Security manager work from home jobs - 59 jobs

The mission of the Global Security (GS) team is the protection of the firm's people and assets, ensuring the safety and soundness of JPMorgan Chase's business operations throughout the world. GS works to minimize disruption and threats that undermine our businesses' ability to serve our customers by staying in front of external and internal risks, screening all new employees, protecting our franchises when needed with thorough investigations, ensuring the safety of business travelers, and working to keep our businesses open during extraordinary situations from weather disruptions to local protests. As a Global Security - Vulnerable Adult Investigations Manager within the Global Security team, you will be responsible for supervising and directing the activities of a team of investigators and performing investigations of elder/vulnerable adult financial exploitation. Your focus will be on root cause analysis, quantifying risk, and ensuring compliance with the GS Vulnerable Adult Investigations Procedure. You will communicate your findings to management, prompting them to initiate system, process, and procedural changes to address identified areas of concern. Job responsibilities: Manages the investigation process with a focus on gathering evidence for elder/ vulnerable adult investigations while ensuring compliance with regulatory requirements as well as internal policies and procedures. Maintains team compliance and collaboration with referrals to applicable Adult Protective Service (APS) agencies and/or state regulators. Works closely with Risk and other key Line of Business (LOB) personnel to analyze controls based on investigation findings and recommend enhancements/remediation when deficiencies or opportunities are identified.. Works closely with Americans with Disabilities Act (ADA) Compliance, ADA Works effectively with JPMC's technology support teams to discover how frauds occur through a deep understanding of JPMC systems and the processes that support them. Maintains strong liaison and working relationships with all federal, state and local law enforcement and regulatory agencies, including international enforcement agencies. Manages incorporating feedback from Investigators to identify credible, actionable intelligence. Required qualifications, capabilities, and skills: Bachelor's degree in Criminal Justice, Business, related field or work experience 10+ years of experience in financial fraud investigations or related law enforcement Advanced understanding of fraud and risk, working with internal management, and acting as a liaison with the law enforcement community at the local, state, federal, and international levels Ability to manage staff and/or work remotely as the business model has the team spread across diverse geographies Ability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors Able to articulate sophisticated fact patterns to non-technical line of business risk partners and memorialize investigations into regular reporting requirements Excellent written and verbal communication skills are required Preferred qualifications, capabilities, and skills: Industry recognized certifications such as CFE, PCI, etc. are preferred Court room testimony experience JD or MBA preferred

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU. If you'd like to build the world's best AI cloud, join us. * Note: This position requires presence in our San Francisco, San Jose, or Bellevue office location 4 days per week; Lambda's designated work from home day is currently Tuesday. About the Role Lambda Security protects some of the world's most valuable digital assets: invaluable training data, model weights representing immense computational investments, and the sensitive inputs required to leverage best of breed AI models. We're responsible for securing every byte that powers breakthrough artificial intelligence. Reporting to the Senior Manager of Security, your team serves dual functions: building security for the business and demonstrating that work directly to customers. As security advisors to Product Engineering, Platform Engineering, and IT teams, your team will establish security policies and architecture standards, conduct threat modeling and design reviews for critical systems, and create implementation guidance that engineering teams can adopt. In support of our customers, your team will develop customer-facing security documentation and participate directly in enterprise security discussions. This work ensures the right security decisions get made across Lambda's AI infrastructure while protecting customer data, enabling hypergrowth velocity, and building the trust that closes enterprise deals. As Manager of the Security Architecture team, you'll build and lead a team of 4-5 security engineers with expertise across application security, infrastructure security, and corporate security. You'll hire strong specialists, coach them through complex security problems, set team priorities and architectural direction, and create a culture where security judgment accelerates business velocity rather than creating friction. Your success is measured by the security decisions your team enables across the business: engineering teams building secure-by-default systems, compliance frameworks mapped to technical controls, and customers trusting Lambda's infrastructure with their most valuable AI workloads. Your team will balance proactive architecture work (defining what "good" looks like) with reactive consultation (reviewing designs and answering complex security questions). Your immediate focus will be building your team, establishing processes for design reviews and architecture guidance that scale with Lambda's growth, and developing a 6-12 month roadmap aligned with Lambda's 2026 security strategic plan including compliance initiatives like ISO 27001. We're looking for engineering managers who pair strong people leadership with enough security depth to coach specialists, set architectural direction, and translate security decisions into business value. If you're energized by building high-performing teams, enabling security at scale through excellent judgment rather than brute force, and helping enterprise customers trust their most valuable AI workloads to Lambda's infrastructure, we'd love to talk. We value diverse backgrounds, experiences, and skills, and we are excited to hear from candidates who can bring unique perspectives to our team. If you do not exactly meet this description but believe you may be a good fit, please still apply and help us understand your readiness for this role. Your application is not a waste of our time. What You'll Do Team Leadership & Development * Build, hire, and develop a high-performing team of 4-5 security engineers with deep expertise across application security, infrastructure security, and corporate security. * Foster a culture where security judgment accelerates business velocity, creating an environment where specialists thrive through clear expectations, regular coaching, and opportunities for growth. * Conduct regular one-on-ones and provide constructive feedback that helps your engineers advance their technical depth and expand their cross-functional impact. * Set team priorities and architectural direction, ensuring your team focuses on the highest-impact security decisions across Lambda's AI infrastructure. Strategic Architecture & Program Management * Own your team's 6-12 month roadmap, balancing proactive architecture work (defining security standards and patterns) with reactive consultation (design reviews and complex security questions). * Establish security policies and architecture standards that enable Product Engineering, Platform Engineering, and IT teams to build secure-by-default systems. * Define measurable success criteria for your team's work, translating security architecture decisions into business impact that stakeholders understand. * Proactively guide the evolution of Lambda's security architecture program as the company matures, ensuring architecture decisions align with compliance commitments and evolving customer security requirements. Cross-Functional Collaboration & Customer Enablement * Partner deeply with Product Engineering, Platform Engineering, and IT teams to integrate security architecture guidance at optimal moments in their development cycles. * Conduct and oversee threat modeling and design reviews for critical systems, ensuring your team provides actionable recommendations that balance security rigor with development velocity. * Enable your team to create implementation guidance and architecture patterns that engineering teams voluntarily adopt because they make secure development easier. * Support enterprise sales by developing customer-facing security documentation and coaching your team through direct security discussions with prospective customers evaluating Lambda's infrastructure. * Collaborate with peer security teams (Detection & Response, Platform, Program Coordination) to ensure cohesive security architecture across all security functions. What We Think a Candidate Needs to Demonstrate to Succeed * 5+ years of security engineering or security architecture experience with 3+ years leading technical teams, demonstrating ability to build and develop high-performing security specialists. * Proven track record building team cultures where specialists thrive through clear expectations, effective coaching, and career development that expands both technical depth and cross-functional impact. * Strong technical background in security architecture, threat modeling, and secure design principles with enough depth to guide team decisions, evaluate complex tradeoffs, and coach engineers through difficult security problems. * Experience working across application security, infrastructure security, or corporate security domains, with demonstrated ability to set architectural direction and security standards that engineering teams adopt. * Excellent collaboration skills working with highly technical engineering teams both with and without authority, building relationships that enable security architecture guidance at optimal moments in development cycles. * Skilled communicator who translates security architecture decisions into business value, helping stakeholders understand how technical security work protects customer data and enables business velocity. * Ability to thrive in high-speed, high-ambiguity startup environments where you balance building team capability and security architecture foundations while executing at a fast pace. Nice to Have * Prior experience in AI/ML infrastructure companies or cloud service providers where you've navigated the unique security challenges of multi-tenant systems and customer data isolation at scale. * Hands-on experience driving compliance audits (SOC 2, ISO 27001, PCI-DSS, HIPAA/HITECH, or FedRAMP) including evidence collection, control mapping, and managing auditor relationships. * Deep familiarity with bare metal infrastructure security in addition to cloud platforms, understanding physical security considerations and hardware-level security controls. * Experience creating security architecture patterns that were adopted widely across multiple teams or organizations, demonstrating ability to build reusable solutions that scale beyond a single use case. * Experience managing security engineers through significant career transitions, such as promoting ICs to lead roles or helping specialists successfully pivot between security domains. * Enthusiasm about leveraging Lambda's access to state-of-the-art LLMs to pioneer AI-powered security architecture capabilities-imagine automated threat modeling, intelligent design review assistance, and architecture validation at scale only possible when you host the AI infrastructure yourself. Salary Range Information The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description. About Lambda * Founded in 2012, with 500+ employees, and growing fast * Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove * We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG * Our values are publicly available: ************************* * We offer generous cash & equity compensation * Health, dental, and vision coverage for you and your dependents * Wellness and commuter stipends for select roles * 401k Plan with 2% company match (USA employees) * Flexible paid time off plan that we all actually use A Final Note: You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills. Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.

