Security engineer jobs in Union, NY

The Team: The Security Engineering Lead will be responsible for designing, building, and maintaining the organization's security infrastructure. This role requires a highly skilled professional who can lead a team of engineers, implement innovative security solutions, and ensure the resilience of the organization's systems and networks. The ideal candidate will have extensive experience in security engineering, a strong technical background, and the ability to manage and deliver complex security projects. **This Role does NOT provide sponsorship** Salary: $150k-$190k base w/ 20% bonus Responsibilities: Leadership and Management: Lead and mentor a team of security engineers, fostering a culture of continuous learning and innovation. Build and scale a global team to meet organizational needs. Architecting Security Solutions: Assist teams in designing and implementing advanced security solutions, including cloud security, privilege access management and application/system security. Collaboration: Partner with software development, infrastructure, and operations teams to embed security into the development lifecycle and operational processes. Performance Optimization: Regularly evaluate and optimize existing security tools and technologies to ensure maximum efficacy and efficiency. Training and Knowledge Sharing: Develop and deliver technical security training to engineers and other staff, ensuring a strong organizational security posture. Documentation and Reporting: Create detailed documentation for security systems and processes, and provide regular project reports senior management. Required Skills and Experience: Experience (3+ year) in people leadership roles, nurturing security engineers into high-performing teams. Experience (5+ years) in a security engineering role, focusing on designing and implementing security solutions and managing security infrastructure, both on-premise and cloud. Experience working with privilege and identity management solutions. Experience with operating system security and system hardening. Knowledge of network security principles, protocols, and technologies. Strong analytical and problem-solving skills, with the ability to assess risks and develop appropriate security controls. Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders. Ability to work independently, prioritize tasks, and manage multiple projects simultaneously. Strong leadership skills, with the ability to mentor and guide junior team members. Skills and Experience That Would Help You Stand Out: A bachelor's degree in Computer Science, Information Security, or a related field. A master's degree is a plus. Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM) are highly desirable. Linux security experience Familiarity with DevSecOps and integrating security into CI/CD pipelines. Scripting experience.

Title: Cloud Security Principal Engineer Job Duration: 6 months (Contract to Hire) We are seeking an experienced Cybersecurity Engineer to strengthen enterprise security across cloud and on-prem environments. This role focuses on enhancing identity, access, and threat protection capabilities while supporting automation, compliance, and continuous security improvement. The ideal candidate brings strong hands-on security engineering skills, deep Azure experience, and proven success designing and operating security controls within large, complex environments. Responsibilities Implement, configure, and maintain enterprise security tools including SIEM, EDR, IAM, and CSPM solutions Engineer and operate security controls across Azure and hybrid environments Lead IAM / RBAC / user access governance initiatives to improve authentication and authorization workflows Monitor, investigate, and respond to security threats through SIEM and SOC processes Drive automation of security and identity tasks using Terraform, PowerShell, and scripting Collaborate with infrastructure, applications, and architecture teams to ensure secure design and deployment practices Support vulnerability remediation, risk assessments, and compliance requirements Contribute to security standards, documentation, and best practices for ongoing maturity and scalability Required Qualifications CISSP certification (mandatory) 12+ years overall IT experience across network, systems, and/or application platforms 6+ years in Cybersecurity with a focus on security engineering 3+ years in IAM / RBAC / identity governance Strong hands-on knowledge of Azure Security, virtualization, and Microsoft security ecosystem Experience with security monitoring and defense tools such as: Microsoft Sentinel, Microsoft Defender, Splunk, Wiz (or similar) Skilled in automation using Terraform, PowerShell, or equivalent scripting tools Preferred Qualifications Additional cloud security certifications (e.g., AZ-500, CCSP) Experience supporting security in healthcare or regulated industries Familiarity with DevSecOps practices and secure CI/CD integration Work Environment Hybrid: ~80% remote / 20% onsite each week Location: Philadelphia Metro area Contract-to-permanent conversion opportunity Candidates must be willing to commute onsite as required Why Join Visible role influencing enterprise-wide security posture Opportunity to work with modern security technologies in critical infrastructure Long-term career potential through contract-to-hire pathway

Are you considering a new role in Cyber Security and want to work in a company that is helping to change the world? Consider joining an organization serving the global scientific research community, supporting the brightest minds on the planet. Are you a collaborative Incident Response Engineer looking to work for a mission driven global organization? About the role, Elsevier is expanding its Global InfoSec Security Incident Response team. As a Security Incident Response Engineer, you will play a crucial role in our internal security support team, assisting with incident response investigations. This team is entrusted with analyzing, triaging, scoping, containing, and providing guidance for remediation, as well as determining the root cause of security incidents. This team also is empowered by collecting and analyzing security incident-related data to identify indicators of attack and compromise. Responsibilities: Assisting in scoping security incidents and identifying indicators of attack and compromise. Analyzing incident data from threat analytics tools. Communicating recommendations and guidance based on security incident analysis. Coordinating responses to security incidents with other security and consulting teams. Developing, documenting, and implementing runbooks, capabilities, and techniques for Incident Response. Performing security triage and analysis on endpoint, server, and network infrastructure. Conducting activities necessary for immediate containment and short-term resolution of incidents. Maintaining current knowledge of the threat landscape, emerging security threats, and vulnerabilities. Investigating the root cause of complex security incidents. Maintaining a high level of confidentiality. Requirements Possess experience in cybersecurity incident response or related fields. Proven ability to analyze, triage, scope, contain, and remediate security incidents. Have current and extensive knowledge of security technologies, tools, and processes. Experience with major cloud providers, including cloud security, networking, and multi-cloud or hybrid deployments. Have current skills in automation using PowerShell, Python, Java, or similar languages. Experience in Linux and/or Mac administration. Experience in Network Security Administration or Systems Administration. Experience supporting large, complex, and geographically distributed enterprise environments. Preferred certifications: CISSP, CISM, SANS, GIAC, ethical hacking/penetration tester, or security risk assessment. Elsevier employs 10,000 people worldwide, including over 2,500 technologists. We have supported the work of our research and health partners for more than 140 years. Growing from our roots in publishing, we offer knowledge and valuable analytics that help our users make breakthroughs and drive societal progress.

