Security engineer jobs in Wellington, FL

This Role is On-Site only Starting Salary: $104,930.00 WORK OBJECTIVE: Performs technical work maintaining all aspects of information security. Monitors for attempts to test or circumvent security mechanisms from both internal and external activities. Work involves creating, designing, deploying, and installing the network and security for Broward County Clerk of Courts (BCCOC). The scope of this work includes all BCCOC locations and external agencies. Work is performed under limited supervision with moderate latitude in the use of initiative and independent judgment. Position relies on experience to determine the best approach by using and interpreting policies and procedures. ESSENTIAL FUNCTIONS: The list of essential functions, as outlined herein, is intended to be representative of the tasks performed within the classification. It is not necessarily descriptive of any one position in the class. The omission of an essential function does not preclude management from assigning duties not listed herein if such functions are a logical assignment to the position. • Provides network support and security for all BCCOC users, as well as external agencies connecting to the organization's systems via external networks. • Manages, installs, and administers all network switches, routers, firewalls and data circuits. • Conducts periodic security reviews of all information systems and implements security safeguards. • Troubleshoots communication problems, network performance, and works closely with external providers to ensure optimal network performance and availability. • Responsible for design of network and security components throughout the organization. • Works with technical staff in the review and design of network and security components during the design and implementation of various applications. • Manages, installs and administers security applications which include antivirus, load balancers, multi-factor authentication, MDR, SIEM and other related security applications, systems or services. • Administers Windows and Linux based systems related to deployment and maintenance of security applications. • Collaborates with other staff to determine whether computer systems follow approved security policies and procedures. Serves as on call resource for network and security support for all BCCOC divisions. Responsible for documentation and presentation of network and security configurations throughout the organization as well as integrations with external agencies. Supervision: None MINIMUM QUALIFICATIONS: High school diploma or GED; supplemented by five (5) years of experience in Network administration and Cyber Security roles; or an equivalent combination of education, certification, training and/or experience. Technology or Software: • Network Monitoring Tools • Enterprise Antivirus Tools • Cybersecurity Tools • Dual Factor Authentication Systems • Load Balancers • Cisco Systems • Microsoft Systems • Linux Systems Licenses/Certificates/Registrations: One of more certifications of Cisco Certified Network Associate (CCNA), Certified Information Systems Security Professional(CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), CompTIA Security+ or similar. PREFERRED QUALIFICATIONS: Bachelor's degree in computer science, or a related field, from an accredited college or university; supplemented by five (5) years of experience in Network administration and Cyber Security roles; or an equivalent combination of education, certification, training and/or experience. KNOWLEDGE, SKILLS, AND ABILITIES: • Knowledge of network availability and connectivity. • Knowledge of network threats, virus, and malware and how to block offending network and/or system. • Knowledge of Network and other hardware devices and how to replace them. • Skilled in differentiating between real or perceived network threats. • Skilled in making decisions that affect business operations to a substantial degree. • Skilled in consulting or advising management. • Skilled in Server Management. • Skilled in Vendor Management. • Skilled in the use of Microsoft Office products (Word, Outlook, and Excel) and applicable department and organization specific software and to learn and become proficient in the use of other specialized software as may be required. • Skilled in basic math including but not limited to adding, subtracting, multiplication, division, geometric construction, practical algebra and metrics. • Skilled in working independently and following through with assignments with minimal supervision. • Ability to act as primary 24/7 on call resource. • Ability to perform various duties involved in managing network hardware within a Data Center. • Ability to use reasoning that minimize duplication of efforts, including but not limited to comparing, classifying, analyzing and coordinating. • Ability to consistently exercise discretion and independent judgment in the performance of the job. Ability to multitask while working with tight deadlines and shifting priorities. Ability to establish and maintain effective working relationships with judiciary, legal community, general public, management, co-workers, elected and appointed officials and members of diverse cultural and linguistic background regardless of race, religion, age, sex, disability, political affiliation or sexual orientation. Ability to clearly communicate and understand information in English, both orally and in writing. Ability to regularly attend work and arrive punctually for designated work schedule. PHYSICAL REQUIREMENTS: Depending on functional area of assignment, tasks involve the ability to exert light physical effort usually involving some lifting, carrying, pushing and/or pulling of objects and materials of light weight (up to 20 pounds). May involve some climbing, balancing, stooping, kneeling, crouching, crawling, walking or standing. Tasks may involve extended periods of time at a keyboard or workstation and extended periods of time standing and/or walking. ENVIRONMENTAL REQUIREMENTS: Tasks are regularly performed inside without potential for exposure to adverse conditions, such as dirt, dust, pollen, odors, fumes and/or poor ventilation, wetness, humidity, rain, temperature and noise extremes, machinery and/or moving vehicles, vibrations, electric currents, animals/wildlife, toxic/poisonous agents, gases or chemicals, oils and other cutting fluids, violence and/or disease, or pathogenic substances. SENSORY REQUIREMENTS: Some tasks require manual dexterity, in addition to visual and hearing acuity. Some tasks may involve identifying and distinguishing colors. Some tasks require the ability to perceive and discriminate visual cues or signals. Some tasks require the ability to communicate orally and in writing. The job description does not constitute an employment agreement between Broward County Clerk of Courts and the employee and is subject to change by the employer as the needs of the employer and requirements of the job change. Broward County Clerk of Courts is an Equal Opportunity Employer. In compliance with United States Equal Employment Opportunity guidelines and the Americans with Disabilities Act, this organization provides reasonable accommodation to qualified individuals with disabilities and encourages both prospective and current employees to discuss potential accommodations with the employer. I have read and understand this classification description and hereby certify that I am qualified to perform this job, with or without reasonable accommodation.