Who We Are Tuesday Health is a value-based palliative care provider group dedicated to transforming serious illness and end-of-life care. We deliver goal-centered care focused on alleviating physical symptoms and emotional stress for individuals and their caregivers. Our interdisciplinary care teams reduce avoidable hospitalizations and improve quality of life wherever individuals call home. Through our leading-edge care model, Tuesday Health is shaping the future of community-based palliative care nationwide. The Role The Security Manager safeguards the confidentiality, integrity, and availability of our systems, data, facilities, and medical operations. This role leads security governance, risk management, and compliance efforts; oversees security operations and incident response; and partners with IT, Clinical Operations, Privacy, and Compliance to ensure our organization meets regulatory requirements (e.g., HIPAA Security Rule) and industry frameworks (e.g., SOC 2, HITRUST). The Security Manager is accountable for proactive risk reduction, rapid detection and response to threats, and building a strong security culture across the company. You will work closely with our engineering team and third-party security partners to define secure coding standards, validate security controls, and coordinate penetration testing and remediation for a modern cloud-native stack built on Azure, .NET Minimal APIs, Blazor WASM, MAUI, and PostgreSQL. Key responsibilities of this role may include: · Governance, Risk & Compliance (GRC) o Lead the enterprise security program aligned to HIPAA Security Rule, SOC 2 Type II, HITRUST CSF, and internal policies. o Own risk assessments, risk register, treatment plans, and executive reporting. o Maintain security policies and standards (access control, encryption, vendor risk, vulnerability management, incident response, acceptable use, AI/GenAI usage). o Coordinate audits, evidence collection, corrective actions, and ongoing compliance monitoring. · Security Operations o Oversee daily security operations: SIEM monitoring, EDR, vulnerability scanning, patch management, and email security/anti-phishing. o Implement and tune detection rules, playbooks, and escalation paths; manage MDR/SOC vendors as applicable. o Ensure Azure security posture through Defender for Cloud, Sentinel, and RBAC enforcement. o Validate security configurations for .NET APIs, Blazor WASM, MAUI apps, and PostgreSQL-working with engineering to confirm adherence to secure coding guidelines. o Collaborate with third-party penetration testing vendors: schedule tests, review findings, and track remediation. DevSecOps Guidance o Define and enforce secure coding standards for .NET, Blazor, and MAUI applications. o Ensure CI/CD pipelines include security checks (SAST, DAST, dependency scanning). o Provide oversight for infrastructure-as-code security (ARM/Bicep templates) and zero-trust principles. o Advise engineering on OWASP best practices and secure API design. · Incident Response & Business Continuity o Lead incident response lifecycle (prepare, detect, contain, eradicate, recover, lessons learned) with documented runbooks. o Coordinate with Privacy/Legal on reportable events; align to HIPAA breach requirements and internal incident procedures. o Maintain and test Business Continuity and Disaster Recovery plans; run tabletop exercises at least twice annually. · Identity, Access & Data Protection o Enforce least-privilege, role-based access control (RBAC), and periodic access reviews for PHI/PII and critical systems. o Manage Entra ID, privileged access management (PAM). o Implement data loss prevention (DLP) and encryption standards (in transit and at rest), including key management in Azure Key Vault. · Vendor Management Responsibilities o Oversee third-party risk management for all vendors handling PHI, PII, or critical systems. o Conduct security due diligence, including reviewing SOC 2/ISO certifications, penetration test results, and security questionnaires. o Ensure Business Associate Agreements (BAAs) are in place for vendors processing PHI and verify compliance with HIPAA Security Rule. o Maintain a vendor risk register and track remediation of identified gaps. o Monitor vendor adherence to contractual security obligations, including data residency, retention, and model training restrictions for AI tools. o Collaborate with Procurement and Legal to include security requirements in contracts and enforce breach notification timelines. o Periodically reassess vendor security posture and update risk ratings based on audits or incidents. A strong candidate will demonstrate the following: · Bachelor's degree in Information Security, Computer Science, or related field-or equivalent experience. · 5-8+ years in security roles with 2-3+ years leading security operations or GRC initiatives. · Hands-on experience with cloud security · Working knowledge of HIPAA Security Rule, PHI/PII handling, SOC 2 Type II, and incident response practices. · Hands-on experience with Azure security services (Defender for Cloud, Sentinel, Key Vault, RBAC). · Familiarity with secure development practices for .NET, Blazor WASM, MAUI, and PostgreSQL (oversight, not coding). · Proven ability to run risk assessments, develop policies, and manage audits. · Strong communication skills; ability to influence cross-functional leaders and train non-technical audiences. What We Offer · Competitive compensation, reflecting our commitment to attracting, retaining, and motivating the best talent in the industry · Comprehensive benefits including medical, dental, vision, and life insurance, paid time off and holidays, employer 401(K) match, etc. · Remote work with multiple onsite sessions each year to maximize collaboration and team building · A dynamic and inclusive team environment where you can lean on your teammates, offer candid feedback, bring your true self to work each day, and deliver tremendous impact while having fun along the way · Meaningful work each day; we care deeply about our mission, our patients, and each other If you are passionate about improving the quality of care for seriously ill individuals and their caregivers through innovative solutions, we would love to hear from you. Tuesday Health seeks to recruit and retain staff from diverse backgrounds and encourages qualified candidates to apply. Tuesday Health is an equal opportunity employer and does not discriminate on the basis of age, sex, gender identity/expression, sexual orientation, color, race, creed, national origin, ancestry, religion, marital status, political belief, physical or mental disability, pregnancy, military, or veteran status.