[Up to c. $325k Comp Package | Hybrid Working] We're representing a globally recognised quantitative trading firm that combines advanced research, distributed computing, and next-generation AI systems to drive its trading strategies. The business is now seeking an Enterprise Security Engineer to enhance and protect the platforms powering some of the most demanding environments in finance. This is a hands-on engineering role focused on securing large-scale compute and AI workloads across both on-premise and cloud environments. You'll help design, build, and automate scalable security solutions that safeguard the firm's infrastructure, data, and intellectual property - working at the intersection of cloud security, Linux, automation, and AI system protection. The role sits within the Enterprise Security team, which is expanding in New York, and will suit an engineer comfortable balancing deep technical work with strategic platform improvements... Key Responsibilities Design, implement, and maintain secure-by-default architectures across hybrid and multi-cloud environments, ensuring scalability and compliance Strengthen cloud and AI platform security, embedding controls that protect high-performance clusters, GPU-based compute, and distributed research systems Build automation to detect configuration drift, anomalies, and vulnerabilities, partnering with Security Operations to refine response playbooks and workflows Engineer and maintain IAM and authentication solutions, enforcing least-privilege access and integrating identity controls across hybrid infrastructure Lead initiatives to improve Linux and Kubernetes security, implementing configuration baselines, container hardening, and runtime protection Oversee endpoint and workload security, ensuring consistent enforcement of protection, monitoring, and incident readiness Operate and mature vulnerability management processes, prioritising risks and coordinating remediation across global teams Enhance observability and instrumentation for cloud and AI systems, improving detection, visibility, and forensic capabilities Contribute to DevSecOps pipelines, embedding automated checks, compliance testing, and security validation into deployment workflows Collaborate cross-functionally to develop secure-by-design principles that balance performance, scalability, and user experience Continuously assess emerging technologies, AI threat models, and attack vectors to inform long-term enterprise security strategy What You'll Bring... 4+ years' professional experience in security engineering, systems engineering, or a related technical discipline Strong practical knowledge of Linux environments, including configuration, hardening, and observability at scale Hands-on experience in cloud security, ideally within AWS, including IAM, encryption, and network segmentation Proficiency in Python or similar scripting languages for automating security tooling, data collection, and remediation workflows Familiarity with Kubernetes and container security, including runtime controls and image management Understanding of vulnerability assessment and configuration management, including prioritisation and automation of fixes Exposure to endpoint and application security, with awareness of techniques for securing developer or research systems Experience supporting authentication and identity services, with practical knowledge of federation, SSO, and access policies (Preferred) Experience securing AI or machine learning environments, particularly around model access, GPU workloads, or data protection (Preferred) Understanding of DevSecOps practices, integrating automated checks into CI/CD pipelines ...

Contact Details: 1.Poonam Khandelwal Email: poonam.khandelwal@peer-consulting.com Cell: (732) 797-9766 Job Title: Cyber Command Forensic Analyst Duration: 48 months Years of Experience: 8+ years Required Hours/Week: 35hrs/week Job Description: The forensics Analyst will investigate network intrusions and other cyber incidents to determine cause, extent and consequences of the breach. Research and develop new techniques, and procedures to continually improve the digital forensics process. Produce high quality written work product presenting complex technical issues clearly and concisely. Managing and maintaining the analysis labs and forensics tools leveraged for investigations. Ensuring data is collected and preserved within industry standard best practices and in alignment evidence integrity requirements. Assisting the Cyber Emergency Response Team during critical incidents. Investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based forensic analysis. Mandatory Skills/ Experience: Candidates who do not have the mandatory skills will not be considered. Minimum 4 years of experience in Threat Management/Forensics Investigations/Incident Response environment Proficient in performing digital forensic investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools. Desirable Skills/ Experience: Experience with a wide range of forensic tools (FTK, X-Ways, SIFT, AXIOM, EnCase, etc.) Experience with memory analysis tools (i.e. Volatility, MemProcFS) Experience with Linux and open source tools Experience investigating intrusions on Windows and Linux/Unix operating systems Experience with performing forensics collections in cloud environments (AWS, Azure, GCP) Knowledge of gathering, accessing, and assessing evidence from computer systems and electronic devices Knowledge of virtual environments Knowledge of forensic imaging techniques Knowledge of Microsoft Windows operating system and Windows artifacts Knowledge of Linux/UNIX operating systems and artifacts Knowledge of mac OS operating system and forensics artifacts Knowledge of file systems Strong analytical skills

