. Key Responsibilities: Security Governance & Policy Development Develop, implement, and maintain security policies, standards, and guidelines aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Establish and lead a security governance framework to ensure consistent application of security controls across the enterprise. Risk Management & Compliance Identify, assess, and mitigate security risks across TP-Link's global operations. Ensure compliance with regulatory requirements such as GDPR, CCPA, NIST CSF, and other applicable cybersecurity frameworks. Oversee security audits, risk assessments, and third-party security evaluations. Partner with legal, IT, and business leaders to address security compliance gaps. Third-Party & Supply Chain Security Develop and enforce security requirements for vendors, suppliers, and third-party partners. Conduct security assessments of supply chain partners to identify and mitigate potential risks. Security Awareness & Training Develop and lead security awareness programs to educate employees on cybersecurity risks and best practices. Foster a security-first culture across all levels of the organization. Provide guidance and training on security governance processes for internal stakeholders. Incident Response & Continuous Improvement Support security incident response efforts by ensuring governance processes facilitate rapid detection and response. Lead post-incident analysis to refine security policies and controls. Monitor emerging threats, regulatory changes, and industry trends to evolve TP-Link's security governance strategies. Requirements Qualifications Education: Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field. Experience: 5+ years of experience in security governance, risk management, or compliance in a global technology or networking company. Proven track record in developing and implementing security governance frameworks for enterprise security. Experience managing compliance with industry standards and regulations (ISO 27001, NIST CSF, SOC 2, GDPR, CCPA, etc.). Hands-on experience with supply chain security, third-party risk management, and vendor security assessments. Skills: Deep understanding of security frameworks (ISO 27001, NIST, CIS, SOC 2) and regulatory requirements. Strong expertise in risk management methodologies, security policy development, and compliance auditing. Proficient in conducting security assessments, third-party risk evaluations, and internal security reviews. Ability to communicate complex security concepts to business and technical stakeholders effectively. Strong leadership skills with experience in cross-functional collaboration and executive reporting. Benefits Salary range: $100,000-$150,000 Free snacks and drinks, and provided lunch on Fridays Fully paid medical, dental, and vision insurance (partial coverage for dependents) Contributions to 401k funds Bi-annual reviews, and annual pay increases Health and wellness benefits, including free gym membership Quarterly team-building events At TP-Link Systems Inc., we are continually searching for ambitious individuals who are passionate about their work. We believe that diversity fuels innovation, collaboration, and drives our entrepreneurial spirit. As a global company, we highly value diverse perspectives and are committed to cultivating an environment where all voices are heard, respected, and valued. We are dedicated to providing equal employment opportunities to all employees and applicants, and we prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Beyond compliance, we strive to create a supportive and growth-oriented workplace for everyone. If you share our passion and connection to this mission, we welcome you to apply and join us in building a vibrant and inclusive team at TP-Link Systems Inc. Please, no third-party agency inquiries, and we are unable to offer visa sponsorships at this time.

The Company: VeSync is a portfolio company with brands that cover different categories of health & wellness products. We wouldn't be surprised if you have one of our Levoit air purifiers in your living room or a COSORI air fryer whipping up healthy and delicious meals for you every night. We're a young and energetic company, we've had tremendous success, and we are constantly growing our team. As we garner more industry attention - just check out our accomplishments and awards by CES Innovation, iF Design, IGA, and Red Dot - we also need driven and talented people to join our team. That brings us to you, and what you'll be joining. Our teams are smart and diligent and take ownership of their work - they're confident in their work but know how to collaborate with open ears and a spirit of learning. If you're down-to-earth, approachable, and easy to strike up a conversation with, this may be a great fit for you. Check out our brands:levoit.com | cosori.com | etekcity.com The Opportunity: The Information Security Analyst is responsible for supporting the organization's security posture by implementing, monitoring, and maintaining security controls across systems, networks, and cloud environments. This role works closely with senior security team members to identify risks, respond to incidents, and ensure compliance with security standards and regulatory requirements.What you will do at VeSync: Information Security Operations & Planning Support the implementation and maintenance of information security controls to protect company data and assets across on-premise and cloud environments. Assist in analyzing business processes, systems, and data flows to identify security gaps and improvement opportunities. Apply industry best practices and frameworks such as the NIST Cybersecurity Framework (CSF) to support confidentiality, integrity, and availability of information assets. Policy Support & Compliance Assist in the development, implementation, and maintenance of information security policies, standards, and procedures. Support