Reports to CISO and works with a team of Cyber Security specialists. The Cyber Security Analyst is responsible for identifying risks to the confidentiality, integrity, and availability of our clients products and services, while maintaining compliance with applicable regulatory standards. In this role, you will be expected to contribute to the integrity and sustainability of the service delivery network, which consists of advanced server-based applications used to support our client's customers. The successful candidate will work directly with senior team members on issues that may require some after-hours and weekend availability. Specific Job Duties: • Articulate technical and security requirements to departments/business groups • Identify gaps in security operations and develop mitigation strategies • Assist with the maintenance of application and operating system software in the Service Delivery Network • Participate in disaster recovery and business continuity planning • Perform software development lifecycle auditing • Prioritize compliance actions according to business risk Desired Preferred Skills: • Industry certifications - PMP, CISA, CISSP, Security + • Department of Defense IT experience • Pharmacy or healthcare experience Qualifications • Masters's degree in computer science or relative discipline • 5-10 years combined experience in information security • Proficient with Unix / Linux • Strong analytical problem solving • Knowledge of the software development lifecycle • Proven ability to plan and work to a deadline • Must be able to obtain Department of Defense clearance Additional Information Work with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

We are seeking a skilled and motivated Web Application Security Engineer to join our team. As a Web Application Security Engineer, your primary focus will be on managing, monitoring, and responding to security alerts generated by the security tools, while also possessing a solid understanding of various aspects of web application security. You will work closely with development teams to ensure the continuous effectiveness of security measures, identify vulnerabilities, and implement appropriate controls. The ideal candidate will have a strong technical background, a good understanding of web application security principles, and the ability to excel in managing, monitoring, and responding to security alerts. Responsibilities Assist in determining needs and implementing configurations of various tools based on incoming requests. Assist in the testing and validation of security controls to ensure their effectiveness and compliance with industry standards. Manage, monitor, and respond to security alerts generated by the security tools specific to our web application environment. Investigate and triage security alerts, taking appropriate actions and escalations as necessary. Assist in security assessments and penetration testing to identify potential vulnerabilities and recommend suitable solutions. Monitor security logs, alerts, and events to proactively identify potential security incidents. Create and maintain metrics to track the performance and efficacy of security tools, programs, and controls. Contribute to compliance efforts by ensuring adherence to relevant security standards, regulations, and policies. Stay updated with the latest web application security trends, emerging threats, and industry best practices to enhance security measures. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 3-5 years of relevant experience in web application security, with proficiency in programming languages (HTML, CSS, JavaScript, ASP.NET, PHP, Java, etc.). At least one industry standard certification such as Certified Ethical Hacker (CEH), GIAC Certified Web Application Defender (GWEB), Certified Information Systems Security Professional (CISSP), Certified Application Security Engineer (CASE) or other security vendor certification. Understanding of web application security fundamentals, secure coding practices, and common vulnerabilities (such as SQL injections, cross-site scripting). Demonstrated experience in managing, monitoring, and responding to security alerts generated by security tools and programs specific to web application security. Experience with managing and maintaining Content Delivery Networks (CDNs) and their configurations, preferably Cloudflare. Familiarity with security testing and assessment tools (such as Burp Suite, OWASP ZAP, Nikto, Nessus, Nmap) and their application in vulnerability identification and mitigation. Knowledge of secure software development lifecycle (SDLC) methodologies and ability to apply security principles throughout the development process. Familiarity with security standards and frameworks (OWASP, NIST, PCI DSS, ISO 27001) and their practical application in securing web applications. Excellent communication and collaboration skills with the ability to work effectively with technical and nontechnical stakeholders. Strong analytical mindset and problem-solving abilities to identify and address security risks and vulnerabilities. Self-motivated with a passion for continuous learning and professional development in the field of web application security. Native American Preference Policy: The Tribal Council gives preference in all of its employment practices to Native Americans. First preference in hiring, training, promoting and in all other aspects of employment is given to members of the Seminole Tribe who meet the job requirements. Second preference is given to members of other federally recognized Native American Tribes who meet the job requirements. We can recommend jobs specifically for you! Click here to get started.

Our Company: At red violet, we build proprietary technologies and apply analytical capabilities to deliver identity intelligence. Our technology powers critical solutions, which empower organizations to operate with confidence. Our solutions enable the real-time identification and location of people, businesses, assets and their interrelationships. These solutions are used for purposes including identity verification, risk mitigation, due diligence, fraud detection and prevention, regulatory compliance, and customer acquisition. Our intelligent platform, CORE™, is purpose-built for the enterprise, yet flexible enough for organizations of all sizes, bringing clarity to massive datasets by transforming data into intelligence. Our solutions are used today to enable frictionless commerce, to ensure safety, and to reduce fraud and the concomitant expense borne by society. The Role: Cloud Security Engineer is responsible for ensuring information systems data availability, integrity, authentication, confidentiality, and non-repudiation within the cloud environments. In collaboration with other information security staff and technical teams, this position develops and implements security measures and controls for information systems and networks. The Cloud Security Engineer advises management that systems adhere to established cloud security standards and regulatory requirements. What You Will Do: Advise, design, implement, and maintain security controls and solutions for cloud-based infrastructure and applications. Protects systems by defining and maintaining logical access privileges, access control structures, and processes. Conduct regular security assessments and audits of cloud environments to identify and address vulnerabilities and threats. Collaborate with cross-functional teams to integrate security best practices into cloud architecture and development processes. Provide detailed documentation of all work. Recognizes information security-related problems by identifying abnormalities and reporting violations/exceptions to the appropriate stakeholder(s). Implements cloud security improvements by assessing current situations; evaluating trends; anticipating future requirements. Support the team during security incidents and investigations and work with broad teams to advance the security posture of the company. Assist the stakeholders in identifying and evaluating technical and operational security risks, threats, weaknesses, and vulnerabilities. Identify, advise, and implement new security technologies, including AI, and best practices into the company's cloud infrastructure. Stay up-to-date on emerging threats, vulnerabilities, and security technologies in the cloud space. Cloud & AI Security Design: Design, implement, and maintain security controls for cloud-native and AI-based systems, including ML pipelines, AI APIs, and LLM-integrated services. What You Bring: 2+ years of experience in cloud security engineering. 5+ years of hands-on experience in IT Security or related areas. Experience working with cloud security tools such as Firewall, anti-virus, WAF, SIEM, log management, and system monitoring. Bachelor of Science in Computer Science, Information Technology, Information Security, or related field. Strong communication and collaboration skills with the ability to work effectively with cross-functional teams. Experience with scripting and automation tools (e.g., Python, PowerShell) for security tasks preferred. Deep understanding of cloud computing technologies (e.g., AWS, Azure, Google Cloud) and associated security controls. Strong knowledge of security principles, standards, and best practices (e.g., NIST, ISO 27001, PCI, SOC). Able to use sound judgment; work independently, with minimal supervision Applicants must have permanent work authorization in the U.S.; we are not sponsoring visas for this role. What We Offer: red violet offers excellent benefits including opportunity for stock (RSU) grants, a 401K and generous company match, flexible PTO policy, medical, dental and vision coverage, commuter benefits, in-office healthy snacks, team events and more. red violet is proud to be an Equal Opportunity Employer.