Akkodis is seeking a Cybersecurity Operations Specialist role is a Direct hire with a client located in NYC 10022 (Hybrid). Ideally looking for applicants to have a solid background in Security operations, SOC, Financial services, FINRA, SEC would come as a big plus. Salary Range: $130k-$140k/Annum + Benefits, The salary may be negotiable based on experience, education, geographic location, and other factors. We are seeking a Cybersecurity Operations Specialist to join our security operations team and play a hands-on role in monitoring, protecting, and improving the firm's cybersecurity posture. This position focuses on day-to-day security operations, vulnerability management, and incident response across our on-premise and cloud environments (AWS and Microsoft 365). The ideal candidate has strong technical knowledge of endpoint protection, identity management, and network security, combined with an analytical mindset and attention to detail suitable for a regulated financial environment. Key Responsibilities: Security Operations & Monitoring Monitor and investigate alerts from CrowdStrike Falcon XDR, Microsoft Defender, and Intune. Conduct triage and escalation of suspicious activities in coordination with infrastructure and IT teams. Maintain visibility and reporting through Tenable Security Center and Nessus vulnerability scans. Support log analysis, correlation, and event tracking through integrated dashboards or SIEM platforms. Vulnerability & Patch Management Perform routine vulnerability assessments and track remediation status. Collaborate with system administrators to ensure timely patching of Windows, Linux, and network devices. Validate risk reduction and patch compliance before closing findings. Endpoint & Identity Security Administer and monitor Symantec Endpoint Protection Manager (EPM) and Microsoft Intune policies. Enforce endpoint encryption (Corporate Laptop), application control, and posture management. Manage Microsoft Entra (Azure AD) identity policies, MFA enforcement, and conditional access rules. Review privileged account usage and assist in quarterly access recertification. Network & Cloud Protection Support network segmentation, VPN access, and firewall change reviews on Juniper platforms. Monitor ZScaler logs for anomalous web traffic or policy violations. Assist with AWS and Microsoft 365 security baselines, configuration hardening, and identity governance. Security Awareness & Compliance Administer and report on employee phishing and training campaigns via KnowBe4. Support audit requests (FINRA, SEC, SOC1/2) by preparing evidence and log samples. Maintain documentation of incidents, vulnerabilities, and security control tests. Incident Response & Reporting Participate in incident containment, investigation, and remediation. Collect forensic artifacts (logs, screenshots, binaries) as directed by the CISO. Prepare post-incident summaries and lessons-learned documentation. Qualifications: Required Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience). 3-5 years of experience in security operations, SOC, or IT security support. Working knowledge of EDR/XDR platforms (CrowdStrike, Defender), vulnerability scanners (Nessus), and firewall/IDS systems. Understanding of Windows/Linux administration, TCP/IP networking, and cloud identity management. Strong analytical, documentation, and communication skills. Preferred Experience with regulated financial institutions (FINRA, SEC, NFA, CFTC). Certifications such as CompTIA Security+, CySA+, Microsoft Certified: Security Operations Analyst, or GIAC GSEC. Familiarity with scripting or automation (PowerShell, Python) for security tasks. If you are interested in this role, then please click APPLY NOW. For other opportunities available at Akkodis, or any questions, feel free to contact me at *********************************. Equal Opportunity Employer/Veterans/Disabled Benefits offerings include but are not limited to: • 401(k) with match • Medical insurance • Dental Insurance • Vision assistance • Paid Holidays Off To read our Candidate Privacy Information Statement, which explains how we will use your information, please visit ****************************************** The Company will consider qualified applicants with arrest and conviction records in accordance with federal, state, and local laws and/or security clearance requirements, including, as applicable: · The California Fair Chance Act · Los Angeles City Fair Chance Ordinance · Los Angeles County Fair Chance Ordinance for Employers · San Francisco Fair Chance Ordinance

This young and agile company, providing identity risk solutions is currently seeking a Senior Cloud Security Engineer with a focus on Infrastructure and Security to join their growing team. You will assist with the continuous maturation of their Cloud Security services within the Security division. This is an excellent opportunity for an experienced Cloud Security Engineer with experience in both Infrastructure and Security to take the next step into a challenging position with a company offering significant growth potential. About the Company: Founded in the last 10 years, they are one the fastest growing companies in their space. They are a fast-growing company that have built a platform that allows finance organisations and fintechs to strengthen their security defences. Their mission is to allow companies to manage their identity and fraud risk. Everything they do is entrenched in achieving engineering excellence. Their culture is not corporate, and they like to trust their employees to take on a lot of responsibility and have input into the shape of growth of the organisation. About the Senior Cloud Security Engineer (Infrastructure and Security) Vacancy: What you will be doing: • Serve as a cloud security subject matter expert, advise on and implementing best practices • Respond to security incidents and provide timely and appropriate solutions • Conduct cloud security risk assessments and audits • Conduct investigations into security incidents and potential threats • Take part in on call rotations for incident response and remediation • Assist with policy management, security audits, and due diligence for cloud security concerns • Advise on, configuring, and managing a variety of security tools • Keep informed about and respond to emerging security threats and vulnerabilities • Assist with cloud security reviews of potential vendors Ideal Requirements for the Senior Cloud Security Engineer (Infrastructure and Security) Vacancy: • Several years of experience working in a similar role with a focus on Cloud Security in AWS • Experience provisioning infrastructure in AWS using Terraform, CloudFormation, CDK, or similar tools • Experience configuring VPCs, route tables, NACLs, Security Groups, iptables, Web Application Firewall, Config, GuardDuty, Inspector, KMS, IAM, etc. • In depth knowledge of AWS security best practices around systems hardening, monitoring, and incident response • Experience taking part in an on-call rotation • You are passionate about securing infrastructure, reducing risk, and protecting data! • You are a subject matter expert on cloud security in AWS • You have a solid understanding of network architecture and protocols • You can advise on cloud security policies and procedures Apply to the Role: Roles like these are snapped up very quickly, so act now if you do not want to miss out! Reply to this advert or email your CV to **********************

