Security engineer jobs in Vista, CA - 291 jobs

A leading laboratory organization in San Diego is seeking a Machine Learning Engineer I/II to contribute to the development of foundation models for biology. This role involves training and optimizing large-scale machine learning systems in a collaborative environment with a diverse team. Ideal candidates will have relevant degrees and practical experience in large-scale ML tools, with strong communication skills. The position offers competitive compensation with a salary range from $150,450 to $203,550 for Machine Learning Engineer I. #J-18808-Ljbffr

This is a unique opportunity to join a market-leading company in the telehealth industry. We support healthcare providers around the country through our teleradiology services. Using our novel cloud enabled medical image management and interpretation services, we help to advance patient care by facilitating rapid diagnosis from our large network of radiologists and clinical support professionals who all work from their homes. POSITION OVERVIEW We are seeking a Network Engineer to help maintain, secure, and improve the network infrastructure supporting our nationwide teleradiology operations. This role is hands-on and execution-focused, working across on-prem, cloud-connected, and remote access environments. The Network Engineer will collaborate closely with DevOps, security, and IT teams, with senior engineering guidance available for architecture and complex design decisions. The ideal candidate is reliable, security-minded, and comfortable operating in a regulated healthcare environment where uptime and data protection are critical. PRIMARY RESPONSIBILITIES • Maintain and support the company's network infrastructure, including firewalls, VPNs, routing, switching, and network segmentation. • Monitor network performance, availability, and security events; troubleshoot and resolve issues efficiently to minimize downtime. • Support hybrid environments spanning on-prem infrastructure, Azure/AWS services, and remote users. • Implement network security best practices in collaboration with DevOps and cybersecurity teams. • Assist with network-related aspects of compliance efforts (HIPAA, SOC 2, ISO/MDSAP-aligned controls), including documentation and audits. • Participate in planning and executing network changes, upgrades, and maintenance activities. • Maintain accurate documentation of network configurations, diagrams, and procedures. • Participate in client-facing technical calls as needed to help troubleshoot and resolve connectivity issues between client environments and company infrastructure. • Work with vendors and service providers to resolve connectivity issues and support infrastructure improvements. • Other projects and duties as assigned. JOB REQUIREMENTS AND SKILLS • Strong working knowledge of core networking concepts including TCP/IP, DNS, DHCP, VLANs, routing, and switching. • Hands-on experience configuring and supporting firewalls and VPNs (site-to-site and remote access). • Solid understanding of network security principles and best practices in a regulated or security-conscious environment. • Ability to troubleshoot network issues methodically and communicate findings clearly to technical and non-technical stakeholders. • Comfortable working collaboratively with DevOps, security, and IT teams while taking ownership of assigned network responsibilities. EDUCATION AND EXPERIENCE • 5+ years' experience in a networking role. • Professional experience supporting and maintaining production network environments in a business or enterprise setting. • Experience working with network infrastructure in a hybrid environment (on-prem and cloud-connected); Azure/AWS exposure is a plus. • Relevant education, certifications, or equivalent practical experience in networking, systems, or information technology. WORK LOCATION AND CONDITIONS • Corporate office in San Diego. Optional Hybrid Model, 3 days in the office and 2 days remote, with manager approval. • Job Type: Full-time; Non-Exempt. • Minimal travel requirements. REQUIRED TRAININGS • Internal Regulatory and Quality System training required for IT. PAY RANGE Hourly Pay Range: $43.00 - $57.00 The stated pay scale has been implemented to reward employees fairly and competitively, as well as to support recognition of employees' career progress, ranging from entry level to experts in their field, and talent mobility. It reflects the range that StatRad reasonably expects to pay for this position at various levels of experience. The actual starting pay rate for this position will be dependent on a variety of factors, including an applicant's relevant experience, unique skills and abilities, education, market demand, and employer business practices, and will be discussed at the offer stage with the selected candidate.

Duties and Responsibilities Maintain and operate cybersecurity technology and and provide expertise in area of focus (e.g. Risk Assessments, Controls Engineering or Incident Response). Collaborates with the business to understand their needs in order to tailor security offerings unique to their environment. Uses working knowledge of IT system functionality, architecture and capabilities to effectively diagnose and troubleshoot issues with some assistance. Conducts competitive analyses on (in-use and alternative) cyber technologies and documents recommendations for our environment. Provides awareness and guidance within Sempra Infrastructure community on secure business processes, architecture design, and technical controls. Maintains awareness of evolving cybersecurity threats and best practices for mitigation. Develops procedures and guidelines for implementing information security systems and practices. Develops and aggregates metrics to measure, monitor and report on the effectiveness of information security controls and compliance with information security policies. Performs other duties as assigned (no more than 5% of duties). Education Bachelor's degree in Computer Science or other science or technology major or equivalent experience required. Experience Minimum of 2-5 years of direct experience within the information security field required. In-depth experience in at least one cybersecurity discipline required. Experience with projects of moderately sized security related initiatives to successful completion required. Demonstrated experience in vendor selection, testing, implementation, and operations of a broad array of security technologies required. Knowledge, Skills and Abilities Familiarization with Endpoint protection software such as Trellix and Microsoft Defender. Familiarization in deploying vulnerability management agents. Experience deploying logging agents and configurations. Knowledge of firewalls and security zone. Experience working in an Operation Technology (OT), ICS / SCADA environment. Experience with SCADA network protocols. Experience with OT network monitoring tools (such as but not limited to: Dragos, Cybervision, CyberX). Ability to take initiative and work independently when needed. Ability to maintain, upgrade and recommend operational cybersecurity tools. Ability to work with Cybersecurity OT Engineering to make recommendations for new tools and capabilities. Ability to work effectively on multiple projects within a team structure and excellent written and oral communication skills. Licenses and Certifications Certified Information Systems Security Professional (CISSP) certification, Global Information Security Professional (GISP) certification, Global Information Assurance Certification (GIAC), Certified Information Systems Auditor (CISA), or Certified Internal Auditor (CIA) certificate preferred. Targeted professional cybersecurity certifications (i.e. forensics and incident response) preferred. Other Qualifications Bilingual in English/Spanish preferred.