Our Company: At red violet, we build proprietary technologies and apply analytical capabilities to deliver identity intelligence. Our technology powers critical solutions, which empower organizations to operate with confidence. Our solutions enable the real-time identification and location of people, businesses, assets and their interrelationships. These solutions are used for purposes including identity verification, risk mitigation, due diligence, fraud detection and prevention, regulatory compliance, and customer acquisition. Our intelligent platform, CORE, is purpose-built for the enterprise, yet flexible enough for organizations of all sizes, bringing clarity to massive datasets by transforming data into intelligence. Our solutions are used today to enable frictionless commerce, to ensure safety, and to reduce fraud and the concomitant expense borne by society. The Role: Cloud Security Engineer is responsible for ensuring information systems data availability, integrity, authentication, confidentiality, and non-repudiation within the cloud environments. In collaboration with other information security staff and technical teams, this position develops and implements security measures and controls for information systems and networks. The Cloud Security Engineer advises management that systems adhere to established cloud security standards and regulatory requirements. What You Will Do: * Advise, design, implement, and maintain security controls and solutions for cloud-based infrastructure and applications. * Protects systems by defining and maintaining logical access privileges, access control structures, and processes. * Conduct regular security assessments and audits of cloud environments to identify and address vulnerabilities and threats. * Collaborate with cross-functional teams to integrate security best practices into cloud architecture and development processes. * Provide detailed documentation of all work. * Recognizes information security-related problems by identifying abnormalities and reporting violations/exceptions to the appropriate stakeholder(s). * Implements cloud security improvements by assessing current situations; evaluating trends; anticipating future requirements. * Support the team during security incidents and investigations and work with broad teams to advance the security posture of the company. * Assist the stakeholders in identifying and evaluating technical and operational security risks, threats, weaknesses, and vulnerabilities. * Identify, advise, and implement new security technologies, including AI, and best practices into the company's cloud infrastructure. * Stay up-to-date on emerging threats, vulnerabilities, and security technologies in the cloud space. * Cloud & AI Security Design: Design, implement, and maintain security controls for cloud-native and AI-based systems, including ML pipelines, AI APIs, and LLM-integrated services. What You Bring: * 2+ years of experience in cloud security engineering. * 5+ years of hands-on experience in IT Security or related areas. * Experience working with cloud security tools such as Firewall, anti-virus, WAF, SIEM, log management, and system monitoring. * Bachelor of Science in Computer Science, Information Technology, Information Security, or related field. * Strong communication and collaboration skills with the ability to work effectively with cross-functional teams. * Experience with scripting and automation tools (e.g., Python, PowerShell) for security tasks preferred. * Deep understanding of cloud computing technologies (e.g., AWS, Azure, Google Cloud) and associated security controls. * Strong knowledge of security principles, standards, and best practices (e.g., NIST, ISO 27001, PCI, SOC). * Able to use sound judgment; work independently, with minimal supervision * Applicants must have permanent work authorization in the U.S.; we are not sponsoring visas for this role. What We Offer: red violet offers excellent benefits including opportunity for stock (RSU) grants, a 401K and generous company match, flexible PTO policy, medical, dental and vision coverage, commuter benefits, in-office healthy snacks, team events and more. red violet is proud to be an Equal Opportunity Employer.

Job Description Octagon Talent Solutions is a South Florida-based, full-service technology recruitment and staffing firm dedicated to connecting top talent with the right opportunities. We take a human-centered approach to technical recruitment, prioritizing candidates' long-term career goals while carefully evaluating cultural fit. By fostering meaningful, lasting relationships, we deliver placements built to last. Job Overview: We are seeking a seasoned Concierge Security Engineer (CSE) to join our team in Fort Lauderdale, FL. The Concierge Security Engineer will build and maintain strong partnerships with customers while delivering customized security solutions. Core duties include investigating security incidents, configuring and troubleshooting data sources, and ensuring smooth service delivery. Respond promptly to customer requests for guidance, information, or support promptly, coordinating with other teams when needed. Foster proactive communication and collaboration with internal and external stakeholders. The Concierge Security Engineer (CSE) role combines the expertise of an IT Security Analyst, Security Architect, and Incident Response Consultant. Success requires both strong technical capabilities and the ability to communicate complex security concepts clearly and effectively to a non-technical audience. RESPONSIBILITIES: Build and nurture exceptional relationships with customers, ensuring a strong and lasting partnership. Deliver security solutions directly to customers, including, configuring, troubleshooting, and verifying data sources. Respond promptly to customers requests for guidance, information, or support, escalating issues as necessary and coordinating with other teams to ensure resolution. Proactively engage and communicate with both internal and external stakeholders to foster collaboration and transparency. Serve in a multifaceted role that blends responsibilities of an IT Security Analyst, Security Architect, and Incident Response Consultant. REQUIREMENTS: Bachelor's degree in Computer Science, Information Security, or related discipline. Strong understanding of IT security principles, standards, and best practices. Experience with security information and event management (SIEM) platforms Excellent communication skills with ability to convey complex technical concepts to non-technical audiences Knowledge with leading security frameworks such as NIST, ISO 27001, CIS. Proficiency with security tools, threat detection techniques, and incident response procedures Strong analytical skills, a problem-solving mindset, and a commitment to delivering excellent customer services.