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU. If you'd like to build the world's best AI cloud, join us. *Note: This position requires presence in our San Francisco, San Jose, or Bellevue office location 4 days per week; Lambda's designated work from home day is currently Tuesday. About the Role Lambda Security protects some of the world's most valuable digital assets: invaluable training data, model weights representing immense computational investments, and the sensitive inputs required to leverage best of breed AI models. We're responsible for securing every byte that powers breakthrough artificial intelligence. Reporting to the Senior Manager of Security, your team serves dual functions: building security for the business and demonstrating that work directly to customers. As security advisors to Product Engineering, Platform Engineering, and IT teams, your team will establish security policies and architecture standards, conduct threat modeling and design reviews for critical systems, and create implementation guidance that engineering teams can adopt. In support of our customers, your team will develop customer-facing security documentation and participate directly in enterprise security discussions. This work ensures the right security decisions get made across Lambda's AI infrastructure while protecting customer data, enabling hypergrowth velocity, and building the trust that closes enterprise deals. As Manager of the Security Architecture team, you'll build and lead a team of 4-5 security engineers with expertise across application security, infrastructure security, and corporate security. You'll hire strong specialists, coach them through complex security problems, set team priorities and architectural direction, and create a culture where security judgment accelerates business velocity rather than creating friction. Your success is measured by the security decisions your team enables across the business: engineering teams building secure-by-default systems, compliance frameworks mapped to technical controls, and customers trusting Lambda's infrastructure with their most valuable AI workloads. Your team will balance proactive architecture work (defining what "good" looks like) with reactive consultation (reviewing designs and answering complex security questions). Your immediate focus will be building your team, establishing processes for design reviews and architecture guidance that scale with Lambda's growth, and developing a 6-12 month roadmap aligned with Lambda's 2026 security strategic plan including compliance initiatives like ISO 27001. We're looking for engineering managers who pair strong people leadership with enough security depth to coach specialists, set architectural direction, and translate security decisions into business value. If you're energized by building high-performing teams, enabling security at scale through excellent judgment rather than brute force, and helping enterprise customers trust their most valuable AI workloads to Lambda's infrastructure, we'd love to talk. We value diverse backgrounds, experiences, and skills, and we are excited to hear from candidates who can bring unique perspectives to our team. If you do not exactly meet this description but believe you may be a good fit, please still apply and help us understand your readiness for this role. Your application is not a waste of our time. What You'll Do Team Leadership & Development Build, hire, and develop a high-performing team of 4-5 security engineers with deep expertise across application security, infrastructure security, and corporate security. Foster a culture where security judgment accelerates business velocity, creating an environment where specialists thrive through clear expectations, regular coaching, and opportunities for growth. Conduct regular one-on-ones and provide constructive feedback that helps your engineers advance their technical depth and expand their cross-functional impact. Set team priorities and architectural direction, ensuring your team focuses on the highest-impact security decisions across Lambda's AI infrastructure. Strategic Architecture & Program Management Own your team's 6-12 month roadmap, balancing proactive architecture work (defining security standards and patterns) with reactive consultation (design reviews and complex security questions). Establish security policies and architecture standards that enable Product Engineering, Platform Engineering, and IT teams to build secure-by-default systems. Define measurable success criteria for your team's work, translating security architecture decisions into business impact that stakeholders understand. Proactively guide the evolution of Lambda's security architecture program as the company matures, ensuring architecture decisions align with compliance commitments and evolving customer security requirements. Cross-Functional Collaboration & Customer Enablement Partner deeply with Product Engineering, Platform Engineering, and IT teams to integrate security architecture guidance at optimal moments in their development cycles. Conduct and oversee threat modeling and design reviews for critical systems, ensuring your team provides actionable recommendations that balance security rigor with development velocity. Enable your team to create implementation guidance and architecture patterns that engineering teams voluntarily adopt because they make secure development easier. Support enterprise sales by developing customer-facing security documentation and coaching your team through direct security discussions with prospective customers evaluating Lambda's infrastructure. Collaborate with peer security teams (Detection & Response, Platform, Program Coordination) to ensure cohesive security architecture across all security functions. What We Think a Candidate Needs to Demonstrate to Succeed 5+ years of security engineering or security architecture experience with 3+ years leading technical teams, demonstrating ability to build and develop high-performing security specialists. Proven track record building team cultures where specialists thrive through clear expectations, effective coaching, and career development that expands both technical depth and cross-functional impact. Strong technical background in security architecture, threat modeling, and secure design principles with enough depth to guide team decisions, evaluate complex tradeoffs, and coach engineers through difficult security problems. Experience working across application security, infrastructure security, or corporate security domains, with demonstrated ability to set architectural direction and security standards that engineering teams adopt. Excellent collaboration skills working with highly technical engineering teams both with and without authority, building relationships that enable security architecture guidance at optimal moments in development cycles. Skilled communicator who translates security architecture decisions into business value, helping stakeholders understand how technical security work protects customer data and enables business velocity. Ability to thrive in high-speed, high-ambiguity startup environments where you balance building team capability and security architecture foundations while executing at a fast pace. Nice to Have Prior experience in AI/ML infrastructure companies or cloud service providers where you've navigated the unique security challenges of multi-tenant systems and customer data isolation at scale. Hands-on experience driving compliance audits (SOC 2, ISO 27001, PCI-DSS, HIPAA/HITECH, or FedRAMP) including evidence collection, control mapping, and managing auditor relationships. Deep familiarity with bare metal infrastructure security in addition to cloud platforms, understanding physical security considerations and hardware-level security controls. Experience creating security architecture patterns that were adopted widely across multiple teams or organizations, demonstrating ability to build reusable solutions that scale beyond a single use case. Experience managing security engineers through significant career transitions, such as promoting ICs to lead roles or helping specialists successfully pivot between security domains. Enthusiasm about leveraging Lambda's access to state-of-the-art LLMs to pioneer AI-powered security architecture capabilities-imagine automated threat modeling, intelligent design review assistance, and architecture validation at scale only possible when you host the AI infrastructure yourself. Salary Range Information The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description. About Lambda Founded in 2012, with 500+ employees, and growing fast Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG Our values are publicly available: ************************* We offer generous cash & equity compensation Health, dental, and vision coverage for you and your dependents Wellness and commuter stipends for select roles 401k Plan with 2% company match (USA employees) Flexible paid time off plan that we all actually use A Final Note: You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills. Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Information System Security Manager - REMOTE. In this role, you will have the opportunity to make a significant impact by ensuring that information system security is upheld within critical governmental operations. You will lead initiatives to implement security programs, conduct audits, and maintain compliance with the established regulations. As part of a collaborative team, you will help elevate the standards of cybersecurity, all while working from anywhere. Your contributions will directly enhance the security posture of the organization and support various missions.Accountabilities Conduct information system security inspections, tests, and reviews to maintain an Authority to Operate (ATO). Implement and enforce a formal information system security program and develop security policies and plans. Demonstrate knowledge of systems engineering, network security concepts, and IT security principles. Ensure software and hardware complies with security configuration guidelines. Report cybersecurity-related events that impact IT authorization. Implement Security Information and Event Management processes. Requirements Bachelor's Degree in Information Systems, Information Assurance Management, Computer Science, or related field (or equivalent experience). 2-7 years of relevant experience in information systems security. IAM Level II DoD approved cybersecurity certification or higher (e.g., CAP, CASP, CISA, CISM, CISSP). Experience with the Risk Management Framework (RMF) and NIST publications (NIST 800-53 and NIST 800-37). Active Secret Security Clearance required. Located within 2 hours of Joint Base Andrews for potential onsite meetings. Benefits Opportunity to work remotely with flexibility. Engagement in meaningful projects that influence national security. Possibility for professional growth and development. A supportive work environment that values diversity and inclusion. Recognition as a military-friendly employer with a commitment to veterans. Why Apply Through Jobgether? We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.#LI-CL1We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