Job DescriptionSaronic Technologies is a leader in revolutionizing defense autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations for the Department of Defense (DoD) through autonomous and intelligent platforms. Saronic Technologies is a leader in defense autonomy at sea. We're seeking an Embedded Security Engineer to design, implement, and harden security for the software that runs on our autonomous surface vessels. You'll work across device identity, secure boot and update flows, secrets/key management, and secure communications-partnering closely with autonomy, platform, manufacturing, and field teams to deliver trustworthy systems that operate reliably in maritime environments. Senior Engineers: 3+ years of experience delivering security features on embedded/Linux systems, preferably in autonomy, robotics, aerospace, or defense. Staff Engineers: 8+ years of experience including technical leadership across secure boot/update pipelines, identity/PKI, and fleet-wide hardening; demonstrated ownership of mission-critical features from design through field deployment.Key Responsibilities: Design, develop, and maintain security features for embedded Linux systems (systemd-managed services, Rust/C/C++) used for navigation, control, and communications. Own per-vessel identity and mutual authentication for boat↔cloud and boat↔boat links; implement certificate/key rotation and revocation workflows. Implement signed/verified update mechanisms with rollback protection; collaborate with manufacturing on secure boot enablement and key provisioning. Integrate and operate hardware-backed key storage (e.g., TPM/secure elements) and sealed secrets for on-vessel services. Harden network paths over constrained links: TLS/mTLS, VPN overlay policies, and least-privilege service access. Reduce attack surface in embedded services (capabilities, seccomp/AppArmor where appropriate, safe process execution, input validation). Build tamper-evident, structured logging and diagnostics suitable for ship→shore analysis and incident response. Perform threat modeling, code reviews, and security testing (static/dynamic analysis, fuzzing, negative testing). Troubleshoot and debug complex security issues in fielded systems; author runbooks and safe-rollback procedures. Document designs, processes, and verification results for compliance and knowledge sharing; contribute to secure coding guidelines. Stay current on emerging security technologies and best practices relevant to embedded Linux and autonomous systems. Required Qualifications: Bachelor's or Master's degree in Computer Science, Electrical/Computer Engineering, Software Engineering, or a related field. Proficiency in Rust and/or C/C++ developing software for embedded Linux. Strong understanding of cryptographic primitives and protocols (keys, certificates, signatures, TLS/mTLS), and experience integrating them into systems. Experience with secure/verified boot, OTA/update safety, and firmware/bootloader workflows. Familiarity with VPN overlays and constrained-network security patterns. Comfortable with Linux security fundamentals (users/permissions, capabilities, sandboxing) and systemd-based service management. Excellent problem-solving skills and ability to collaborate effectively in na fast-paced, cross-functional environment. Strong written and verbal communication skills. This role requires the ability to obtain and maintain a security clearance Preferred Qualifications: Experience with TPM/secure elements, measured/verified boot, and attestation. Exposure to NixOS-based builds, Yocto, or similar embedded Linux tooling. Experience with authenticated media/telemetry pipelines and secure streaming. DoD/defense domain familiarity and prior work under export-controlled constraints. Physical Demands: Prolonged periods of sitting at a desk and working on a computer. Occasional standing and walking within the office. Manual dexterity to operate a computer keyboard, mouse, and other office equipment. Visual acuity to read screens, documents, and reports. Occasional reaching, bending, or stooping to access file drawers, cabinets, or office supplies. Lifting and carrying items up to 20 pounds occasionally (e.g., office supplies, packages). Benefits:Medical Insurance: Comprehensive health insurance plans covering a range of services Saronic pays 100% of the premium for employees and 80% for dependents Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care Saronic pays 100% of the premium under the basic plan for employees and 80% for dependents Time Off: Generous PTO and HolidaysParental Leave: Paid maternity and paternity leave to support new parents Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses Retirement Plan: 401(k) plan Stock Options: Equity options to give employees a stake in the company's success Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage Pet Insurance: Discounted pet insurance options including 24/7 Telehealth helpline Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office This role requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3) . Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Information Security Specialist III Position Type: Full-time Salary Range: $145,000 - $170,000 requires active security clearance Years of Experience: 10+ years experience Roles and Responsibilities: This role is a senior cybersecurity professional responsible for ensuring the secure design, implementation, testing, and operation of advanced airborne communication systems used in military and defense applications. This role combines expertise in both tactical data links and comprehensive information security, typically within the DoD Risk Management Framework (RMF). Requirements Minimum ten (10) years' of demonstrated technical experience in Cybersecurity, Engineering, Test & Evaluation, of Assessment & Authorization (A&A) within the last fifteen (15) years including: Assist or develop system security policy and ensure compliance with change management and configuration control processes. Plan and coordinate IT security program and policies supporting command leadership mission and goals. All phases of Information Assurance (IA) evaluations involving Communications Security (COMSEC) and Cryptologic Material Systems (CMS) for ATDL systems and training for COMSEC ATDL military systems, including: Secure data unit design, integration, and test Modernized cryptographic policy administration and implementation Cryptographic keying materials and keys Security Verification Testing Platform Cybersecurity and TEMPEST testing Desired Skills/Qualifications: Ten (10) years of demonstrated technical experience to include: Management and issuance of keymat to operational, test, and allied communities; acting as the alternate Advanced Tactical Data Links Keymat Controlling Authority (CONAUTH). U.S. Naval Fleet technical data calls, working groups, and action items related to initial implementation of ATDL cryptographic components. Benefits Paid Vacation, Sick Time and Holidays Medical, Dental, Life and Disability Insurance 401K with Employer Contribution Matching Service Disabled Veteran Owned Business Equal Opportunity Employer ISO 9001:2015 Certified Company ***************