compliance efforts with industry standards and regulations (e.g., ISO 27001, NIST, GDPR). Help track evidence and controls using compliance and GRC tools such as OneTrust, Drata, or similar platforms. Monitor regulatory and security trends and escalate relevant changes to senior team members. System, Network, and Cloud Security Monitor and help maintain security controls for systems, networks, and public cloud platforms (AWS, Azure, GCP). Assist with configuration, monitoring, and tuning of cloud security services and tools. Use security tools and dashboards (e.g., SIEM, security scorecards) to identify potential threats and vulnerabilities. Support AWS security services and baseline configurations. Security Monitoring & Incident Response Monitor security alerts and events using SIEM and security monitoring tools. Participate in incident response activities, including investigation, containment, remediation, and post-incident analysis. Assist with blue team activities, tabletop exercises, and response drills to improve readiness. Document incidents and lessons learned. Identity & Access Management Support user access reviews, permission audits, and access control processes. Assist with identity management systems to ensure appropriate authentication and authorization controls. Help identify and remediate excessive or inappropriate access. Risk Assessment & Vulnerability Management Participate in risk assessments and vulnerability identification efforts. Assist with vulnerability scanning, tracking, and remediation coordination. Support risk documentation and reporting aligned with frameworks such as NIST CSF. Help track and report basic security metrics and KPIs. Security Awareness & Documentation Support the delivery of security awareness training and phishing simulations. Assist in developing security documentation, including procedures, controls, detection rules, and response playbooks. Maintain clear and accurate security documentation for audits and operational use. What you bring to the role: Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent experience). 3-6 years of experience in information security or a related IT/security role. Hands-on experience with security monitoring, incident response, vulnerability management, or risk assessment. Familiarity with cloud environments (AWS, Azure, or GCP) and basic cloud security concepts. Working knowledge of security frameworks and standards such as NIST CSF, ISO 27001, and CIS. Understanding of network security fundamentals, including firewalls, IDS/IPS, endpoint protection, and logging. Experience with SIEM or security monitoring tools such as Splunk, QRadar, Rapid7, or Wazuh. Strong analytical, troubleshooting, and communication skills. Preferred Qualifications Experience supporting compliance or audit activities. Familiarity with GRC or compliance automation tools (OneTrust, Drata, or similar). Relevant security certifications such as Security+, CEH, GSEC, or progress toward CISSP/CISM. Location: This is an on-site, office-based role in Tustin, CA. Salary: Starting at $90K Annually Perks and Benefits: 100% covered Medical/Dental/Vision insurance for employee AND spouse + dependents! 401K with 4% employer match (eligible after 90 days of employment) and immediate 100% vesting Generous PTO policy + paid holidays Life Insurance Voluntary Life Insurance Disability Insurance Critical Illness Coverage Accident Insurance Healthcare FSA Dependent Care FSA Travel Assistance Program Employee Assistance Program (EAP) Fully stocked kitchen

This position is responsible for ensuring that the Bank's Security operations and preventive controls are managed and maintained in accordance with established Information Security policies, standards and procedures, published regulations and industry best practices. Primarily responsible for the constant review of vendor security controls in comparison with policies and industry frameworks, risk assessments, determination of control gaps and their remediation. ESSENTIAL FUNCTIONS Performs vendor security risk assessments to determine inherent risk on proposed projects and assesses vendor security controls to determine residual risk. Evaluates the potential exposure to application security risks and threats based on industry security frameworks and recommends appropriate mitigation. Assesses security practices including Information Security governance, Identity and access control, Incident monitoring and response, Vulnerability assessment and Penetration tests, Network Security and Endpoint Security, among others. Acts as liaison with Third Party Risk Management, Information Technology and business department Relationship Managers related to vendor risk assessments. Reports information security risks and follows-up remediations. Remediates audit and regulatory findings and recommendations related to Information Security and Vendor Risk Management. QUALIFICATIONS Education: College degree in Information Technology or Information Security or equivalent; Security+, SSCP, CISSP, CISM or similar information security certifications preferred. Experience: Minimum two years of experience in Information Security Risk, Information Security Operations or Security Auditing. Proven experience on third-party risk management and vendor security assessments. Working knowledge of security practices such as Endpoint Security, Network Security, Security Operations and Security Governance required. Experience working with Vendor Risk Management (VRM) applications preferred. Skills/Ability: Proven ability to initiate and manage projects. Excellent communication and problem-solving skills. Strong inter-personal communication and collaboration skills. Self-starter, highly motivated, and able to work with general supervision. OTHER DETAILS $28.84 - $33.65 / hour Pay determined based on job-related knowledge, skills, experience, and location. This position may be eligible for a discretionary bonus.