Glocomms is partnered with a premier hedge fund to identify a Senior Security Engineer/Architect with deep expertise in AI Security. The ideal candidate will be a technical leader with a passion for securing complex, AI-driven systems. They will architect and implement cutting-edge security solutions that protect proprietary models, sensitive data, and mission-critical infrastructure. This role demands a blend of hands-on engineering, strategic foresight, and cross-functional collaboration. What You'll Do Work closely with teams across the firm to maintain and strengthen the information security program. Lead security efforts in the AI space by shaping policies, defining secure patterns for emerging AI agents, and serving as the go-to advisor on AI security initiatives. Act as a senior leader within the group and a trusted partner to business units, bridging security and operational priorities. Collaborate with technical and non-technical teams to review the security posture of new and existing systems. Design, build, and manage innovative tools that enhance internal security operations. What We're Looking For 10+ years in security, infrastructure, or site reliability engineering, with hands-on experience implementing security measures. A degree in computer science or a related technical field is preferred. Strong knowledge of security fundamentals, including protocols (TLS, OIDC, FIDO2), cryptography, access control, and application security (OWASP Top 10). A lifelong learner with curiosity for emerging technologies and willingness to take on projects beyond core expertise-especially in areas like AI and LLM security architecture. Excellent written and verbal skills; proven ability to explain complex security concepts to both technical and non-technical audiences, including engineers, infrastructure teams, compliance, and business stakeholders. Ability to make pragmatic, risk-based decisions in ambiguous situations, balancing risk reduction with innovative approaches that enable business success. Preferred Qualifications: Advanced degree in Computer Science, Cybersecurity, or a related discipline. Industry certifications such as CISSP, OSCP, GIAC, or equivalent. Experience with cloud platforms (AWS, Azure, GCP) and container security. Familiarity with regulatory frameworks relevant to financial services (e.g., SEC, FINRA, GDPR). The firm follows a hybrid schedule with employees expected to work in-office three days per week. Candidates must reside within (or be willing to relocate to) a commutable distance of New York City - Midtown, Manhattan. This is a full-time position and is unable to accommodate candidates seeking C2C/C2H employment. Applications must include a concise CV with full name and contact information in order to be considered

Senior Cyber Security Engineer, NYC Hybrid (3 Days a week Onsite) Our client is a financial services provider and they're looking for a senior engineer with real depth in Python OO and CyberArk or Swimlane to step into a high impact role. This is a hands-on position in a stable environment where you will own serious engineering problems and build the next generation of identity and PAM controls. What you will work on: • Engineering CyberArk (IAM/PAM) integrations and custom PAM solutions • Building Python based tooling, APIs, and automation that matter • Strengthening enterprise identity platforms across a complex environment • Collaborating with senior architects while still owning the code What we are looking for: • Python object-oriented engineering, not scripting • CyberArk (IAM/PAM) or Swimlane (SOAR) engineering experience • Infrastructure security background • 15+ years' experience in Engineering and/or Cyber Security • Experience in financial services or large enterprise is a plus Who usually fits this role: • Identity and PAM platform engineers • SOAR engineers who build with Python • Infra security engineers tired of purely operational work

Sr. Technical Security Engineer, W2 remote Minimum Requirements 5+ years of experience in application or product security, with a track record of securing desktop and mobile applications. Strong understanding of secure architecture for thick clients, including local storage protection, inter-process communication, JavaScript engines, OS-level security features, and web security standards (CSP, same-origin policy, TLS/HTTPS). Experience with mobile (iOS/Android) and desktop (Windows/mac OS/Linux) application security models. Proficiency in GenAI security, modern cryptography, certificate management, secure authentication (OAuth, WebAuthn, FIDO2), and secure session handling. Knowledge of OS-level hardening techniques, sandboxing, privilege separation, and secure use of platform APIs. Hands-on experience with secure coding practices in at least one systems language (C++, Rust, Go) and one application language (Kotlin, Swift, C#). Familiarity with static/dynamic analysis tools, fuzzing, penetration testing, and reverse engineering for client applications. Experience embedding security into the software development lifecycle (threat modeling, code reviews, secure design patterns). Ability to manage incident response and vulnerability remediation for thick client environments. Strong cross-team communication skills and ability to write clear developer-facing security guidelines.

Job Title: Cybersecurity Specialist Contract Type: 6-month engagement (renewable) Reports To: Head of Information Security We are seeking a highly skilled Cybersecurity Specialist to join our Information Security team. The successful candidate will play a key role in implementing and managing security controls, ensuring compliance with international standards, and supporting critical cybersecurity initiatives. Qualifications & Requirements Education & Professional Background Bachelor's degree in Computer Science, Information Security, Information Technology, or a related field. 7+ years of professional experience in cybersecurity and IT infrastructure, including hands-on roles in network, systems, and security operations. Relevant certifications preferred: CISSP, CISM, CISA, CCSP, ISO 27001 Lead Implementer/Auditor, Okta, CyberArk. Technical Expertise Privileged Access Management (PAM): Design, implement, and manage PAM solutions, including governance, role-based access, and operational workflows. Identity & Access Management (IAM): Hands-on experience with Okta or equivalent IAM platforms (SSO, MFA, identity lifecycle management, federation, automation). Network Security & SOC Operations: Strong knowledge of enterprise network infrastructure (firewalls, routing, VPN, segmentation) and experience in SOC functions (monitoring, detection, incident response). Firewall & Policy Management: Familiarity with AlgoSec or similar tools for firewall analysis and policy management. Cybersecurity Standards: Deep understanding of ISO 27001, NIST CSF, CIS Controls, and security governance best practices. Cloud Security: Experience securing cloud environments (Azure AD/Entra ID, AWS IAM), including access policies and conditional access. Incident Response: Ability to lead or support investigations, containment, mitigation, and reporting. Project Delivery & Documentation Proven ability to deliver complex cybersecurity projects within scope and timeline. Experience with structured project management frameworks (PRINCE2, PMP, Agile). Strong analytical and problem-solving skills; ability to translate technical risks into business impacts. Soft Skills & Professional Attributes Excellent written and verbal communication skills for technical documentation and stakeholder presentations. Strong sense of ownership, accountability, and attention to detail. Ability to work independently and collaborate effectively across IT, security, and business teams. High level of professionalism, integrity, and commitment to confidentiality. Language Requirements Fluency in English, with the ability to tailor communication for technical and non-technical audiences, including senior management.