Headquartered in the United States, TP-Link Systems Inc. is a leading global provider of networking devices and smart home products. Consistently ranked as the world's top provider of Wi-Fi devices, TP-Link is dedicated to delivering innovative solutions that improve people's lives by offering faster, more reliable connectivity. Serving customers in over 170 countries, we are committed to expanding our global footprint. At TP-Link Systems Inc., we believe that technology has the power to transform the world for the better. Our mission is to design reliable, high-performance products that connect users worldwide to the limitless possibilities of technology. We are driven by our core values of professionalism, innovation, excellence, and simplicity. Our goal is to help clients achieve outstanding global performance and to provide consumers with a seamless, effortless technology experience. TP-Link Systems Inc. is seeking a skilled and proactive Sr. Security Compliance Analyst who will be responsible for developing and overseeing TP-Link's enterprise security governance framework, ensuring compliance with regulatory requirements, industry standards, and internal policies. This individual will collaborate with cross-functional teams to embed security into business operations, manage risk, and enhance security resilience across TP-Link's enterprise ecosystem. Key Responsibilities: Security Governance & Policy Development Develop, implement, and maintain security policies, standards, and guidelines aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Establish and lead a security governance framework to ensure consistent application of security controls across the enterprise. Risk Management & Compliance Identify, assess, and mitigate security risks across TP-Link's global operations. Ensure compliance with regulatory requirements such as GDPR, CCPA, NIST CSF, and other applicable cybersecurity frameworks. Oversee security audits, risk assessments, and third-party security evaluations. Partner with legal, IT, and business leaders to address security compliance gaps. Third-Party & Supply Chain Security Develop and enforce security requirements for vendors, suppliers, and third-party partners. Conduct security assessments of supply chain partners to identify and mitigate potential risks. Security Awareness & Training Develop and lead security awareness programs to educate employees on cybersecurity risks and best practices. Foster a security-first culture across all levels of the organization. Provide guidance and training on security governance processes for internal stakeholders. Incident Response & Continuous Improvement Support security incident response efforts by ensuring governance processes facilitate rapid detection and response. Lead post-incident analysis to refine security policies and controls. Monitor emerging threats, regulatory changes, and industry trends to evolve TP-Link's security governance strategies. Requirements Qualifications Education: Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field. Experience: 5+ years of experience in security governance, risk management, or compliance in a global technology or networking company. Proven track record in developing and implementing security governance frameworks for enterprise security. Experience managing compliance with industry standards and regulations (ISO 27001, NIST CSF, SOC 2, GDPR, CCPA, etc.). Hands-on experience with supply chain security, third-party risk management, and vendor security assessments. Skills: Deep understanding of security frameworks (ISO 27001, NIST, CIS, SOC 2) and regulatory requirements. Strong expertise in risk management methodologies, security policy development, and compliance auditing. Proficient in conducting security assessments, third-party risk evaluations, and internal security reviews. Ability to communicate complex security concepts to business and technical stakeholders effectively. Strong leadership skills with experience in cross-functional collaboration and executive reporting. Benefits Salary range: $100,000-$150,000 Free snacks and drinks, and provided lunch on Fridays Fully paid medical, dental, and vision insurance (partial coverage for dependents) Contributions to 401k funds Bi-annual reviews, and annual pay increases Health and wellness benefits, including free gym membership Quarterly team-building events At TP-Link Systems Inc., we are continually searching for ambitious individuals who are passionate about their work. We believe that diversity fuels innovation, collaboration, and drives our entrepreneurial spirit. As a global company, we highly value diverse perspectives and are committed to cultivating an environment where all voices are heard, respected, and valued. We are dedicated to providing equal employment opportunities to all employees and applicants, and we prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Beyond compliance, we strive to create a supportive and growth-oriented workplace for everyone. If you share our passion and connection to this mission, we welcome you to apply and join us in building a vibrant and inclusive team at TP-Link Systems Inc. Please, no third-party agency inquiries, and we are unable to offer visa sponsorships at this time.

GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: * Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Build-time controls: Managing applications/products security controls and activities during development. * Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities * Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. * Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Support or develop components of the security analytics platform. * Contribute to investigations, threat hunting, and incident response activities in a supporting role. * Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. * Support the security operations team with the vulnerability management lifecycle for products and services under your purview. * Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities * Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. * Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. * Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. * Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). * Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. * Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. * Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. * Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. * Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. * Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. * Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. * Experience engaging with vendors in design partnerships. * Experience overseeing vulnerability and threat management at the platform and application levels. * Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. * Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. $146,000 - $170,000 a year In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Perrygo is a small, rapidly growing company; we are passionate about our employees as well as supporting our customers and their mission. We are excited for the opportunity to bring aboard highly motivated and energetic individuals to join our teams. Currently, we are seeking a Information Security Analyst - Secret Cleared. This role supports a Navy customer in San Diego, CA. Job Description and Responsibilities: Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies. May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses - Implement and monitor information security policies and procedures. - Conduct vulnerability scans and risk assessments. - Support RMF documentation and ATO renewals. - Respond to and document security incidents and audits. Basic Requirements: 6+ years of experience in information assurance or cybersecurity Preferred Skills and Experience: DoD 8570 IAT Level II certification (Security+ CE, CySA+, or equivalent). Familiarity with NIST, DISA STIGs, and DoD RMF compliance. Education Requirements: Bachelor's degree in Cybersecurity, Computer Science, or related field. Security Clearance: Secret(must be a US Citizen) Telework and Travel: On-Site. Contract: This position is pending a contract award. Perrygo Consulting Group, LLC is an Equal Opportunity Employer, for all individuals, including protected veterans and those with disabilities. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, disability, or veteran status. Perrygo Consulting Group, LLC participates in E-Verify. If being a part of a small, growing company while having the opportunity to work on exciting projects with challenging tasks excites you - then please apply today! Compensation Package - We offer an excellent compensation package with competitive salaries and meaningful benefits, including: Paid Time Off (PTO)/Sick Leave 11 Paid Holidays Flexible Work Schedules (offering a healthy work-life balance whenever possible) Employee Assistance Program (EAP) Medical, Dental, and Vision LTD/STD, AD&D, and Life-Employer Paid Supplemental Life and Accident options Health Savings Account (HSA) with employer contribution 401K Plan with employer Safe Harbor contribution Profit Sharing Plan

Requirements Bachelor's degree in Cybersecurity, Computer Science, or related field. 3+ years of experience in information assurance or cybersecurity. DoD 8570 IAT Level II certification (Security+ CE, CySA+, or equivalent). Familiarity with NIST, DISA STIGs, and DoD RMF compliance. Must possess an active Secret Clearance - Required This contractor and subcontractor shall abide by the requirements of 41 CFR §§ 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity or national origin. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disability. Salary Description $88,000-$102,000

Data Intelligence, LLC is seeking a highly experienced Cyber Security Lead / Information Systems Security Officer (ISSO) to support cybersecurity operations and compliance for Navy and Department of Defense (DoD) systems. This role requires deep expertise in Information Assurance (IA), cybersecurity compliance frameworks, and Navy-specific cybersecurity practices. The ideal candidate will have extensive experience working with Navy Cross Domain Solutions (NCDSO) and a strong technical background in military C4I/IT systems. Key Responsibilities: Serve as the Cyber Security Lead/ISSO for classified and unclassified Navy/DoD systems. Lead Risk Management Framework (RMF) efforts in accordance with DoD 8500 Series, NIST SP 800 Series, and other applicable cybersecurity policies and guidelines. Develop, review, and manage technical documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plan of Action & Milestones (POA&Ms). Interface with the Navy Cross Domain Solutions Office (NCDSO) to support secure cross-domain solutions, including submission packages and coordination of approvals. Provide subject matter expertise in support of system security engineering, integration, and testing. Coordinate with system engineers, developers, and stakeholders to ensure security controls are effectively implemented. Monitor systems for compliance with DFARS Clause ************ and other DoD IA requirements. Assist in the preparation and review of technical instructions, engineering plans, and test-related documentation. Maintain up-to-date knowledge of emerging cybersecurity threats, tools, and regulatory requirements. Support system Certification and Accreditation (C&A) processes in accordance with NSA and DoD standards. Required Qualifications: Education: Master's degree from an accredited college or university in Computer Science, Information Systems Management, Cybersecurity, or a related field. Experience: Minimum of 10 years of Navy or DoD experience in Information Assurance and Cybersecurity. At least 5 years of recent experience (within the last 5 years) directly supporting Navy cybersecurity programs and RMF processes. Direct experience with the Navy Cross Domain Solutions Office (NCDSO) within the last five years. Demonstrated expertise in DoD cybersecurity requirements, including the DoD 8500 Series and NIST SP 800 Series. Experience with engineering documentation including technical instructions, engineering plans, and systems integration documents. Strong understanding of military C4I/IT systems, including Navy SATCOM (MILSATCOM and Commercial), Tactical Communications, and GPS systems. High familiarity with the NSA certification process for secure systems. Certifications: Compliant with DFARS Clause ************ for Information Assurance Contractor Training and Certification (e.g., CISSP, CISM, Security+, or equivalent). Security Clearance: Must hold an active Top Secret / SCI (TS/SCI) clearance. Preferred Skills: Strong leadership and communication skills with the ability to brief senior stakeholders. Ability to lead complex cybersecurity projects with minimal supervision. In-depth knowledge of secure system design and implementation in classified environments. Experience collaborating with cybersecurity authorities across Navy and DoD organizations. About Data Intelligence, LLC: Data Intelligence, LLC (DI) is a small business that provides Information Technology System Development (Agile, DevSecOps, Cloud Platform support) Cybersecurity (RMF, Security Engineering, Cross Domain Solutions), Tactical Data Link Standards Development and Testing, and Logistics/Warehousing services to U.S. federal clients both CONUS and OCONUS. DI consistently demonstrates exceptional customer service, maintains an employee-centric culture, and delivers hands-on technical expertise to help our clients achieve their mission. Since 2005, DI has successfully provided IT Systems Engineering, Software Development, Cybersecurity, and supporting solutions and services to customers that include the Department of Defense, Intelligence, and Federal Civilian clients. Current clients include the US Navy, Air Force, Army, Marine Corps, Coast Guard, National Geospatial-Intelligence Agency, Defense Logistics Agency, and The Department of Homeland Security. DI is headquartered in Marlton, New Jersey, with satellite offices in California, Maryland, Ohio, Pennsylvania, Virginia, and Washington, D.C. Why you should join us: Data Intelligence offers competitive salaries, comprehensive benefits, a team-oriented environment, and opportunities for advancement. Our excellent employee retention record reflects our employee focus. We work with Veteran's organization to proactively hire those who have served our country. We offer medical, dental and vision insurance, 401k, PTO and 11 paid holidays. Data Intelligence is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