Job DescriptionAt ITRADE STEM, we help accelerate job creation and support the future of industries in space, technology, energy, and manufacturing. We achieve this by developing workforce programs that equip talent with skills for sustainable growth. Join us on our mission to redefine STEM! JOB OVERVIEW: ITRADE is seeking a Concierge Security Engineer (CSE) to join our team in Fort Lauderdale, FL , for an internship opportunity. The Concierge Security Engineer will build and maintain strong customer partnerships while delivering customized security solutions. Core duties include investigating security incidents, configuring and troubleshooting data sources, and ensuring smooth service delivery. Respond promptly to customer requests for guidance, information, or support, coordinating with other teams when needed. Foster proactive communication and collaboration with internal and external stakeholders. The Concierge Security Engineer (CSE) role is an excellent internship opportunity for a highly talented, high-potential aspiring cybersecurity analyst who thrives in a highly dynamic environment. This opportunity combines the expertise of an IT Security Analyst, Security Architect, and Incident Response Consultant. Success requires strong technical capabilities and the ability to communicate complex security concepts clearly and effectively to a non-technical audience. RESPONSIBILITIES: Build and nurture exceptional customer relationships, ensuring a strong and lasting partnership Deliver security solutions directly to customers, including configuring, troubleshooting, and verifying data sources Respond promptly to customers' requests for guidance, information, or support, escalating issues as necessary and coordinating with other teams to ensure resolution Proactively engage and communicate with internal and external stakeholders to foster collaboration and transparency Serve in a multifaceted role that blends responsibilities of an IT Security Analyst, Security Architect, and Incident Response Consultant REQUIREMENTS: Bachelor's degree in Computer Science, Information Security, or related discipline Strong understanding of IT security principles, standards, and best practices Experience with security information and event management (SIEM) platforms Excellent communication skills with the ability to convey complex technical concepts to non-technical audiences Knowledge of leading security frameworks such as NIST, ISO 27001, CIS Proficiency with security tools, threat detection techniques, and incident response procedures Strong analytical skills, a problem-solving mindset, and a commitment to delivering excellent customer services

Job Description We are seeking a skilled and motivated Web Application Security Engineer to join our team. As a Web Application Security Engineer, your primary focus will be on managing, monitoring, and responding to security alerts generated by the security tools, while also possessing a solid understanding of various aspects of web application security. You will work closely with development teams to ensure the continuous effectiveness of security measures, identify vulnerabilities, and implement appropriate controls. The ideal candidate will have a strong technical background, a good understanding of web application security principles, and the ability to excel in managing, monitoring, and responding to security alerts. Responsibilities Assist in determining needs and implementing configurations of various tools based on incoming requests. Assist in the testing and validation of security controls to ensure their effectiveness and compliance with industry standards. Manage, monitor, and respond to security alerts generated by the security tools specific to our web application environment. Investigate and triage security alerts, taking appropriate actions and escalations as necessary. Assist in security assessments and penetration testing to identify potential vulnerabilities and recommend suitable solutions. Monitor security logs, alerts, and events to proactively identify potential security incidents. Create and maintain metrics to track the performance and efficacy of security tools, programs, and controls. Contribute to compliance efforts by ensuring adherence to relevant security standards, regulations, and policies. Stay updated with the latest web application security trends, emerging threats, and industry best practices to enhance security measures. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 3-5 years of relevant experience in web application security, with proficiency in programming languages (HTML, CSS, JavaScript, ASP.NET, PHP, Java, etc.). At least one industry standard certification such as Certified Ethical Hacker (CEH), GIAC Certified Web Application Defender (GWEB), Certified Information Systems Security Professional (CISSP), Certified Application Security Engineer (CASE) or other security vendor certification. Understanding of web application security fundamentals, secure coding practices, and common vulnerabilities (such as SQL injections, cross-site scripting). Demonstrated experience in managing, monitoring, and responding to security alerts generated by security tools and programs specific to web application security. Experience with managing and maintaining Content Delivery Networks (CDNs) and their configurations, preferably Cloudflare. Familiarity with security testing and assessment tools (such as Burp Suite, OWASP ZAP, Nikto, Nessus, Nmap) and their application in vulnerability identification and mitigation. Knowledge of secure software development lifecycle (SDLC) methodologies and ability to apply security principles throughout the development process. Familiarity with security standards and frameworks (OWASP, NIST, PCI DSS, ISO 27001) and their practical application in securing web applications. Excellent communication and collaboration skills with the ability to work effectively with technical and nontechnical stakeholders. Strong analytical mindset and problem-solving abilities to identify and address security risks and vulnerabilities. Self-motivated with a passion for continuous learning and professional development in the field of web application security. Native American Preference Policy: The Tribal Council gives preference in all of its employment practices to Native Americans. First preference in hiring, training, promoting and in all other aspects of employment is given to members of the Seminole Tribe who meet the job requirements. Second preference is given to members of other federally recognized Native American Tribes who meet the job requirements.

GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: * Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Build-time controls: Managing applications/products security controls and activities during development. * Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities * Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. * Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Support or develop components of the security analytics platform. * Contribute to investigations, threat hunting, and incident response activities in a supporting role. * Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. * Support the security operations team with the vulnerability management lifecycle for products and services under your purview. * Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities * Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. * Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. * Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. * Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). * Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. * Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. * Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. * Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. * Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. * Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. * Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. * Experience engaging with vendors in design partnerships. * Experience overseeing vulnerability and threat management at the platform and application levels. * Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. * Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. $146,000 - $170,000 a year In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