--------------------------------------------------------------- The IS Information Security Manager leads the development, implementation, and ongoing improvement of CareOregon's information security program. This role partners with leaders across the organization to strengthen security governance, reduce risk, and ensure compliance with regulatory and industry standards. The position oversees security operations, incident response, vulnerability management, and third-party risk, while providing strategic guidance on secure architecture and emerging threats. This position manages a high performing security team and fosters strong collaboration with internal stakeholders and external partners to maintain a resilient enterprise security posture. Estimated Hiring Range: $151,965.00 - $185,735.00 Bonus Target: Bonus - SIP Target, 5% Annual Current CareOregon Employees: Please use the internal Workday site to submit an application for this job. --------------------------------------------------------------- Essential Responsibilities Program Leadership Implement and oversee a comprehensive Information Security Program aligned with organizational goals and industry best practices. Partner with IS and executive leadership to define security objectives, maintain the Information Security Roadmap, and report on program performance. Advise senior leadership on security risks, emerging threats, and strategic cybersecurity needs. Establish and maintain a security metrics framework and key performance indicators aligned with organizational priorities and standards. Prepare and deliver clear, actionable reports for senior leadership, including key risk indicators, program status, and operational metrics. Governance, Risk, and Compliance Recommend updates to security policies and standards to align with HIPAA, HITRUST, NIST, and other frameworks. Coordinate implementation of security programs, policies, and configuration standards across IS. Lead risk assessments, vulnerability analyses, remediation planning, and the administration of a GRC platform. Manage third‑party risk processes, including vendor assessments and ongoing monitoring. Oversee penetration tests, program maturity assessments, and risk assessments. Ensure ongoing compliance with regulatory, contractual, and audit requirements. Lead the response to audit requests and efforts to remediate adverse results. Security Operations & Incident Management Build and lead operational security capabilities to monitor, detect, analyze, and respond to threats. Utilize threat intelligence, monitoring, incident management, behavioral analysis, and advanced detection technologies. Maintain SOPs, runbooks, and playbooks supporting incident investigation, containment, recovery, and post‑incident review. Lead the Information Security Incident Response Plan, including training, exercises, and cross‑team readiness initiatives. Aggregate and analyze security data using SIEM technologies to identify patterns, evaluate alerts, and prioritize responses. Conduct proactive threat hunting and enhance monitoring to detect emerging threats. Technical Security Oversight Provide guidance on secure architecture and operations for on‑premises and Azure cloud environments. Manage core security domains such as Vulnerability Management, Identity and Access Management, and Privileged Access Management. Collaborate with other IS teams to ensure robust security configuration management for systems, hardware, and firmware. Perform security reviews and risk assessments for software acquisitions and technology initiatives. Lead periodic testing and improvement of the IS Disaster Recovery Plan. Leadership & Collaboration Lead, mentor, and develop a high‑performing cybersecurity team, fostering innovation, learning, and operational excellence. Act as a subject matter expert for IS and business teams, providing guidance on secure architecture, risk mitigation, and best practices. Maintain strong partnerships with key vendors, partners, and external stakeholders. Facilitate security governance meetings and deliver clear, actionable updates to executive leadership. Awareness & Training Develop, maintain, and continuously improve the organization‑wide information security awareness program. Ensure training content is current, engaging, and effective in reducing human‑related risk and supporting compliance. Employee Supervision Manage team and recommend team direction and goals in alignment with the organizational mission, vision, and values. Identify work and staffing needs to meet work expectations; recruit and hire, using an equity, diversity, and inclusion lens. Plan, organize, schedule, and monitor work; ensure employees have information and resources to meet job expectations. Lead the development, communication, and oversight of team and individual goals; ensure goals, expectations, and standards are clearly understood by staff. Train, supervise, motivate, and coach employees; provide support toward employee development. Incorporate guidance from CareOregon equity tools into people leadership, planning, operations, evaluation, and decision making. Ensure team adheres to department and organizational standards, policies, and procedures. Evaluate employee performance and provide regular feedback to support success; recognize strong performance and address performance gaps and accountability (corrective action). Perform supervisory tasks in collaboration with Human Resources as needed. Experience and/or Education Required Minimum 6 years' experience in information security systems, solutions or related services Experience must include most of the following: Leading teams, including developing and mentoring staff and supporting change management Leading complex systems projects Managing vendors and contracts Influencing others Developing policy and strategy roadmaps with business partners and aligning work efforts and solutions accordingly Developing and implementing information or cyber security programs Preferred Minimum 2 years' experience in a supervisory position or minimum 1 year experience in a supervisory position with completion of CareOregon's Aspiring Leaders Program Knowledge, Skills and Abilities Required Knowledge Strong understanding of information security best practices and secure design principles Knowledge of ITIL frameworks and their application within IS environments Knowledge of cross‑team alignment practices and organizational calibration processes Understanding of governance standards and adherence to established processes Skills and Abilities Ability to apply core managerial disciplines, including project and change management, cross‑functional collaboration, innovation, and organizational effectiveness Experience across multiple information security domains, including governance risk and compliance, attack surface management, identity and access management, network security, data protection, disaster recovery, security operations, incident response, and threat modeling Experience managing Intrusion Detection and Prevention systems such as Rapid7, InsightIDR and Defender ATP Experience with Data Loss Prevention and data classification Ability to promote continuous learning, empowerment, engagement, and development opportunities for employees Strong oral and written communication skills, including meeting facilitation and presentations Ability to clearly convey complex or controversial topics to diverse audiences Ability to form an independent perspective, collaborate in decision‑making, and motivate others-especially during challenging situations Ability to propose solutions and articulate business value Ability to elevate strategic concerns to senior leadership clearly, accurately, and promptly Ability to build strong working relationships with internal leaders and external partners Ability to collaborate effectively with coworkers, staff, leaders, and executives across all departments Ability to maintain a high degree of professionalism and a positive attitude Ability to develop and monitor policies, risks, and solutions Sound judgment with the ability to develop, implement, and reinforce policy and strategy Ability to see the broader context behind requests and apply holistic, systems‑thinking approaches Advanced project management skills Advanced vendor management skills Advanced budget management skills Strong analytical and research skills Ability to identify patterns in data and draw accurate conclusions Ability to work effectively with diverse individuals and groups Ability to learn, focus, interpret information, and determine appropriate actions Ability to accept direction and feedback, and manage stress effectively Ability to see, read, and perform repetitive finger and wrist movement for at least 6 hours/day Ability to hear and speak clearly for at least 3-6 hours/day Working Conditions Work Environment(s): ☒ Indoor/Office ☐ Community ☐ Facilities/Security ☐ Outdoor Exposure Member/Patient Facing: ☒ No ☐ Telephonic ☐ In Person Hazards: May include, but not limited to, physical and ergonomic hazards. Equipment: General office equipment and mobile technology Travel: May include occasional required or optional travel outside of the workplace; the employee's personal vehicle, local transit or other means of transportation may be used. Work Location: Work from home We offer a strong Total Rewards Program. This includes competitive pay, bonus opportunity, and a comprehensive benefits package. Eligibility for bonuses and benefits is dependent on factors such as the position type and the number of scheduled weekly hours. Benefits-eligible employees qualify for benefits beginning on the first of the month on or after their start date. CareOregon offers medical, dental, vision, life, AD&D, and disability insurance, as well as health savings account, flexible spending account(s), lifestyle spending account, employee assistance program, wellness program, discounts, and multiple supplemental benefits (e.g., voluntary life, critical illness, accident, hospital indemnity, identity theft protection, pre-tax parking, pet insurance, 529 College Savings, etc.). We also offer a strong retirement plan with employer contributions. Benefits-eligible employees accrue PTO and Paid State Sick Time based on hours worked/scheduled hours and the primary work state. Employees may also receive paid holidays, volunteer time, jury duty, bereavement leave, and more, depending on eligibility. Non-benefits eligible employees can enjoy 401(k) contributions, Paid State Sick Time, wellness and employee assistance program benefits, and other perks. Please contact your recruiter for more information. We are an equal opportunity employer CareOregon is an equal opportunity employer. The organization selects the best individual for the job based upon job related qualifications, regardless of race, color, religion, sexual orientation, national origin, gender, gender identity, gender expression, genetic information, age, veteran status, ancestry, marital status or disability. The organization will make a reasonable accommodation to known physical or mental limitations of a qualified applicant or employee with a disability unless the accommodation will impose an undue hardship on the operation of our organization.