Essential Duties and Responsibilities Provide strategic direction and technical leadership for infrastructure design, implementation, and optimization. Lead architectural discussions for Windows systems, cloud infrastructure (AWS, Azure), and hybrid solutions. Manage and maintain Active Directory (AD), DNS, DHCP, and other critical systems. Design, deploy, and maintain scalable, highly available solutions using cloud-native architectures in AWS and Azure. Oversee the configuration and management of network infrastructure, including firewalls, switches, and load balancers. Lead automation efforts for infrastructure deployment, configuration management using tools like PowerShell, Python, and Terraform. Architect, implement, and manage LAMP/LEMP stack systems. Establish comprehensive system monitoring and alerting for all environments to ensure high availability and rapid incident response (New Relic, Datadog, Prometheus, Grafana, Dynatrace). Drive backup, disaster recovery (DR), and business continuity planning, including annual DR testing and refinement. Act as the lead technical resource for the design and deployment of identity management solutions (SSO, MFA) using tools like Okta and Azure AD. Collaborate with DevOps and development teams to optimize CI/CD pipelines, infrastructure as code (IaC), and containerized workloads. Backup procedures to safeguard data security, ensure resource availability, maintain data integrity, and meticulously log and review application activities. Mentor and coach junior system administrators and engineers, fostering skill development and knowledge sharing. Own system documentation, process improvements, and adherence to IT best practices. Troubleshoot and resolve complex system, network, and application issues efficiently. Supervisory Responsibilities Lead a team of engineers and administrators, providing mentorship, performance feedback, and fostering a culture of innovation and continuous learning. Oversee project planning, resource allocation, and task prioritization for the infrastructure team. Qualifications, Education and Experience To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. 7+ years of experience in systems engineering or infrastructure roles with a focus on architecture, implementation, and operational excellence. 5+ years of experience in AWS and/or Azure environments, including designing and managing hybrid cloud solutions. Proven expertise in network design and administration, including firewalls, VPNs, and high-performance switches. Strong background in Windows Server administration and Linux-based environments (LAMP/LEMP stacks). Hands-on experience supporting Microsoft 365 applications including (but not limited to): Outlook, Word, Excel, PowerPoint, OneDrive, Teams and SharePoint. Experience with enterprise identity and access management solutions, such as Okta or Azure AD. Advanced proficiency in scripting and automation using PowerShell, Python, or similar technologies. Hands-on experience with infrastructure monitoring tools and SIEM platforms, Deployment, Configuration. (New Relic, Datadog, Splunk, Zabbix, Prometheus, Grafana, Dynatrace) Proven track record in disaster recovery planning, testing, and execution. IT certifications such as Microsoft Certified Systems Engineer (MCSE), AWS Certified Solutions Architect, or Azure Solutions Architect are highly desirable. Experience with Microsoft Security Stack not limited to ATP, Intune, Sentinel, Defender Endpoint Skills and Competencies Strong technical acumen and problem-solving skills with a focus on proactive system improvements. Excellent project management and organizational skills, with the ability to manage multiple initiatives simultaneously. Exceptional communication skills, including the ability to present complex technical concepts clearly to diverse audiences. Customer-focused mindset with the ability to align technical solutions with business objectives. Benefits Our benefit offerings include: Medical, dental, vision, wellness programs, EAP counseling services, FSA & HSA, company sponsored life insurance for employee, voluntary life insurance for employee, spouse and child, AD&D Insurance, voluntary short-term and long-term disability, critical illness insurance, accident insurance, legal assistance, pet insurance, living will and trust preparation discounts, commuter program, annual walking challenge, employee appreciation events and monthly sales awards.