WHO WE ARE: ELYON provides the Program Management for its Channel of Commercial Technology companies in Government that consist of Small Businesses and New Technology start-ups. ELYON advocates for policies that can improve government services and maintain our government's competitive advantage, by bringing more technology into government programs. ELYON advocates on behalf of our nation's innovative, new technology and small businesses looking to work with the U.S. government. We do this by aligning the voice of our small business members with advocacy for change in federal policy that will make the government market more accessible to small businesses and the commercial technology ecosystem. The Channel's founding Technical Board Members include former government leaders and IT executives passionate about bringing best-of-breed technology to the government. We are seeking a skilled and experienced Cyber Forensic Analyst III to join our team! Successful ELYON employees possess the following traits: An ability to get things done: You are persistent, resourceful, results-oriented, and action oriented. You constantly plan ahead and foresee issues before they occur. Analytical: In order to improve your comprehension of the market and the demands and problems of your clients, you have good analytical abilities and are at ease reading quantitative data. Creative mind-set: You are able to solve problems creatively and swiftly adjust. You possess a thorough understanding of product management principles and the ability to apply them when analysing data and making recommendations. Emotional Intelligence: You have a strong sense of self and excellent perception of how important relationships function. You are upbeat, sympathetic, adaptable, and inquisitive. Your genuineness, warmth, and competence help you win the respect of your co-workers. Trustworthy: You have a strong sense of morality, principles, and purpose. You are trustworthy because of how you conduct yourself. You are a living example of the company's values. Position Description: We are seeking a highly skilled Cyber Forensic Analyst to support high-impact investigative and intelligence missions involving cybercrime, cryptocurrency, and financial crime. You will work alongside federal agency teams, partner law enforcement agencies, and regulatory bodies to conduct technical and financial investigations. This role requires expertise in analyzing complex cyber threats, blockchain transactions, digital assets, and hidden wealth strategies. You'll need to bring both analytical rigor and a tenacious, detail-oriented mindset to help us trace digital breadcrumbs in support of critical investigations across national security and criminal enforcement efforts. Multiple options: St Petersburg, FL Key Responsibilities Cybercrime Investigative Case Support Work directly on cases with a cyber nexus in collaboration with law enforcement teams and external partners, using advanced investigative tools and techniques: Conduct cryptocurrency tracing and analysis using blockchain forensics tools. Gather and analyze dark web intelligence to identify threat actors, forums, and illicit activity. Perform data analytics to uncover patterns, relationships, and anomalies. Analyze electronic evidence, including servers, hard drives, communications, and OSINT sources. Draft subpoenas targeting financial institutions and cryptocurrency exchanges. Participate in inter-agency meetings with law enforcement, prosecutors, and other stakeholders. Identify overlapping financial transactions and alternative stores of wealth, such as: Prepaid and store gift cards Monetary instruments NFTs and digital assets Cold/public crypto wallets High-end real estate and luxury goods Cyber-Financial Investigative Support Assist in comprehensive financial tracing operations involving both fiat and digital currencies: Analyze bank records, wire transfers, and credit card transactions to track illicit funds. Draft targeted subpoena requests to financial institutions and crypto platforms. Participate in investigative interviews under agency direction. Identify and correlate layered financial networks and hidden asset channels. Apply knowledge of financial laws and frameworks, including: Bank Secrecy Act (BSA) Asset Forfeiture practices Money Laundering statutes OFAC and sanctions compliance Required Qualifications 8+ years of direct experience in cybercrime investigations, blockchain analysis, or digital forensics. Security Clearance Required: Active Secret or above preferred Proven experience with cryptocurrency investigations, darknet operations, or forensic platforms (e.g., Chainalysis, TRM, CipherTrace). Familiarity with financial investigative techniques, including subpoena processes and transactional analysis. Strong working knowledge of cyber law, digital evidence handling, and financial crime statutes. Excellent interpersonal and written communication skills; ability to draft clear, concise, and actionable reports. Ability to work independently in a fast-paced, mission-driven environment. Preferred Qualifications Prior experience supporting federal investigations preferred (FBI, DHS, IRS-CI, HSI, etc.). Certifications such as CFE, CFCE, GCFA, CFCI, or CAMS Familiarity with blockchain intelligence platforms and open-source investigation tools. Understanding of evolving technologies in digital assets and cyber-enabled crime. Why Join Us Work on cutting-edge investigations with national impact. Collaborate with elite teams fighting complex financial and cyber threats. Opportunity for professional growth, certifications, and hands-on casework. Competitive salary, benefits, and mission-driven culture. Benefits: Paid sick leave, Medical/Dental (optional), 401 (k) Retirement Plan (optional), Employer Paid Life Insurance, Employer Paid Short Term Disability, Optional Life Insurance. ELYON International, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Mount Laurel, New Jersey, United States of America **Hours:** 40 **Pay Details:** $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. **Line of Business:** Technology Solutions **Job Description:** The Information Security Specialist - Penetration Tester defines, develops and/or implements Technology Controls / Information Security related policies, programs, tools and provides specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank. Participates on projects of moderate to high complexity and provides complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area. **Responsibilities:** + **Conduct Penetration Tests:** Perform thorough and methodical penetration testing on web applications, mobile, AI, network infrastructures, and other systems to identify security vulnerabilities. + **Vulnerability Assessment:** Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. + **Report Findings:** Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. + **Develop and Execute Test Plans:** Design and execute detailed test plans + **Stay Current:** Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. + **Collaborate with Teams:** Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements. + **Perform Risk Assessments:** Evaluate and assess potential security risks related to new and existing systems and technologies. + **Compliance:** Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies **Depth & Scope:** + Participates on complex, comprehensive or large projects and initiatives + Acts as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors + Has advanced knowledge of organization, technology controls / security/ risk issues **Education & Experience:** + Bachelor's degree preferred + Information security certification / accreditation an asset + 7+ years of relevant experience + Expert knowledge of IT security and risk disciplines and practices **Preferred Qualifications :** + Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. + Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. + Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. + Familiarity with security standards and frameworks **Certifications:** Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. **Physical Requirements:** Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% + Domestic Travel - Occasional + International Travel - Never + Performing sedentary work - Continuous + Performing multiple tasks - Continuous + Operating standard office equipment - Continuous + Responding quickly to sounds - Occasional + Sitting - Continuous + Standing - Occasional + Walking - Occasional + Moving safely in confined spaces - Occasional + Lifting/Carrying (under 25 lbs.) - Occasional + Lifting/Carrying (over 25 lbs.) - Never + Squatting - Occasional + Bending - Occasional + Kneeling - Never + Crawling - Never + Climbing - Never + Reaching overhead - Never + Reaching forward - Occasional + Pushing - Never + Pulling - Never + Twisting - Never + Concentrating for long periods of time - Continuous + Applying common sense to deal with problems involving standardized situations - Continuous + Reading, writing and comprehending instructions - Continuous + Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. **Who We Are:** TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. **Our Total Rewards Package** Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more (*************************************** **Additional Information:** We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. **Colleague Development** If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. **Training & Onboarding** We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. **Interview Process** We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. **Accommodation** TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at *************** . Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process. Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.