Type of Requisition: Regular Clearance Level Must Currently Possess: None Clearance Level Must Be Able to Obtain: None Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Security Information, Security Monitoring, Security Requirements, Security System Design, System Security Certifications: None Experience: 7 + years of related experience US Citizenship Required: No Job Description: Seize your opportunity to make a personal impact as an Senior Cloud Security Specialist supporting the Case Management Modernization (CMM) Program. The CMM program is an initiative to support the Administrative Office of the US Courts (AO) in developing a modern cloud-based solution to support all 204+ federal courts across the United States. GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career. The Senior Cloud Security Specialist will work as part of the CMM Enterprise Data Warehouse (EDW) team to deploy a secured cloud-native EDW platform and support the statutory and operational reporting, data cataloging, and other analytical objectives. RESPONSIBILITIES: Provide subject matter expertise for implementing secure by design concept into development to include security design principles, data protection, threat and vulnerability management, compliance and governance, threat and vulnerability management, and performance risk assessments. Provide an advanced level of information security expertise needed to solve difficult challenges pertaining to the design and implementation of information security solutions, which may include, but is not limited, to networking, operating system, application and database security relative to both techniques and technologies. Identify, document, and automate the integration of security controls into the enterprise architecture and system development life cycle process enabling ongoing (continuous) security monitoring, automated security authorization, and transparent risk reporting. Gain organizational approval for the design and architecture of security requirements for cloud environment including the DWaaS component. Implement and maintain upon approval. Design, implement and maintain layered system security architectures encompassing software, hardware, and communications to support the requirements and provide for present and future cross-functional needs and interfaces. Provide subject matter expertise and hands-on guidance to teams for embedding secure-by-design principles throughout the product lifecycle, including threat modeling and secure coding practices. Design and implement cloud workloads, services, databases, etc. with security as a primary consideration, including network segmentation, granular access control, data protection, and encryption and zero trust principles. Integrate automated security testing in the CI/CD pipelines enabling real-time feedback and rapid remediation of vulnerabilities during development and deployment. Collaborate with the AO Information System Security Office (ISSO) to schedule periodic penetration testing and conduct vulnerability assessments. Provide monthly and ad hoc reports on identified vulnerabilities, remediation actions, and security breaches covering all access layers (database, application, infrastructure). Include trend analysis and recommendations for continuous improvement. Maintain a risk register and track mitigation process. Propose, implement, and validate security risk mitigation activities for all non-production and production environments with documented evidence of effectiveness. Validate successful implementation of risk mitigation activities for all non-production and production environments. Develop and maintain all Cloud Security Documentation: System Security Plan, Business Continuity Analysis, Disaster Recovery Plan, other documents required for Authority to Operate (ATO). Create and maintain a Cloud Security Roadmap, provide updates quarterly and obtain organizational approval for all security architecture and design artifacts. Implement and document technical and administrative controls to protect sensitive data from unauthorized internal access, including logging, monitoring, and access reviews. Provide operational support for identity and access management (IAM) with granular role-based access controls, integration with on-premises identity management solutions in accordance with Judiciary enterprise security standards and cloud identity solutions and enable product teams to maintain a private image catalog for team specific isolation. Support secure design and operation of multi-segment networks, multiple subnets, and virtual network routing, with regular security assessments and documentation. Provide product teams with and enforce approved standards for logging and data retention, ensuring logs are protected, searchable, and compliant with regulatory requirements. Document and maintain Standard Operating Procedures (SOPs) for cyber security. Automate repetitive security tasks (e.g., patching, compliance checks, incident response) to improve efficiency and reduce human error. Implement regular reviews and updates of security controls, policies, and procedures to address emerging threats and technological changes. Implement regular reporting on security KPIs (e.g., mean time to detect/respond, vulnerability remediation time, compliance status) to demonstrate effectiveness and inform decision-making. Establish a process for ongoing assessment and improvement of governance controls. Provide guidance and recommendations to stakeholders for containment, validation, and eradication, and support remediation and recovery of incidents (including coordination, documentation, timeline tracking, and resource identification/utilization). REQUIRED EXPERIENCE & QUALIFICATIONS: 12+ years of experience project leadership in monitoring computer networks and security issues, investigating and resolving security and cybersecurity incidents. Bachelor's degree with 12+ years of general experience in information systems (10+ years of experience with MA/MS degree) and 8+ years of specialized experience. Preferred: Certified Information Systems Security Professional (CISSP). Preferred: Architect certification from at least one of the cloud service providers (CSPs). Experience in documenting security incidents and performing security vulnerability assessments. Experience working with Agile teams and SAFe to perform testing and uncovering system and network vulnerabilities. Strong working experience in AWS Cloud Security (Certification is preferred) (3+ years' experience). Required past ATO experience in AWS environment for large agency. (4+ years' experience). Required solid understanding of NIST Standards. Experience with the ATO process, FedRAMP, CIS, ISO 27001. (4+ years). Solid understanding on ICAM, SIEM, Vulnerability management tools. Experience with CSAM or similar tools. The likely salary range for this position is $127,500 - $172,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: None Telecommuting Options: Remote Work Location: Any Location / Remote Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year. Paid leave and paid holidays are prorated based on the employee's date of hire. The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

USRC's greatest strength in being a leader in the dialysis industry is our ability to recognize and celebrate the differences in our diverse workforce. We strongly believe in recruiting top talent and creating a diverse and inclusive work climate and culture at all levels of our organization. SUMMARY As a key leader within the Information Security organization, the Security Operations Manager is responsible for overseeing day‑to‑day security operations and ensuring the effective detection, investigation, containment, and remediation of cyber threats impacting the enterprise. This role manages a team of analysts, drives operational readiness, and strengthens the organization's security posture through continuous improvement, technical leadership, and cross‑department collaboration. The Security Operations Manager must be capable of operating independently, demonstrating advanced critical‑thinking skills, strong analytical capabilities, sound judgment under pressure, and the ability to comprehend and address complex technical and organizational challenges without relying solely on predefined checklists or prescriptive workflows. Responsibilities listed below represent the minimum expectations for this role. Additional duties may be assigned as necessary to support business, regulatory, or operational objectives. Essential Duties and Responsibilities include the following. Other duties and tasks may be assigned. Security Operations Leadership Oversee day‑to‑day SOC operations across cloud, on‑premises, endpoint, and application environments. Provide technical direction and operational leadership to SOC analysts. Ensure all security events and incidents are managed