Job DescriptionThe Company: VeSync is a portfolio company with brands that cover different categories of health & wellness products. We wouldn't be surprised if you have one of our Levoit air purifiers in your living room or a COSORI air fryer whipping up healthy and delicious meals for you every night. We're a young and energetic company, we've had tremendous success, and we are constantly growing our team. As we garner more industry attention - just check out our accomplishments and awards by CES Innovation, iF Design, IGA, and Red Dot - we also need driven and talented people to join our team. That brings us to you, and what you'll be joining. Our teams are smart and diligent and take ownership of their work - they're confident in their work but know how to collaborate with open ears and a spirit of learning. If you're down-to-earth, approachable, and easy to strike up a conversation with, this may be a great fit for you. Check out our brands:levoit.com \u007C cosori.com \u007C etekcity.com The Opportunity: The Information Security Analyst is responsible for supporting the organization's security posture by implementing, monitoring, and maintaining security controls across systems, networks, and cloud environments. This role works closely with senior security team members to identify risks, respond to incidents, and ensure compliance with security standards and regulatory requirements.What you will do at VeSync: Information Security Operations & Planning Support the implementation and maintenance of information security controls to protect company data and assets across on-premise and cloud environments. Assist in analyzing business processes, systems, and data flows to identify security gaps and improvement opportunities. Apply industry best practices and frameworks such as the NIST Cybersecurity Framework (CSF) to support confidentiality, integrity, and availability of information assets. Policy Support & Compliance Assist in the development, implementation, and maintenance of information security policies, standards, and procedures. Support compliance efforts with industry standards and regulations (e.g., ISO 27001, NIST, GDPR). Help track evidence and controls using compliance and GRC tools such as OneTrust, Drata, or similar platforms. Monitor regulatory and security trends and escalate relevant changes to senior team members. System, Network, and Cloud Security Monitor and help maintain security controls for systems, networks, and public cloud platforms (AWS, Azure, GCP). Assist with configuration, monitoring, and tuning of cloud security services and tools. Use security tools and dashboards (e.g., SIEM, security scorecards) to identify potential threats and vulnerabilities. Support AWS security services and baseline configurations. Security Monitoring & Incident Response Monitor security alerts and events using SIEM and security monitoring tools. Participate in incident response activities, including investigation, containment, remediation, and post-incident analysis. Assist with blue team activities, tabletop exercises, and response drills to improve readiness. Document incidents and lessons learned. Identity & Access Management Support user access reviews, permission audits, and access control processes. Assist with identity management systems to ensure appropriate authentication and authorization controls. Help identify and remediate excessive or inappropriate access. Risk Assessment & Vulnerability Management Participate in risk assessments and vulnerability identification efforts. Assist with vulnerability scanning, tracking, and remediation coordination. Support risk documentation and reporting aligned with frameworks such as NIST CSF. Help track and report basic security metrics and KPIs. Security Awareness & Documentation Support the delivery of security awareness training and phishing simulations. Assist in developing security documentation, including procedures, controls, detection rules, and response playbooks. Maintain clear and accurate security documentation for audits and operational use. What you bring to the role: Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent experience). 3-6 years of experience in information security or a related IT/security role. Hands-on experience with security monitoring, incident response, vulnerability management, or risk assessment. Familiarity with cloud environments (AWS, Azure, or GCP) and basic cloud security concepts. Working knowledge of security frameworks and standards such as NIST CSF, ISO 27001, and CIS. Understanding of network security fundamentals, including firewalls, IDS/IPS, endpoint protection, and logging. Experience with SIEM or security monitoring tools such as Splunk, QRadar, Rapid7, or Wazuh. Strong analytical, troubleshooting, and communication skills. Preferred Qualifications Experience supporting compliance or audit activities. Familiarity with GRC or compliance automation tools (OneTrust, Drata, or similar). Relevant security certifications such as Security+, CEH, GSEC, or progress toward CISSP/CISM. Location: This is an on-site, office-based role in Tustin, CA. Salary: Starting at $90K Annually Perks and Benefits: 100% covered Medical/Dental/Vision insurance for employee AND spouse + dependents! 401K with 4% employer match (eligible after 90 days of employment) and immediate 100% vesting Generous PTO policy + paid holidays Life Insurance Voluntary Life Insurance Disability Insurance Critical Illness Coverage Accident Insurance Healthcare FSA Dependent Care FSA Travel Assistance Program Employee Assistance Program (EAP) Fully stocked kitchen

Job DescriptionSaronic Technologies is a leader in revolutionizing defense autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations for the Department of Defense (DoD) through autonomous and intelligent platforms. Saronic Technologies is a leader in defense autonomy at sea. We're seeking a Platform Security Engineer to secure the cloud/edge where vessels, operators, and customers meet. You'll own identity and access patterns, secrets and key management, secure network posture, and policy-as-code guardrails-working across AWS (including GovCloud), Terraform infrastructure, and service code to deliver trustworthy, auditable systems. Senior Engineers: 3+ years securing production cloud platforms (identity, secrets/KMS, network posture), preferably in autonomy, robotics, aerospace, or defense. Staff Engineers: 8+ years including technical leadership across secure-by-default platform modules, short-lived credential issuance, and cross-account policy design; demonstrated ownership from design through operational rollout.Key Responsibilities Design, develop, and maintain secure-by-default infrastructure on AWS using Terraform (ALB/OIDC, IAM, KMS, Secrets Manager, Route53, VPC/SGs). Standardize OIDC at the edge (ALB/ingress) for internal and external applications; define scopes, claims, and token lifecycles. Own secrets and key management: KMS key policies, rotation schedules, cross-account access, and automated issuance for services and tools. Enforce IMDSv2 required, least-privilege IAM roles, and tight security groups across modules; add CI/policy checks to prevent regressions. Design secure protocols/APIs for service↔service and boat↔cloud communication (mTLS/TLS, certificate issuance/rotation, revocation). Manage short-lived credentials used by fleet/overlay services; implement rotation, auditing, and incident response runbooks. Prefer service-mediated S3 access over broad pre-signed URLs; codify bucket policies, logging, and access boundaries. Build centralized, tamper-evident logging and audit trails; integrate detections and metrics to validate control effectiveness. Perform threat modeling and security reviews; document patterns and drive adoption via reusable modules and guides. Troubleshoot complex security issues in production; lead post-incident reviews and drive remediation to closure. Stay current on cloud security best practices, especially for defense/government environments. Required Qualifications: Bachelor's or Master's degree in Computer Science, Software/Computer/Electrical Engineering, or a related field. 3+ years building on AWS with Terraform (ALB/ELB, IAM, KMS, Secrets Manager, Route53, VPC/SGs). Strong knowledge of cryptographic and IAM fundamentals (key policies, rotation, certificates, OIDC/OAuth2). Demonstrated experience enforcing IMDSv2, least-privilege roles, and network controls at scale. Experience designing secure protocols/APIs and integrating auth into service code (e.g., Go/Rust/TypeScript). Proven ability to perform threat modeling and conduct design/code security reviews. Excellent problem-solving and communication skills; effective collaboration across platform, embedded, and field teams. This role requires the ability to obtain and maintain a security clearance Preferred Qualifications: Experience in AWS GovCloud, multi-account landing zones, and cross-account KMS/Secrets patterns Familiarity with fleet/overlay VPN access control and short-lived credential issuance Policy-as-code guardrails (e.g., OPA/Conftest, Terraform validations), drift detection, and CI integration Centralized logging/SIEM and cloud threat detection (e.g., CloudTrail, GuardDuty) with audit readiness PKI/CA management and, ideally, hardware roots of trust (TPM/secure elements) at the edge DoD/defense domain familiarity and prior work under export-controlled constraints Benefits:Medical Insurance: Comprehensive health insurance plans covering a range of services Saronic pays 100% of the premium for employees and 80% for dependents Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care Saronic pays 100% of the premium under the basic plan for employees and 80% for dependents Time Off: Generous PTO and HolidaysParental Leave: Paid maternity and paternity leave to support new parents Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses Retirement Plan: 401(k) plan Stock Options: Equity options to give employees a stake in the company's success Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage Pet Insurance: Discounted pet insurance options including 24/7 Telehealth helpline Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office This role requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3) . Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.