We are seeking a skilled and motivated Web Application Security Engineer to join our team. As a Web Application Security Engineer, your primary focus will be on managing, monitoring, and responding to security alerts generated by the security tools, while also possessing a solid understanding of various aspects of web application security. You will work closely with development teams to ensure the continuous effectiveness of security measures, identify vulnerabilities, and implement appropriate controls. The ideal candidate will have a strong technical background, a good understanding of web application security principles, and the ability to excel in managing, monitoring, and responding to security alerts. Responsibilities * Assist in determining needs and implementing configurations of various tools based on incoming requests. * Assist in the testing and validation of security controls to ensure their effectiveness and compliance with industry standards. * Manage, monitor, and respond to security alerts generated by the security tools specific to our web application environment. * Investigate and triage security alerts, taking appropriate actions and escalations as necessary. * Assist in security assessments and penetration testing to identify potential vulnerabilities and recommend suitable solutions. * Monitor security logs, alerts, and events to proactively identify potential security incidents. * Create and maintain metrics to track the performance and efficacy of security tools, programs, and controls. * Contribute to compliance efforts by ensuring adherence to relevant security standards, regulations, and policies. * Stay updated with the latest web application security trends, emerging threats, and industry best practices to enhance security measures. Qualifications * Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). * 3-5 years of relevant experience in web application security, with proficiency in programming languages (HTML, CSS, JavaScript, ASP.NET, PHP, Java, etc.). * At least one industry standard certification such as Certified Ethical Hacker (CEH), GIAC Certified Web Application Defender (GWEB), Certified Information Systems Security Professional (CISSP), Certified Application Security Engineer (CASE) or other security vendor certification. * Understanding of web application security fundamentals, secure coding practices, and common vulnerabilities (such as SQL injections, cross-site scripting). * Demonstrated experience in managing, monitoring, and responding to security alerts generated by security tools and programs specific to web application security. * Experience with managing and maintaining Content Delivery Networks (CDNs) and their configurations, preferably Cloudflare. * Familiarity with security testing and assessment tools (such as Burp Suite, OWASP ZAP, Nikto, Nessus, Nmap) and their application in vulnerability identification and mitigation. * Knowledge of secure software development lifecycle (SDLC) methodologies and ability to apply security principles throughout the development process. * Familiarity with security standards and frameworks (OWASP, NIST, PCI DSS, ISO 27001) and their practical application in securing web applications. * Excellent communication and collaboration skills with the ability to work effectively with technical and nontechnical stakeholders. * Strong analytical mindset and problem-solving abilities to identify and address security risks and vulnerabilities. * Self-motivated with a passion for continuous learning and professional development in the field of web application security. Native American Preference Policy: The Tribal Council gives preference in all of its employment practices to Native Americans. First preference in hiring, training, promoting and in all other aspects of employment is given to members of the Seminole Tribe who meet the job requirements. Second preference is given to members of other federally recognized Native American Tribes who meet the job requirements.

Flybridge Staffing is currently seeking a Senior Cybersecurity Engineer for a client based in the Palm Beach Gardens Area. This is a direct-hire position that works one day remotely. This position suits a professional with several years of direct hands-on experience in security operations, incident management, and risk governance. As well as balance practical expertise and leadership ability to help define the security roadmap. Responsibilities: Lead or support the evaluation, installation, and configuration of new security technologies, documenting performance against proof-of-concept objectives Research emerging security tools and practices, summarize findings, and present actionable recommendations to IT leadership Monitor and manage cybersecurity tools, including ACL Monitoring tools, Antivirus, Backup software, Data Encryption tools, Firewalls, Switches, IDS/IPS, SIEM, Password management tools, PEN testing tools, Patch management tools, MDM tools, Data forensics, Traffic monitoring and URL filtering, DLP tools, and AWS/Azure privilege and Identity management Contribute to the creation, review, and maintenance of policies, standards, and procedures that guide secure operations Demonstrate expertise across multiple areas of cybersecurity and act as a subject-matter resource for the broader team Develop and deliver metrics and analysis on incidents, alerts, and overall risk posture Continuously refine detection rules, optimize alerts, and tune systems to improve accuracy and reduce false positives Monitor incident queues, triage alerts, and lead or support incident response as needed Conduct real-time monitoring and alerting for cybersecurity threats and vulnerabilities Review and analyze logs, alerts, and reports from various cybersecurity tools, identifying and investigating abnormal activities Assess and plan for end-of-life services, ensuring up-to-date security measures Experience: Masters or BA degree in Computer Science, Information Technology, Cybersecurity 8+ years of experience in the Security space Must have cloud exp (Azure and AWS preferred) Proficiency with SIEM and endpoint detection and response platforms (e.g., Stellar/Splunk/SolarWinds/CrowdStrike) Experience with on-prem environment (preferably vCenter, vSphere or another virtualization platform) Must have experience with Python or PowerShell Scripting Experience with security monitoring and auditing, incident recovery, network and communications security, systems operations security, architecture and design, endpoint protection, and cloud security practices Experience with setting up and implementing security policies Experience with Security Information and Event Management (SIEM) - We use Solar Winds currently Experience implementing compliance frameworks Experience with AI and LLM security ****NO SPONSORSHIP AVAILABLE**** US Citizen, GC, EAD only please. If your background aligns with the above details and you would like to learn more, please submit your resume to jobs@flybridgestaffing.com or on our website, www.flybridgestaffing.com and one of our recruiters will be in touch with you ASAP. Follow us on LinkedIn to keep up with all our latest job openings and referral program.

blue Stone Recruiting is a national search firm with a focus of placing top Cyber Security talent from the Analyst level to CISO with prestigious organizations nationwide Job Description Reports to CISO and works with a team of Cyber Security specialists. The Cyber Security Analyst is responsible for identifying risks to the confidentiality, integrity, and availability of our clients products and services, while maintaining compliance with applicable regulatory standards. In this role, you will be expected to contribute to the integrity and sustainability of the service delivery network, which consists of advanced server-based applications used to support our client's customers. The successful candidate will work directly with senior team members on issues that may require some after-hours and weekend availability. Specific Job Duties: • Articulate technical and security requirements to departments/business groups • Identify gaps in security operations and develop mitigation strategies • Assist with the maintenance of application and operating system software in the Service Delivery Network • Participate in disaster recovery and business continuity planning • Perform software development lifecycle auditing • Prioritize compliance actions according to business risk Desired Preferred Skills: • Industry certifications - PMP, CISA, CISSP, Security + • Department of Defense IT experience • Pharmacy or healthcare experience Qualifications • Masters's degree in computer science or relative discipline • 5-10 years combined experience in information security • Proficient with Unix / Linux • Strong analytical problem solving • Knowledge of the software development lifecycle • Proven ability to plan and work to a deadline • Must be able to obtain Department of Defense clearance Additional InformationWork with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