consistently, accurately, and in alignment with organizational priorities. Team Management & Development Lead, mentor, and coach SOC analysts to support skill development, analytical capability, and operational maturity. Assist in performance evaluations, guide career progression, and foster a culture of accountability and high performance. Establish expectations for independent analysis, strong reasoning, and effective decision‑making by team members. Incident Response Ownership Direct and coordinate incident response activities, including investigation, containment, and remediation. Provide real‑time guidance to analysts during high‑severity incidents and ensure timely, well‑documented resolution. Serve as an escalation point for complex investigations or ambiguous threat scenarios requiring executive decision‑ Threat Detection, Monitoring & Analysis Evaluate and enhance detection coverage, analytic depth, and SOC visibility. Partner with threat intelligence, engineering, and architecture teams to refine detection logic and improve response capability. Ensure SOC maintains awareness of emerging threats and incorporates relevant intelligence into operations. Cross‑Functional Collaboration Coordinate with IT Infrastructure, Networking, Application, Clinical, and Cybersecurity Architecture teams to support remediation activities. Collaborate closely with Compliance and HR during internal investigations requiring log analysis, evidence gathering, or technical validation. Support audit engagements, including SOC2 and regulatory requirements (e.g., HIPAA, NIST CSF), by providing evidence, insights, and technical expertise. Process, Playbooks & Documentation Develop, maintain, and continuously improve SOC playbooks, incident response procedures, and operational documentation. Identify and eliminate operational bottlenecks, introducing process efficiencies based on experience and analytical insight. Technology Ownership & Optimization Oversee SOC technologies including SIEM, EDR/XDR, SOAR, threat intelligence platforms, and related detection or investigation tooling. Ensure platform configurations, alerting logic, and integrations remain optimized for accuracy, visibility, and speed. Analytics, Reporting & Metrics Track SOC KPIs and operational metrics to effectively communicate security posture, incident volume, and response effectiveness. Deliver concise, executive‑ready reporting on incidents, trends, risks, and opportunities for improvement. AI‑Enablement & Automation Integration Identify opportunities to leverage AI and automation to improve SOC efficiency, reduce manual workload, and strengthen response capability. Explicit leadership of AI‑driven security solutions and responsible AI governance (frameworks, adoption, alignment with ERM/compliance). Partner with engineering teams to integrate automation into investigation and response workflows. On‑Call Requirement & After‑Hours Support Participation in the on‑call rotation as needed by operational needs. Incident response and CSIRT activation may require engagement during evenings, nights, weekends, or holidays. Maintain readiness to support critical and high‑severity incidents requiring immediate leadership involvement. Participation and engagement in tabletop exercises and risk assessments Penetration testing participation (internal/external; cloud/mobile/app) with third-party vendors Cloud security strategy definition and execution (posture management, tenant onboarding, compliance alignment). Authoring enablement documentation for assessments and platform integrations. Additional responsibilities may be assigned as necessary based on evolving technologies, threats, business needs, or regulatory requirements. Upholds management goals of corporation by leading staff in team concepts and promoting a team effort. Maintains effective personnel management and employee relations, including evaluating the performance of all personnel; approving and submitting all hours worked and counseling and disciplining employees. Recruits, trains, develops, and supervises personnel. Effectively communicates expectations; accepts accountability and holds others accountable for performance. Regular and reliable attendance is required for the job.

Oneleet is on a mission to revolutionize the industry. We make cybersecurity easy, effective, and painless through a comprehensive platform that helps companies build, manage, and monitor their cybersecurity programs. Backed by Y Combinator (S22) and top-tier VCs, our founding team brings over a decade of penetration testing and cybersecurity experience. Join our remote-first crew of opinionated rebels building a category-defining company to fix a broken, fragmented industry. Who we're looking for: We value passionate self-starters with a growth mindset and a bias for action and personal accountability. If you love solving hard problems, thrive in ambiguity, and want to make a real impact, you'll fit right in. We're especially drawn to: Rebels with a cause - frustrated with the status quo and eager to disrupt it. Opinionated (but not obstinate) builders - decisive yet collaborative, who help us move fast. Clear communicators - who own their ideas and follow through. Our mission is simple: make effective cybersecurity painless. We believe cybersecurity should empower, not burden. This belief unites our team and drives every decision we make. If you're ready to challenge the status quo and help shape the future of cybersecurity, we'd love to meet you. The Security Program Manager is part vCISO & part account manager. You will work with our customers from the start to asses their current security/compliance framework, provide guidance and recommendations for improvements, and work with clients to implement recommendations. You're passionate about security, and enjoy sharing your knowledge with not only our customers but your colleagues. Key Responsibilities Conduct initial consultation calls with new clients to assess their current security posture, infrastructure stack, compliance requirements and overall objectives. Provide guidance and recommendations for improving client security posture Develop high-level security programs consisting of technical, operational and administrative controls based on industry frameworks and client needs. Collaborate with clients to customize and refine the security program to match their specific use cases. Communicate with clients and stakeholders to ensure smooth and efficient security program creation Liaise with auditors to ensure clients' security programs align with auditors' expectations Maintain expertise across a range of security frameworks, control types, and technologies including NIST, SOC2, ISO27001, CMMC, AWS, Azure, GCP, Kubernetes, Docker, Terraform, and more. Provide feedback to Oneleet's engineering team to inform development of integrations, solutions, and products that deliver on client needs. Be highly technical, learn new technologies quickly, and translate security concepts into implementations. Partner with internal teams to translate security programs into implementations consisting of policies, procedures, configurations and software integrations. Requirements 3+ years in an information security role Broad knowledge of security best practices, frameworks, control types, and relevant technologies. Ability to understand client infrastructure and map security controls to meet compliance goals. Strong analytical skills to evaluate environments and determine appropriate safeguards. Excellent verbal and written communication skills. Self-driven with the ability to work independently and move fast in a startup environment. Willingness to go the extra mile to meet tight deadlines and deliver results. Why Oneleet? At Oneleet, you'll join a tight-knit team of rebels redefining the cybersecurity industry. We move fast, own our work, and challenge outdated models to make security effortless and effective for companies. Here's what makes us special: We value impact over titles, autonomy over micromanagement, and clarity over jargon. You'll tackle meaningful, hard problems with real-world consequences. You'll work with smart, kind, and ambitious teammates who lift each other up. Perks & Benefits Comprehensive health & welless benefits Competitive comp & equity Generous PTO, including floating holidays to honor what matters most to you Flexible, remote work culture Quarterly off-sites to cool places (Amsterdam, Italy, etc). Remote-First & Global Hiring We're a remote-first company and hire globally in regions where we can legally engage talent-either directly or via our employer-of-record (PEO) partner. If you're based outside the U.S., we'll explore the most compliant hiring arrangement for your location. U.S. Hiring & E-Verify For U.S.-based candidates, Oneleet participates in E-Verify to confirm employment eligibility, in accordance with federal regulations.