Natixis CIB is seeking a dynamic and experienced Vice President of Network Security to lead and enhance our network security infrastructure across the AMER region. This strategic leadership role requires a deep technical understanding of network security and the ability to drive initiatives that protect our systems while mentoring a talented engineering team. The job responsibilities include, but are not limited, to the following: Infrastructure Oversight: Lead the design and administration of Natixis CIB AMER's network security infrastructure, focusing on critical components including DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, Remote Access and DMZ connectivity. Technology Initiatives: Drive technology projects aimed at enhancing cybersecurity and improving network performance in alignment with organizational goals. Continuous Monitoring: Ensure optimal network performance through continuous monitoring, dashboard creation, promptly addressing any security incidents. Documentation Management: Maintain comprehensive documentation, including network security asset inventories, diagrams, procedures and vendor contacts, to support operational efficiency and facilitate effective communication. Cross-Department Collaboration: Collaborate with infrastructure teams to resolve network-related challenges and ensure seamless operations across departments. Audit and Security Coordination: Work closely with audit and IT Security teams in both AMER and BPCE-IT to provide necessary documentation and implement remediation plans as required. Staff Mentorship and Training: Mentor and train junior engineering staff, fostering a culture of growth and skill development within the network team. Vulnerability Assessments: Conduct vulnerability assessments and manage patching processes to effectively mitigate and report security risks across the AMER region. Security Reporting: Develop and deliver regular security reports to Leadership, highlighting key metrics, incidents, and trends to inform strategic decision-making. LOD1 Security Management: Manage Line of Defense 1 (LOD1) network security controls and request as specified by the IT Risk Department. Strategy Alignment: Coordinate with AMER and Head Office IT Security teams to assure alignment on security strategies and policies. Tool Proficiency: Profiecent knowledge of security tools such as SIEM, Splunk, Centreon and Qualys for effective monitoring and incident response. Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field; Master's preferred. 6+ years of hands-on experience in network security management, preferably within the financial services industry. Extensive experience managing Cisco Firepower, Fortinet and Palo Alto firewalls, including DMZ design implementation. Relevant certifications such as Fortinet NSE 4/5, Palo Alto Networks Certified Network Security Engineer (PCNSE), Cisco CCNP Enterprise and CCNP Security is a plus. Highly desirable CISSP, CISM. Strong project management and leadership experience. Excellent communication and problem-solving skills, with a focus on collaboration and teamwork. Extensive understanding of network technologies - L2, L3, VXLAN, BGP, LAN/WAN/VPN Extensive understanding of security technologies such as firewall, load balancing, proxy, authentication methods Strong knowledge of DNS/DHCPWSG (Web Security Gateways), Proxy-pac scripting Troubleshooting knowledge of network and security systems with minimal guidance is required. OSI Layer 4 and Layer 7 protocol analysis and troubleshooting experience is required. Excellent oral and written communication and documentation skills are essential. Ideal candidate must have a strong understanding of Zero Trust Architecture and Network Access Control design for enterprise network infrastructure design, and troubleshooting. Among these technologies, knowledge of Arista and Cisco design, configuration and automation is a definite plus Knowledge of scripting languages such as Python, PoweShell, or Ansible. The individual will need to be very organized, flexible, results oriented and able to multi-task to meet the demands of our dynamic environment The candidate should be a self-starter, be able to work with minimal supervision, properly and effectively report project/work status to management and peers, take full ownership and responsibility of the tasks assigned to her/him and work them through completion. The candidate should be able to demonstrate both technical capabilities and in-depth knowledge of various security and network concepts, technologies, and best practices The candidate should have the ability to convey in non-technical terms complex technical explanations related to problems, designs, etc. Knowledge of Ansible Scripting is a plus Knowledge of micro segmentation tools such as Illumio or VM Ware NSX is a plus Natixis is an equal opportunity employer, committed to a workplace free of discrimination. Natixis will not tolerate any form of discrimination based on age, color, mental or physical handicap or disability, pregnancy, marital status, sexual orientation, national origin, alienage, ancestry or citizenship status, race, religion, sex (including sex stereotyping, gender identity, gender expression or transgender status), veteran status, creed, genetic information or carrier status, or any other protected characteristic as established by law. Respect for all means that we deal with each person as an individual and not as a member of any group. All qualified applicants will receive consideration for employment. Management is expected to provide leadership in supporting the firms EEO program by taking steps to promote EEO in all facets of employment including recruitment, hiring, retention, promotion, performance assessment, and career-development opportunities. The salary range for the VP position will be between $150,000 - $180,000. Natixis is required by law to include a reasonable estimate of the compensation range for this role. Actual base salary will vary and will be based on several factors including, but not limited to, relevant experience, education, skills set, applicable licensure and certifications, and other business and organizational needs. Base salary is only one component of our total rewards package. Natixis also offers a generous benefits package, and you may be eligible for a discretionary incentive award depending on company and individual performance.