At ITRADE STEM, we are shaping the future by fostering job creation and advancing key industries such as space, technology, energy, and manufacturing. Through innovative programs, we equip individuals with career opportunities that enhance essential skills and promote sustainable growth. Join us in our mission to redefine the possibilities of STEM! Job Overview: We are seeking a seasoned Concierge Security Engineer (CSE) to join our team in Fort Lauderdale, FL. The Concierge Security Engineer will build and maintain strong partnerships with customers while delivering customized security solutions. Core duties include investigating security incidents, configuring and troubleshooting data sources, and ensuring smooth service delivery. Respond promptly to customer requests for guidance, information, or support promptly, coordinating with other teams when needed. Foster proactive communication and collaboration with internal and external stakeholders. The Concierge Security Engineer (CSE) role combines the expertise of an IT Security Analyst, Security Architect, and Incident Response Consultant. Success requires both strong technical capabilities and the ability to communicate complex security concepts clearly and effectively to a non-technical audience. RESPONSIBILITIES: Build and nurture exceptional relationships with customers, ensuring a strong and lasting partnership. Deliver security solutions directly to customers, including, configuring, troubleshooting, and verifying data sources. Respond promptly to customers requests for guidance, information, or support, escalating issues as necessary and coordinating with other teams to ensure resolution. Proactively engage and communicate with both internal and external stakeholders to foster collaboration and transparency. Serve in a multifaceted role that blends responsibilities of an IT Security Analyst, Security Architect, and Incident Response Consultant. REQUIREMENTS: Bachelor's degree in Computer Science, Information Security, or related discipline. Strong understanding of IT security principles, standards, and best practices. Experience with security information and event management (SIEM) platforms Excellent communication skills with ability to convey complex technical concepts to non-technical audiences Knowledge with leading security frameworks such as NIST, ISO 27001, CIS. Proficiency with security tools, threat detection techniques, and incident response procedures Strong analytical skills, a problem-solving mindset, and a commitment to delivering excellent customer services.

Cloud Security Engineers are responsible for the secure operations of cloud infrastructure, platforms, and software, including the installation, maintenance, and improvement of cloud computing environments. They also help develop new designs and security strategies across cloud-based and hybrid applications, infrastructure, platforms, and SaaS. Leads the analysis, implementation, execution, and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains and reviews security systems while assessing security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration, or denial of access to information. Follows standard practices and procedures in analyzing situations or data. This position reports to the Director of Information Security. Responsibilities The primary duties and responsibilities of the Cloud Security Engineer are: Assessing Existing Infrastructure and Identifying Threats. Providing recommendations on New Infrastructure and Threat Modeling to assist in stakeholder decisions. Developing, solutioning, operating, maintaining, and supporting a secure cloud environment with technologies including but not limited to: Servers, Storage, Network services, Enterprise applications, Cloud platform support, Automation, CI/CD, Managing cryptography and encryption, IAM, Threat Detection, Logging, PKI, SaaS, and PaaS. Monitoring for and responding to incidents in cloud environments. Keeping cloud infrastructure current, making recommendations, and continually improving cloud security technologies. Analyzing, designing, and developing programs, shell scripts, tests, and infrastructure automation capabilities. Develop security standards in partnership with Engineering, Infrastructure Services, and Application Development. Representing the cloud security team in change control activities and ensure proposed changes are in alignment with security best practices. Staying abreast with security standards and emerging vulnerabilities/threats to proactively resolve/remediate/mitigate. Engage in digital forensics to investigate breaches or security incidents in the cloud. Collaborate with Disaster Recovery and Business Continuity Teams and play a pivotal role in developing, testing, and refining disaster recovery plans tailored for cloud environments. Empower the Security Compliance and Data Protection Team to audit cloud environments to ensure compliance and pinpoint areas of improvement. Using metrics and KPIs to drive and further Security Posture Initiatives. Establish and maintain a feedback mechanism where security measures are not only implemented but also refined based on feedback to enhance security protocols continuously. Performing other security team relevant duties and responsibilities as assigned. Participate in incident response activities as assigned. Preferred Experience Experience in designing, deploying and operating secure cloud solutions, including design documentation, assessment of risk, cost impact, and proposal of savings. Experience with Cloud Security Posture Management, Cloud Workload Management, SaaS Security Posture Management, Cloud Network Security, Cloud Native Application Protection and Cloud Identity Security. Deep technical knowledge of on-prem Data Center technologies as well as Cloud Service, PaaS and SaaS Providers. Has experience writing formal security assessments and ad-hoc security reports. Experience working as part of a security incident response team as needed and key escalation point for all cloud related incidents. Experience delivering security metrics and measurement capability to demonstrate operational security posture. Experience in data protection and privacy management. Skills Required Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus. Clear ability to build strong relationships and establish trust with stakeholders at all levels. Excellent verbal and written communications skills. Multiple language abilities preferred - fluency in English (written and spoken) required. Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner. Ability to solve complex problems in a timely manner by working with multiple stakeholders. Ability to manage multiple tasks and work streams effectively. Ability to follow detailed procedures and processes with a high degree of accuracy. Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product. Deep understanding of Cyber Security control environments and their relationship to zero-trust networks. Display a keen ability to adapt to new tools, technologies, and evolving threat landscapes in the realm of cloud security. Experience in 3 or more of the following: network design, mobile security, network and firewall security technologies, SaaS/PaaS Security, vulnerability management or penetration testing. Flexibility to travel as required up to 15% overnight travel. Qualifications Experience / Education / Certifications Bachelor's degree preferred in Computer Sciences, Information Technology, Information Security or other related field Three (3) years or more experience with architecting and operating solutions involving one or more cloud service providers Microsoft Azure, AWS, GCP, etc. Five (5) years of Cyber Security related work experience Practical knowledge of any combination of Payment Card Industry (PCI), GDPR, NIST standards, or ISO27000 series. At least one industry standard certification such as CCSK, CCSP, Certified Information Systems Security Professional (CISSP), or other Cloud Security certification. #IndeedSHRSS #LI-Hybrid #zipcorpor We can recommend jobs specifically for you! Click here to get started.