Job Description Information Security Specialist III Position Type: Full-time Salary Range: $145,000 - $170,000 requires active security clearance Years of Experience: 10+ years experience Roles and Responsibilities: This role is a senior cybersecurity professional responsible for ensuring the secure design, implementation, testing, and operation of advanced airborne communication systems used in military and defense applications. This role combines expertise in both tactical data links and comprehensive information security, typically within the DoD Risk Management Framework (RMF). Requirements Minimum ten (10) years' of demonstrated technical experience in Cybersecurity, Engineering, Test & Evaluation, of Assessment & Authorization (A&A) within the last fifteen (15) years including: Assist or develop system security policy and ensure compliance with change management and configuration control processes. Plan and coordinate IT security program and policies supporting command leadership mission and goals. All phases of Information Assurance (IA) evaluations involving Communications Security (COMSEC) and Cryptologic Material Systems (CMS) for ATDL systems and training for COMSEC ATDL military systems, including: Secure data unit design, integration, and test Modernized cryptographic policy administration and implementation Cryptographic keying materials and keys Security Verification Testing Platform Cybersecurity and TEMPEST testing Desired Skills/Qualifications: Ten (10) years of demonstrated technical experience to include: Management and issuance of keymat to operational, test, and allied communities; acting as the alternate Advanced Tactical Data Links Keymat Controlling Authority (CONAUTH). U.S. Naval Fleet technical data calls, working groups, and action items related to initial implementation of ATDL cryptographic components. Benefits Paid Vacation, Sick Time and Holidays Medical, Dental, Life and Disability Insurance 401K with Employer Contribution Matching Service Disabled Veteran Owned Business Equal Opportunity Employer ISO 9001:2015 Certified Company ***************

Job Description Headquartered in the United States, TP-Link Systems Inc. is a leading global provider of networking devices and smart home products. Consistently ranked as the world's top provider of Wi-Fi devices, TP-Link is dedicated to delivering innovative solutions that improve people's lives by offering faster, more reliable connectivity. Serving customers in over 170 countries, we are committed to expanding our global footprint. At TP-Link Systems Inc., we believe that technology has the power to transform the world for the better. Our mission is to design reliable, high-performance products that connect users worldwide to the limitless possibilities of technology. We are driven by our core values of professionalism, innovation, excellence, and simplicity. Our goal is to help clients achieve outstanding global performance and to provide consumers with a seamless, effortless technology experience. TP-Link Systems Inc. is seeking a skilled and proactive Sr. Security Compliance Analyst who will be responsible for developing and overseeing TP-Link's enterprise security governance framework, ensuring compliance with regulatory requirements, industry standards, and internal policies. This individual will collaborate with cross-functional teams to embed security into business operations, manage risk, and enhance security resilience across TP-Link's enterprise ecosystem. Key Responsibilities: Security Governance & Policy Development Develop, implement, and maintain security policies, standards, and guidelines aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Establish and lead a security governance framework to ensure consistent application of security controls across the enterprise. Risk Management & Compliance Identify, assess, and mitigate security risks across TP-Link's global operations. Ensure compliance with regulatory requirements such as GDPR, CCPA, NIST CSF, and other applicable cybersecurity frameworks. Oversee security audits, risk assessments, and third-party security evaluations. Partner with legal, IT, and business leaders to address security compliance gaps. Third-Party & Supply Chain Security Develop and enforce security requirements for vendors, suppliers, and third-party partners. Conduct security assessments of supply chain partners to identify and mitigate potential risks. Security Awareness & Training Develop and lead security awareness programs to educate employees on cybersecurity risks and best practices. Foster a security-first culture across all levels of the organization. Provide guidance and training on security governance processes for internal stakeholders. Incident Response & Continuous Improvement Support security incident response efforts by ensuring governance processes facilitate rapid detection and response. Lead post-incident analysis to refine security policies and controls. Monitor emerging threats, regulatory changes, and industry trends to evolve TP-Link's security governance strategies. Requirements Qualifications Education: Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field. Experience: 5+ years of experience in security governance, risk management, or compliance in a global technology or networking company. Proven track record in developing and implementing security governance frameworks for enterprise security. Experience managing compliance with industry standards and regulations (ISO 27001, NIST CSF, SOC 2, GDPR, CCPA, etc.). Hands-on experience with supply chain security, third-party risk management, and vendor security assessments. Skills: Deep understanding of security frameworks (ISO 27001, NIST, CIS, SOC 2) and regulatory requirements. Strong expertise in risk management methodologies, security policy development, and compliance auditing. Proficient in conducting security assessments, third-party risk evaluations, and internal security reviews. Ability to communicate complex security concepts to business and technical stakeholders effectively. Strong leadership skills with experience in cross-functional collaboration and executive reporting. Benefits Salary range: $100,000-$150,000 Free snacks and drinks, and provided lunch on Fridays Fully paid medical, dental, and vision insurance (partial coverage for dependents) Contributions to 401k funds Bi-annual reviews, and annual pay increases Health and wellness benefits, including free gym membership Quarterly team-building events At TP-Link Systems Inc., we are continually searching for ambitious individuals who are passionate about their work. We believe that diversity fuels innovation, collaboration, and drives our entrepreneurial spirit. As a global company, we highly value diverse perspectives and are committed to cultivating an environment where all voices are heard, respected, and valued. We are dedicated to providing equal employment opportunities to all employees and applicants, and we prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Beyond compliance, we strive to create a supportive and growth-oriented workplace for everyone. If you share our passion and connection to this mission, we welcome you to apply and join us in building a vibrant and inclusive team at TP-Link Systems Inc. Please, no third-party agency inquiries, and we are unable to offer visa sponsorships at this time.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