Starting Pay Rate - Up to $75/hr 6-12 months contract to hire Located in Kings Point, NY Hybrid (Some days in office, Some remote) Public Trust Required The candidate will lead, design, implement, and maintain the company's cybersecurity governance, compliance efforts, and overall security posture. Responsibilities include managing ATO packages, RMF documentation, SSP/POA&M development, Zero Trust initiatives, account lifecycle controls, BYOD governance, and risk management. They will conduct vulnerability scanning, review alerts, perform incident response, and monitor enterprise security events. They will also coordinate patching, evaluate software requests, and maintain secure system configurations. The role leads cybersecurity briefings, Awareness Bulletins, Sea Year presentations, and Indoc training, and participates in cyber governance meetings such as Cyber Ops, CAM, vulnerability reviews, Change Control Board, and daily coordination with Academy IT leadership. Ensures alignment with NIST CSF, NIST 800-53, FISMA, DOT, and MARAD requirements to support mission readiness and secure operations. Job Responsibilities: • Ensure compliance with NIST CSF and RMF to maintain accreditation and protect system confidentiality, integrity, and availability • Provide strategic and tactical security guidance, recommending technical and administrative controls • Direct and mature the Incident Response Program, including triage, escalation, documentation, and after-action improvements • Administer enterprise security policies, maintain SOPs/checklists, and drive continuous monitoring and process enhancements • Lead threat and vulnerability management: scanning, pen-test coordination, risk scoring, and remediation tracking • Conduct threat landscape assessments, business impact analyses, and risk treatment recommendations • Oversee development of cybersecurity procedures (International Travel, BYOD, secure communications) • Manage recurring reviews of SSPs, POA&Ms, annual security plans, account audits, and risk acceptance packages • Serve as primary cybersecurity liaison to DOT, MARAD, auditors, and federal oversight entities • Support Zero Trust Architecture and broader security architecture modernization • Lead quarterly and biannual IR tabletop exercises and integrate lessons learned • Coordinate ITSEC team training and cross-functional knowledge sharing • Maintain security documentation, templates, policies, and recurring reports (Awareness Bulletins, POA&M dashboards, CSAM reporting) Skills Required: • Minimum 12 years of progressive cybersecurity experience • Experience with NIST RMF, ATO, C&A processes, POA&M development, and federal audit preparation. • Experience in Security Testing & Evaluation, risk assessments, policy and procedure development. • Experience in U.S. Government contracting or federal cybersecurity environments. • Strong leadership experience and ability to guide Infrastructure, Applications, and Cyber teams in a collaborative security posture. • Demonstrated ability to communicate security requirements to technical and non-technical stakeholders, lead governance meetings, and interact with senior federal leadership. • Expertise with incident response, vulnerability management tools, security event analysis, and risk treatment methodologies. Skills Preferred: • Bachelor's degree in information technology, Computer Science, Cybersecurity, or related field. • ITIL v3 Foundation certification. • CISM, CISSP or other advanced security management certifications. • Azure Security certifications • Experience with Zero Trust Architecture, Cloud security standards, and federal enclave cybersecurity operations. • Experience with leading training, cyber awareness initiatives, and security program development. • Experience working in a college or university

8+ years of experience in cybersecurity and network administration roles 5+ years of experience with various firewall platforms (Cisco Meraki, Palo Alto, Fortinet) Experience with endpoint protection, SIEM solutions, and log management tools Proficiency and knowledge of Azure Cloud Networking Knowledge of compliance standards CCNA, CCNP, Azure Network Engineer Associate Telecom Industry experience Experience partnering with 3rd party vendors for escalations This role is responsible for designing, deploying, and maintaining secure, high-performance network solutions across Cisco switches, routers, Meraki office systems, and Firepower/ASA in the data center, all integrated with Azure cloud networking. The position focuses heavily on cybersecurity, including implementing and managing firewalls, intrusion prevention systems, and security appliances, performing vulnerability assessments, and enforcing security policies and incident response protocols. The individual will act as the backend resource for a 3rd party managed service, handling escalations and unresolved threats, while collaborating with internal teams on risk identification and security improvements. Daily tasks include configuring virtual networks and security groups in Azure, managing identity and access controls such as MFA, monitoring network performance, troubleshooting connectivity issues, and optimizing configurations for scalability and security. The role also involves working with SIEM tools for threat detection, generating compliance and performance reports, maintaining documentation, and providing security training to staff. Continuous improvement is key, requiring the candidate to stay current on emerging threats and technologies while ensuring the overall security posture of the environment. This position is a 6 month contract to hire. It is a hybrid position in Bethpage, NY, Tues-Thurs. Insurance and 401K are offered during contract period as well as upon conversion. The converting salary for this role is $145,000-152,000.

About the Role We are seeking a Security Analyst II to support our IAMO Transformation Program, contributing to the configuration, implementation, and support of the new SailPoint IdentityIQ (IIQ) platform. This role plays a key part in advancing our Identity and Access Management (IAM) capabilities through automation, governance, and improved operational efficiency. The ideal candidate will leverage technical expertise in SailPoint and IAM processes to help reduce manual provisioning, streamline access management, and strengthen security controls across the enterprise. Key Responsibilities Configure, customize, and implement SailPoint IdentityIQ (IIQ) solutions to support enterprise IAM transformation. Provide ongoing SailPoint product support including design, implementation, maintenance, and troubleshooting activities. Develop and maintain workflows, forms, roles, policies, reports, certifications, and segregation of duties (SOD) controls. Perform business-critical analysis to improve application access request and workflow processes within IAM. Support access provisioning and remediation for audit findings, client onboarding, and offboarding activities. Ensure compliance with corporate access certification and revocation policies. Partner with internal stakeholders to meet Client Service Level Objectives and internal project deadlines. Required Skills & Experience 3-5 years of experience in Identity and Access Management (IAM) or Cybersecurity. Hands-on experience with SailPoint IdentityIQ (IIQ) design, customization, and support. Strong understanding of IAM processes including Joiner, Mover, Leaver, Certification, and SOD workflows. Proficiency in Project Management and Business Analysis practices. Ability to identify, troubleshoot, and resolve complex IAM functional and technical issues. Preferred Technical Skills Excel, PowerPoint, SharePoint, and Jira proficiency.