Make a difference here. UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams. By creating continuously optimized identification, detection, and resilience from today's dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India. UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams. UltraViolet Cyber is seeking a technically proficient, process-driven Manager to lead our Shared Services team. This role oversees a group of Security Analysts responsible for maintaining the quality, integrity, and availability of client environments during incident handling and investigations. The Manager will develop operational strategies, implement innovative security technologies, and coordinate timely, effective responses to emerging threats and incidents. This role blends leadership and hands-on technical expertise to ensure we have a world class analyst and operations. What You'll Do: Lead day-to-day SOC operations including monitoring, detection, analysis, and incident response. Develop and maintain SOC policies, procedures, and playbooks aligned with frameworks MITRE Oversee deployment, tuning, and optimization of SIEM, SOAR, IDS/IPS, EDR, and threat intel platforms. Coordinate cross-functional incident response and lead post-incident reviews. Work with IT, legal, compliance, and business units to align with risk management goals. Monitor emerging threats and adjust defenses and strategies proactively. Recruit, mentor, and develop SOC staff, fostering continuous improvement. Prepare and present SOC performance, threat landscape, and risk posture to internal and external stakeholders Define and track KPIs and metrics to measure the effectiveness of the team Use automation and scripting (e.g., Python, KQL, PowerShell) to enhance detection efficiency What You've Done: US Citizenship is Required 7+ years in cybersecurity with at least 2+ years in leading and mentoring teams Ability to communicate complex cybersecurity issues to both technical and non-technical stakeholders 3+ years of experience with dark web, OSINT tools Proficiency with SIEM, EDR, and cloud-native security tools (e.g., Sentinel, Splunk, Defender, Elastic, CrowdStrike). Hands-on experience scripting in Python, Bash, KQL, PowerShell, or similar languages. Ability to work with Linux, including command line for analysis of large datasets. Ability to communicate complex cybersecurity issues to both technical and non-technical stakeholders Excellent written and verbal communication skills, including the ability to brief executives on complex technical issues. Ability to work under pressure and manage multiple priorities in a fast-paced environment Preferred Education and Certifications: Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience). Industry certifications such as GCTI, GCFA, GCIA, GREM, or OSCP. What We Offer: 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment) Group Term Life, Short-Term Disability, Long-Term Disability Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness Participation in the Discretionary Time Off (DTO) Program 11 Paid Holidays Annually UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors. We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable. UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status. If you want to make an impact, UltraViolet Cyber is the place for you!

True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that said outcomes begin and end with our people, and that is what we have built, a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top tier services to our customers. In 2023, True Zero was recognized as a “Best Places to Work” in two categories ("Prosperous and Thriving" ($5MM - $50MM in gross revenue) and "Mid-Atlantic Region" (DC, DE, MD, NC, VA, WV)) and in 2022, was recognized as one of Inc. Magazine's Top 5000 Fastest Growing Companies. Job Summary: TZT is seeking a highly skilled and experienced Security Operations Center (SOC) Program Manager to join our team. As a SOC Program Manager, you will be responsible for overseeing the successful implementation and management of Security Operations Centers (SOCs) and Information Technologies (IT) projects. This is a critical role that requires a strong understanding of SOC operations, information security principles, and Splunk architectures (or alternate Splunk experience). As a TZT consultant, the candidate will receive access to the full knowledge base which is driven by the True Zero community as well as the technical backing of the entire PS team. True Zero encourages collaboration and growth through information sharing and knowledge workshops. The candidate will also have access to our internal Slack channel to stay connected with the team as well as the necessary tools to train, demo, test and grow their professional skills.SOC Manager Responsibilities Manage end-to-end program delivery for Security Operations Centers and Information Technologies projects. Define, manage, and monitor project scope, goals, deliverables, and projct status in collaboration with stakeholders Develop and maintain project plans, schedules, and budgets. Coordinate and collaborate with cross-functional teams to ensure project objectives and deliverables are met. Provide guidance and mentorship to project teams to drive successful project execution. Monitor project progress, identify risks and issues, and implement mitigation strategies. Facilitate effective communication between project stakeholders, including technical and non-technical audiences. Ensure adherence to project management best practices and industry standards. Conduct regular project status meetings and provideaccurate reporting to senior management. Manage SOC resources, establish SOC staffing/shift plans, identify/manage analyst tasks, provide status reporting and escalation to senior leadership SOC PM Requirements Bachelor's degree in Computer Science, Information Systems, or a related field (or equivalent experience). Proven experience (5+ years) in program management for Security Operations Centers and Information Technologies projects. Strong knowledge and understanding of SOC operations, information security principles, and best practices. Proficiency in Splunk architecture or alternate Splunk experience. Excellent project management skills, including the ability to prioritize tasks, manage resources, and meet deadlines. Solid understanding of project management methodologies and frameworks. Exceptional communication and interpersonal skills, with the ability to effectively engage with stakeholders at all levels. Strong analytical and problem-solving abilities. Project/program management and/or technical certifications, such as PMP, CISSP, or CISM are highly desirable. Proven experience in leading and managing complex cybersecurity projects. Familiarity with other security technologies and tools, such as SIEM, IDS/IPS, and vulnerability management. Experience in managing and mentoring project teams, ensuring high performance and accountability. Knowledge of regulatory compliance frameworks, such as GDPR, HIPAA, or PCI DSS. Ability to adapt to changing priorities and thrive in a fast-paced, dynamic environment. Strong leadership skills and the ability to influence and motivate team members. Attention to detail and a commitment to delivering high-quality results. U.S. Citizenship is required as this is in support of a Federal Customer. We're actively searching for talented security and technology practitioners who are ready to experience the True Zero difference. As a True Zero team member, you'll enjoy: - Competitive salary, paid twice per month- Best in class medical coverage- 100% of medical premiums covered by True Zero- Company wide new business incentive programs- Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)- 3 weeks of PTO starting + 11 Paid Holidays Annually- 401k Program with 100% company match on the first 4%- Monthly reimbursement of Cell Phone and Home Internet costs- Paternity/Maternity Leave- Investment in training and certifications to broaden and deepen your technical skills

⚡️ Why Altium? Altium is transforming the way electronics are designed and built. From startups to world's technology giants, our digital platforms give more power to PCB designers, supply chain, and manufacturing, letting them collaborate as never before. Constant innovation has created a transformative technology, unique in its space More than 30,000 companies and 100,000 electronics engineers worldwide use Altium We are growing, debt-free, and financially strong, with the resources to become #1 in the EDA industry About the role: We are looking for a Manager, Cloud Security and Compliance who will oversee the adherence of Cloud Business unit policies and monitor the processes, and regulatory systems that govern Altium's activities to ensure smooth operations and minimize risks. A day in the life of our Manager, Cloud Security and Compliance: You'll establish compliance standards and improve the design of our internal control structures in Cloud Business Unit Work with other senior managers to develop corporate governance guidelines Minimize legal risks by complying with legal requirements, enforcing regulations, and understanding legislation Develop compliance organizational strategies with information, analysis, and recommendations on strategic direction; ensure functional and organizational objectives align Align financial resources, develop action plans, analyze results and initiate corrections, and minimize the impact of variances Create training, coaching, counseling, disciplinary, and communication programs to support compliance across the organization Develop state-of-the-art compliance programs that attract new clients Enhance our compliance and organizational reputation by bringing recognition to the company and leadership to the industry Stay current on compliance matters through educational opportunities, publications, and professional organizations Who We're Looking For BA or BS in business management, or a similar field 8+ years of compliance experience, preferably in a financial environment Strong understanding of regulatory frameworks with experience developing legal compliance standards Managerial and leadership experience International Compliance Association (ICA) certification required; Certified Securities Compliance Professional (CSCP) is a strong plus Familiar with process improvement methods Able to both embrace complexity and attend to details Skilled in critical thinking, problem-solving, project management, and strategic planning Excellent in verbal communication and creating documentation The salary range for this role is $240,000 - $260,000. Actual compensation packages within this range are based on a wide array of factors unique to each candidate and role requirements, including but not limited to skill set, years and depth of experience, certifications, and specific location. Our Benefits 🏥 Medical, Dental, Vision Plans and HSA and FSA accounts ❤️ Basic Life and AD&D insurance; disability coverage where applicable 🌅 Retirement 401(k) Plan Option with Altium match 🧘 Employee Assistance Program 🏖 Paid holidays plus a “Choice Day” off per quarter ✈️ Paid time-off on arising schedule upon key milestones 🤒 Sick time for Dr. appointments or family health needs 👶 Family medical, maternity, paternity, and military leave 🥳 Employee referral program 🌍 Remote working abroad program 📚 Professional development support and resources 🥪 Free lunch, snacks, and drinks in the office 🚗 Free parking 🌍 Also, we would like you to know We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace. 💡 Learn more about why a career at Altium is an opportunity like no other: ******************************************* ✈️ Altium Benefits: ************************************** 👏 Are you already an Altium employee? Please apply directly through our internal Greenhouse job board. If you have questions, please contact HR.