Job Description Cloud Security Engineers are responsible for the secure operations of cloud infrastructure, platforms, and software, including the installation, maintenance, and improvement of cloud computing environments. They also help develop new designs and security strategies across cloud-based and hybrid applications, infrastructure, platforms, and SaaS. Leads the analysis, implementation, execution, and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains and reviews security systems while assessing security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration, or denial of access to information. Follows standard practices and procedures in analyzing situations or data. This position reports to the Director of Information Security. Responsibilities The primary duties and responsibilities of the Cloud Security Engineer are: Assessing Existing Infrastructure and Identifying Threats. Providing recommendations on New Infrastructure and Threat Modeling to assist in stakeholder decisions. Developing, solutioning, operating, maintaining, and supporting a secure cloud environment with technologies including but not limited to: Servers, Storage, Network services, Enterprise applications, Cloud platform support, Automation, CI/CD, Managing cryptography and encryption, IAM, Threat Detection, Logging, PKI, SaaS, and PaaS. Monitoring for and responding to incidents in cloud environments. Keeping cloud infrastructure current, making recommendations, and continually improving cloud security technologies. Analyzing, designing, and developing programs, shell scripts, tests, and infrastructure automation capabilities. Develop security standards in partnership with Engineering, Infrastructure Services, and Application Development. Representing the cloud security team in change control activities and ensure proposed changes are in alignment with security best practices. Staying abreast with security standards and emerging vulnerabilities/threats to proactively resolve/remediate/mitigate. Engage in digital forensics to investigate breaches or security incidents in the cloud. Collaborate with Disaster Recovery and Business Continuity Teams and play a pivotal role in developing, testing, and refining disaster recovery plans tailored for cloud environments. Empower the Security Compliance and Data Protection Team to audit cloud environments to ensure compliance and pinpoint areas of improvement. Using metrics and KPIs to drive and further Security Posture Initiatives. Establish and maintain a feedback mechanism where security measures are not only implemented but also refined based on feedback to enhance security protocols continuously. Performing other security team relevant duties and responsibilities as assigned. Participate in incident response activities as assigned. Preferred Experience Experience in designing, deploying and operating secure cloud solutions, including design documentation, assessment of risk, cost impact, and proposal of savings. Experience with Cloud Security Posture Management, Cloud Workload Management, SaaS Security Posture Management, Cloud Network Security, Cloud Native Application Protection and Cloud Identity Security. Deep technical knowledge of on-prem Data Center technologies as well as Cloud Service, PaaS and SaaS Providers. Has experience writing formal security assessments and ad-hoc security reports. Experience working as part of a security incident response team as needed and key escalation point for all cloud related incidents. Experience delivering security metrics and measurement capability to demonstrate operational security posture. Experience in data protection and privacy management. Skills Required Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus. Clear ability to build strong relationships and establish trust with stakeholders at all levels. Excellent verbal and written communications skills. Multiple language abilities preferred - fluency in English (written and spoken) required. Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner. Ability to solve complex problems in a timely manner by working with multiple stakeholders. Ability to manage multiple tasks and work streams effectively. Ability to follow detailed procedures and processes with a high degree of accuracy. Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product. Deep understanding of Cyber Security control environments and their relationship to zero-trust networks. Display a keen ability to adapt to new tools, technologies, and evolving threat landscapes in the realm of cloud security. Experience in 3 or more of the following: network design, mobile security, network and firewall security technologies, SaaS/PaaS Security, vulnerability management or penetration testing. Flexibility to travel as required up to 15% overnight travel. Qualifications Experience / Education / Certifications Bachelor's degree preferred in Computer Sciences, Information Technology, Information Security or other related field Three (3) years or more experience with architecting and operating solutions involving one or more cloud service providers Microsoft Azure, AWS, GCP, etc. Five (5) years of Cyber Security related work experience Practical knowledge of any combination of Payment Card Industry (PCI), GDPR, NIST standards, or ISO27000 series. At least one industry standard certification such as CCSK, CCSP, Certified Information Systems Security Professional (CISSP), or other Cloud Security certification. #IndeedSHRSS #LI-Hybrid #zipcorpor

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Hours: 40 Pay Details: $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions Job Description: The Information Security Specialist - Penetration Tester defines, develops and/or implements Technology Controls / Information Security related policies, programs, tools and provides specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank. Participates on projects of moderate to high complexity and provides complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area. Responsibilities: * Conduct Penetration Tests: Perform thorough and methodical penetration testing on web applications, mobile, AI, network infrastructures, and other systems to identify security vulnerabilities. * Vulnerability Assessment: Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. * Report Findings: Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. * Develop and Execute Test Plans: Design and execute detailed test plans * Stay Current: Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. * Collaborate with Teams: Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements. * Perform Risk Assessments: Evaluate and assess potential security risks related to new and existing systems and technologies. * Compliance: Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies Depth & Scope: * Participates on complex, comprehensive or large projects and initiatives * Acts as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors * Has advanced knowledge of organization, technology controls / security/ risk issues Education & Experience: * Bachelor's degree preferred * Information security certification / accreditation an asset * 7+ years of relevant experience * Expert knowledge of IT security and risk disciplines and practices Preferred Qualifications : * Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. * Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. * Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. * Familiarity with security standards and frameworks Certifications: Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% * Domestic Travel - Occasional * International Travel - Never * Performing sedentary work - Continuous * Performing multiple tasks - Continuous * Operating standard office equipment - Continuous * Responding quickly to sounds - Occasional * Sitting - Continuous * Standing - Occasional * Walking - Occasional * Moving safely in confined spaces - Occasional * Lifting/Carrying (under 25 lbs.) - Occasional * Lifting/Carrying (over 25 lbs.) - Never * Squatting - Occasional * Bending - Occasional * Kneeling - Never * Crawling - Never * Climbing - Never * Reaching overhead - Never * Reaching forward - Occasional * Pushing - Never * Pulling - Never * Twisting - Never * Concentrating for long periods of time - Continuous * Applying common sense to deal with problems involving standardized situations - Continuous * Reading, writing and comprehending instructions - Continuous * Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.