Chief Information Security Officer (CISO) 📍 💰 Base Salary: Up to $325,000 + Bonus + Equity 🏢 Our Client: A Blockchain & Digital Asset Infrastructure Company About Our Client Our client is a fast-growing organization building infrastructure, software, and services that support the next generation of blockchain and digital asset ecosystems. They power secure transactions, institutional-grade solutions, and high-performance platforms used across the crypto economy. As the business scales, they are expanding their leadership team with a Chief Information Security Officer (CISO) who will own the strategic direction, operations, and continuous improvement of all information and cybersecurity initiatives. Role Overview The CISO will set the long-term vision for security across the entire organization, covering infrastructure, products, employee environments, and customer-facing systems. This leader will ensure that the company's digital asset capabilities, blockchain networks, APIs, and cloud environments meet the highest standards of protection, resilience, and regulatory readiness. This role requires an executive who can operate across technical, operational, and strategic levels-partnering with engineering, legal, compliance, product, and leadership teams. Key Responsibilities Design and drive a holistic security strategy covering infrastructure security, application security, product security, data governance, and operational risk. Safeguard digital asset environments, including wallets, key management systems, consensus mechanisms, and blockchain-based services. Build and lead an advanced threat detection, monitoring, and incident response program, ensuring rapid response and clear communication pathways. Collaborate with engineering teams to integrate secure development practices into blockchain, smart contract, and cloud-native workflows. Establish and maintain security controls, audits, and certifications, ensuring alignment with industry frameworks and regulatory expectations. Oversee vendor security, supply-chain risk management, and third-party assessments. Develop a culture of security throughout the business, including training, policy development, and ongoing risk awareness. Provide regular reports and briefings to the executive team on emerging threats, risk posture, and security roadmap progress. Experience & Qualifications 15+ years of experience in cybersecurity, with at least 5 years leading security organizations or programs at scale. Strong experience in blockchain security, digital asset custody, exchange or infrastructure security, or related crypto-native environments. Demonstrated success leading enterprise security programs that span cloud infrastructure, distributed systems, and high-availability environments. Skilled in working with frameworks such as SOC 2, ISO 27001, NIST, and global data protection standards. Expertise in cloud security (AWS, GCP, Azure), network security architecture, identity management, and DevSecOps. Comfortable operating in fast-moving, engineering-driven environments. Professional certifications (CISSP, CISM, CCISO, etc.) are a strong plus.

A financial firm is looking for a Chief Information Security Officer (CISO) to join their team in New York, NY. Compensation: $150-200K Responsibilities: Define and maintain the enterprise information security strategy, roadmap, and governance framework, aligned with business objectives and regulatory requirements Draft, maintain, and periodically review security-related policies and procedures Establish and chair/co-chair an Information Security / Cyber Risk Committee and contribute to Board-level reporting on cyber risk Develop and maintain the firm's information security governance framework Lead the firm's SOC 1 (Type 1/Type 2) and SOC 2 (Type 1/Type 2) readiness and ongoing attestation efforts Own the control catalog, control testing coordination, evidence collection, and remediation tracking across technology, operations, and third parties Act as primary security point of contact for external auditors, assessment firms, and key institutional partners Ensure security program alignment with SEC Regulation S-P, Reg S-ID, Reg SCI, SEC / Client cybersecurity expectations, and NYDFS 23 NYCRR 500 Partner with Compliance and Legal to interpret new regulations, assess impact, and implement necessary control and policy changes Maintain and periodically test the Incident Response Plan, Business Continuity and Disaster Recovery (BC/DR) from a security perspective Provide security oversight for cloud (AWS) and on-prem infrastructure, including network security, endpoint security, identity and access management (IAM), and data protection Work with Infrastructure/DevOps and application teams to embed secure SDLC practices, including code review, security testing, and secure deployment pipelines Oversee vulnerability management, including patch management processes, penetration testing, and remediation programs Define and oversee Security Operations Center (SOC) / XDR usage, log management, SIEM, threat detection, and incident handling Design and enforce data classification, data loss prevention (DLP), encryption, and key management controls Partner with business and product teams to ensure client data privacy and secure data flows, including with third-party vendors and partners Own the vendor security risk management program, including security due diligence, contract security clauses, and ongoing monitoring Evaluate and manage key security vendors Build and lead a small but high-impact security team, scaling capabilities over time Promote a security-first culture through training, awareness programs, and regular communication with staff at all levels Qualifications: Required Bachelor's degree in Computer Science, Information Security, Engineering, or related field; or equivalent experience 7+ years of progressive experience in information security, including at least 3 years in a leadership role (Head of Security, Deputy CISO, CISO, or equivalent) Hands-on experience leading SOC 1 and/or SOC 2 attestation projects at a financial institution, fintech, or SaaS provider Strong background in financial services or capital markets (broker-dealer, clearing firm, trading platform, or similar) Understanding of Information security frameworks (e.g., NIST CSF, NIST 800-53, ISO 27001) Understanding of Regulatory landscape for U.S. financial firms (e.g., SEC, Client, possibly NYDFS 500) Experience with Identity & access management, network security, endpoint security, and cloud security (preferably AWS) Experience building and maintaining incident response, BC/DR, and vulnerability/patch management programs Strong track record of cross-functional leadership, communicating complex security and risk topics to non-technical executives and boards Preferred Experience as CISO, Deputy CISO, or security leader at a broker-dealer, clearing firm, exchange/ATS, or large fintech Professional certifications such as CISSP, CISM, CISA, CRISC, CCSP or similar Experience with AWS security services Familiarity with DevSecOps practices and secure CI/CD pipelines Experience managing data localization and cross-border data separation initiatives