The Company: VeSync is a portfolio company with brands that cover different categories of health & wellness products. We wouldn't be surprised if you have one of our Levoit air purifiers in your living room or a COSORI air fryer whipping up healthy and delicious meals for you every night. We're a young and energetic company, we've had tremendous success, and we are constantly growing our team. As we garner more industry attention - just check out our accomplishments and awards by CES Innovation, iF Design, IGA, and Red Dot - we also need driven and talented people to join our team. That brings us to you, and what you'll be joining. Our teams are smart and diligent and take ownership of their work - they're confident in their work but know how to collaborate with open ears and a spirit of learning. If you're down-to-earth, approachable, and easy to strike up a conversation with, this may be a great fit for you. Check out our brands:levoit.com | cosori.com | etekcity.com The Opportunity: The Information Security Analyst is responsible for supporting the organization's security posture by implementing, monitoring, and maintaining security controls across systems, networks, and cloud environments. This role works closely with senior security team members to identify risks, respond to incidents, and ensure compliance with security standards and regulatory requirements.What you will do at VeSync: Information Security Operations & Planning Support the implementation and maintenance of information security controls to protect company data and assets across on-premise and cloud environments. Assist in analyzing business processes, systems, and data flows to identify security gaps and improvement opportunities. Apply industry best practices and frameworks such as the NIST Cybersecurity Framework (CSF) to support confidentiality, integrity, and availability of information assets. Policy Support & Compliance Assist in the development, implementation, and maintenance of information security policies, standards, and procedures. Support compliance efforts with industry standards and regulations (e.g., ISO 27001, NIST, GDPR). Help track evidence and controls using compliance and GRC tools such as OneTrust, Drata, or similar platforms. Monitor regulatory and security trends and escalate relevant changes to senior team members. System, Network, and Cloud Security Monitor and help maintain security controls for systems, networks, and public cloud platforms (AWS, Azure, GCP). Assist with configuration, monitoring, and tuning of cloud security services and tools. Use security tools and dashboards (e.g., SIEM, security scorecards) to identify potential threats and vulnerabilities. Support AWS security services and baseline configurations. Security Monitoring & Incident Response Monitor security alerts and events using SIEM and security monitoring tools. Participate in incident response activities, including investigation, containment, remediation, and post-incident analysis. Assist with blue team activities, tabletop exercises, and response drills to improve readiness. Document incidents and lessons learned. Identity & Access Management Support user access reviews, permission audits, and access control processes. Assist with identity management systems to ensure appropriate authentication and authorization controls. Help identify and remediate excessive or inappropriate access. Risk Assessment & Vulnerability Management Participate in risk assessments and vulnerability identification efforts. Assist with vulnerability scanning, tracking, and remediation coordination. Support risk documentation and reporting aligned with frameworks such as NIST CSF. Help track and report basic security metrics and KPIs. Security Awareness & Documentation Support the delivery of security awareness training and phishing simulations. Assist in developing security documentation, including procedures, controls, detection rules, and response playbooks. Maintain clear and accurate security documentation for audits and operational use. What you bring to the role: Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent experience). 3-6 years of experience in information security or a related IT/security role. Hands-on experience with security monitoring, incident response, vulnerability management, or risk assessment. Familiarity with cloud environments (AWS, Azure, or GCP) and basic cloud security concepts. Working knowledge of security frameworks and standards such as NIST CSF, ISO 27001, and CIS. Understanding of network security fundamentals, including firewalls, IDS/IPS, endpoint protection, and logging. Experience with SIEM or security monitoring tools such as Splunk, QRadar, Rapid7, or Wazuh. Strong analytical, troubleshooting, and communication skills. Preferred Qualifications Experience supporting compliance or audit activities. Familiarity with GRC or compliance automation tools (OneTrust, Drata, or similar). Relevant security certifications such as Security+, CEH, GSEC, or progress toward CISSP/CISM. Location: This is an on-site, office-based role in Tustin, CA. Salary: Starting at $90K Annually Perks and Benefits: 100% covered Medical/Dental/Vision insurance for employee AND spouse + dependents! 401K with 4% employer match (eligible after 90 days of employment) and immediate 100% vesting Generous PTO policy + paid holidays Life Insurance Voluntary Life Insurance Disability Insurance Critical Illness Coverage Accident Insurance Healthcare FSA Dependent Care FSA Travel Assistance Program Employee Assistance Program (EAP) Fully stocked kitchen

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.