| IT - Information Security The Cyber Security Engineer Lead will design, implement, and maintain the United States Merchant Marine Academy's cybersecurity governance, compliance programs, and overall security posture. This role leads technical and administrative security efforts, including ATO lifecycle management, RMF documentation, SSP/POA&M development, vulnerability management, incident response, Zero Trust initiatives, and enterprise security monitoring. The position serves as the primary liaison to DOT, MARAD, auditors, and federal oversight bodies while ensuring continuous alignment with NIST CSF, NIST 800-53, FISMA, DOT, and MARAD cybersecurity requirements. Key Responsibilities Ensure compliance with NIST CSF and RMF frameworks to maintain accreditation and protect system confidentiality, integrity, and availability. Lead the development, update, and management of ATO packages, RMF documentation, SSPs, POA&Ms, and risk management artifacts. Provide strategic and tactical security guidance, advising on both technical and administrative controls. Direct and mature the Incident Response Program, including triage, escalation, documentation, after-action reviews, and program improvements. Administer enterprise security policies, maintain SOPs/checklists, and drive continuous monitoring processes. Lead threat and vulnerability management, including scanning, penetration test coordination, risk scoring, and remediation tracking. Conduct threat landscape assessments, business impact analyses, and provide risk treatment recommendations. Oversee creation and updates of cybersecurity procedures, including International Travel, BYOD, and secure communications. Manage recurring reviews of SSPs, POA&Ms, annual security plans, account audits, and risk acceptance packages. Serve as primary cybersecurity liaison to DOT, MARAD, auditors, and federal oversight entities. Support Zero Trust Architecture initiatives and broader enterprise security modernization. Lead quarterly and biannual Incident Response tabletop exercises and incorporate lessons learned into program updates. Coordinate ITSEC team training and cross-functional security knowledge-sharing. Maintain security documentation, templates, policies, and recurring reports (Awareness Bulletins, POA&M dashboards, CSAM reporting). Review DOT/MARAD alerts, coordinate patching, evaluate software requests, and maintain secure system configurations. Deliver cybersecurity briefings, Awareness Bulletins, Sea Year presentations, and Indoc training; participate in cyber governance meetings such as DOT Cyber Ops, CAM, vulnerability reviews, and Change Control Board meetings. Required Technical Skills Minimum 12 years of progressive cybersecurity experience. Expertise with NIST RMF, ATO, C&A processes, POA&M development, and preparation for federal audits. Experience conducting Security Testing & Evaluation, risk assessments, and developing security policies and procedures. Experience within U.S. Government contracting or federal cybersecurity environments. Strong leadership capabilities to guide Infrastructure, Applications, and Cyber teams toward a unified security posture. Demonstrated ability to communicate security requirements to technical and non-technical stakeholders and lead governance meetings with senior federal leadership. Proficiency with incident response, vulnerability management tools, security event analysis, and risk treatment methodologies. Preferred / Nice-to-Have Skills Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related field. ITIL v3 Foundation certification. CISM, CISSP, or other advanced security management certifications. Azure Security certifications. Experience with Zero Trust Architecture, cloud security standards, and federal enclave cybersecurity operations. Experience leading cybersecurity training, cyber awareness initiatives, and developing security programs. Experience working within a college or university environment. Benefits (employee contribution): Health insurance Health savings account Dental insurance Vision insurance Flexible spending accounts Life insurance Retirement plan All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Delta Information Systems, Inc. is seeking a highly skilled Information Security Specialist to protect and secure critical systems, data, and intellectual property in a fast-paced Aerospace & Defense environment. This role is responsible for implementing and managing security controls, ensuring compliance with strict regulatory requirements, and defending against advanced cyber threats. The ideal candidate will bring deep technical knowledge, strong problem-solving skills, and the ability to work across teams to maintain the confidentiality, integrity, and availability of sensitive information that supports our national security mission. This is a fully onsite position located in Horsham, PA. Key Responsibilities Implement, monitor, and maintain security tools, including firewalls, intrusion detection/prevention systems, endpoint protection, and SIEM platforms. Perform continuous monitoring, vulnerability assessments, penetration testing, and risk analysis of systems and networks. Ensure compliance with DoD, NIST 800-171, CMMC, ITAR, DFARS, and other regulatory frameworks. Champion the company's certification to CMMC Level 2. Develop, document, and enforce cybersecurity policies, procedures, and incident response plans. Support Government and customer security audits, preparing evidence and remediation plans as required. Investigate and respond to cybersecurity incidents, performing root-cause analysis and recommending corrective actions. Collaborate with IT, Engineering, Program Management, and Security teams to embed cybersecurity best practices into operations and product development. Provide cybersecurity awareness training to employees with a focus on handling sensitive defense-related data. Stay current on emerging cyber threats, nation-state tactics, and evolving compliance regulations impacting aerospace and defense. Qualifications Required: Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience). 5+ years of experience in information security, IT security operations, or cybersecurity. Strong knowledge of NIST 800-171, CMMC, and DFARS cybersecurity requirements. Experience developing, implementing and achieving CMMC compliance. Experience supporting DoD or government contracts with cybersecurity compliance needs. Hands-on experience with security infrastructure: SIEM, IDS/IPS, endpoint security, and network monitoring tools. Strong understanding of Windows, Linux, and cloud environments (Microsoft Office 365, Deltek Costpoint). Excellent analytical, documentation, and communication skills. U.S. Citizenship (required due to defense industry regulations). Preferred: Active security clearance (Secret or higher), or ability to obtain one. Relevant certifications: CISSP, CISM, Security+, CEH, or GIAC. Experience with RMF (Risk Management Framework) and STIG compliance. Familiarity with secure software development, DevSecOps practices, or classified system security. Compensation Competitive salary Outstanding benefits package 100% Paid Coverage for Medical, Dental, and Vision 401(k) Employer Match Employee Stock Ownership Program (company funded) Life Insurance (company funded) Short-Term Disability (company funded) Long-Term Disability (company funded) Vacation & Sick Holidays: 11 days HealthCare FSA Dependent Care FSA What We Offer Opportunities for training, certifications, and career growth. A mission-driven culture where your work contributes to national security. Exposure to advanced technologies and programs critical to the aerospace and defense sector. About Delta Information Systems, Inc. Delta Information Systems (DIS) is an industry-leading supplier of high-quality aerospace telemetry products for Flight Test, Missile Test, Range Safety, Launch Support and Satellite Command and Control applications. Their products address the complete telemetry chain from Data Acquisition, Storage, Transport and Distribution to Telemetry Processing and Display. DIS customers include all DoD entities, all Major Primes, Integrators, Gov Labs, Aircraft & Missile Manufacturers, & Launch Facilities. In addition, Delta Information Systems (DIS) designs and develops sophisticated electronic equipment that is specifically designed to reliably operate in harsh environments. They deliver critical video communications capability for manned and unmanned Intelligence, Surveillance and Reconnaissance (ISR) programs.