Vantage Data Centers powers, cools, protects and connects the technology of the world's well-known hyperscalers, cloud providers and large enterprises. Developing and operating across North America, EMEA and Asia Pacific, Vantage has evolved data center design in innovative ways to deliver dramatic gains in reliability, efficiency and sustainability in flexible environments that can scale as quickly as the market demands. Role Summary The Director, Physical Security Governance will be responsible for designing, building, and leading Vantage Data Centers' North American physical security governance program from inception through full operational maturity. This role establishes the framework that ensures security is delivered consistently, compliantly, and at scale across all North American sites, while enabling the business to grow with confidence. This leader will own the policies, quality assurance, compliance oversight, performance measurement, and continuous-improvement mechanisms that transform physical security from site-based execution into a governed, measurable, enterprise-grade program. This position serves as the central authority for how physical security is defined, governed, measured, and improved across Vantage Data Centers' North American portfolio. Core Responsibilities Security Governance & Program Leadership Design and implement the North American Physical Security Governance Program, including governance models, operating frameworks, and control structures aligned with enterprise security objectives. Establish clear accountability, ownership, and decision rights across Physical Security Design, Delivery, Operations, Technology, and the Security Management Center (SMC). Serve as the executive-level authority for physical security governance across North America, ensuring all sites operate under a unified framework. Policy, Standards & Procedures Develop, maintain, and govern all North American physical security policies, standards, and procedures, including but not limited to: Access control Video surveillance Guard force operations Incident and threat management Visitor management Construction site security Data center physical security controls Ensure policies align with corporate risk, legal, compliance, privacy, and customer contractual obligations. Translate security standards into operationally executable procedures across all North American sites. Quality Assurance, Audits & Continuous Improvement Build and lead a Quality Assurance and Compliance function for physical security, including audit programs, control testing, site inspections, and validation of operating effectiveness. Define and manage corrective action and remediation programs resulting from audits, incidents, and performance gaps. Own the governance of all physical security after-action reviews, ensuring root-cause analysis, corrective actions, and preventive controls are documented, tracked, and closed. Performance Management, KPIs & Metrics Define and own the physical security performance framework, including key performance indicators (KPIs), key risk indicators (KRIs), and quality metrics. Establish measurable standards for: Policy compliance Control effectiveness Incident response quality Training and certification completion Site security performance Ensure leadership and site teams have clear, data-driven visibility into security performance, risks, and trends. Training, Certification & Enablement Design, develop, and govern the enterprise security training and awareness framework for North America, covering all employees, contractors, and site personnel, including: Physical security awareness and policy training Workplace violence prevention and response Threat awareness, reporting, and escalation Visitor management and access control expectations New-hire and new-site onboarding security training Annual and recurring security awareness and compliance training Own the creation, maintenance, and governance of all security training content, including standards, curricula, learning materials, and certification requirements. Ensure training programs remain aligned with evolving threats, regulatory requirements, customer security expectations, and internal risk priorities. Partner with Human Resources, Legal, Compliance, Operations, the Security Management Center (SMC), and Technology teams to embed security training into onboarding, lifecycle training, and daily business operations. Outreach, Engagement & Program Adoption Build and mature the Outreach and Engagement function to drive adoption of physical security governance across: Data center site leadership Construction and delivery teams Operations and IT Corporate stakeholders External partners, including law enforcement and relevant government agencies Establish and maintain strong working relationships with local, state, and federal law enforcement and government entities to support incident response, investigations, emergency preparedness, and threat mitigation. Lead change management, communications, and stakeholder engagement to ensure security standards, expectations, and governance models are consistently understood and applied across the North American portfolio. Required Qualifications 10+ years of experience in physical security, risk management, compliance, or governance within data centers, critical infrastructure, or high-reliability environments. Proven experience building and scaling enterprise governance, compliance, or quality assurance programs. Deep understanding of physical security controls, guard force operations, access control systems, and surveillance technologies. Experience operating in audited, regulated, or customer-validated environments. Demonstrated ability to define metrics, KPIs, and control frameworks and hold organizations accountable to them. Preferred Experience Experience supporting hyperscale or colocation data centers. Background in audit, compliance, or quality management systems. Experience partnering with legal, risk, compliance, construction, IT, and operations teams. Familiarity with security platforms, incident management tools, and compliance tracking systems. Additional Details Salary Range: $180,000 - $195,000 (this range is based on Colorado market data and may vary in other locations) This position is eligible for company benefits including but not limited to medical, dental, and vision coverage, life and AD&D, short and long-term disability coverage, paid time off, employee assistance, participation in a 401k program that includes company match, and many other additional voluntary benefits. Compensation for the role will depend on a number of factors, including your qualifications, skills, competencies, and experience and may fall outside of the range shown. Physical Demands and Special Requirements The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is occasionally required to stand; walk; sit; use hands to handle, or feel objects; reach with hands and arms; climb stairs; balance; stoop or kneel; talk and hear. The employee must occasionally lift and/or move up to 25 pounds. #LI-Remote #LI-AH1 We operate with No Ego and No Arrogance. We work to build each other up and support one another, appreciating each other's strengths and respecting each other's weaknesses. We find joy in our work and each other, actively seeking opportunities to inject fun into what we do. Our hard and efficient work is rewarded with an above market total compensation package. We offer a comprehensive suite of health and welfare, retirement, and paid leave benefits exceeding local expectations. Throughout the year, the advantage of being part of the Vantage team is evident with an array of benefits, recognition, training and development, and the knowledge that your contribution adds value to the company and our community. Don't meet all the requirements? Please still apply if you think you are the right person for the position. We are always keen to speak to people who connect with our mission and values. Vantage Data Centers is an Equal Opportunity Employer Vantage Data Centers does not accept unsolicited resumes from search firm agencies. Fees will not be paid in the event a candidate submitted by a recruiter without an agreement in place is hired; such resumes will be deemed the sole property of Vantage Data Centers. We'll be accepting applications for at least one week from the date this role is posted. If you're interested, we encourage you to apply soon-we're excited to find the right person and will keep the role open until we do!

Redapt Inc. is a pioneering world-class data center infrastructure integrator, technology engineering firm, and cloud services provider. Our teams focus on delivering innovative solutions and services that power our customers most demanding applications and enable them to extract powerful insights from data that drives true business value. We are seeking a dynamic and results-driven Client Director to join our team. In this consultative acquisition sales role, you will be responsible for acquiring, building and maintaining strong client relationships. You will have a solid understanding of client's business needs and providing customized solutions and professional services which are adjacent to cybersecurity, cloud, data center, and networking technologies. This enterprise sales role will require executive peer to peer dialogue and leadership capabilities that will engage the client and internal resources for open and trusted collaboration. You will identify opportunities and engage internal team personnel with clients while simultaneously achieving meaningful wins that advance the clients most strategic projects and/or initiatives. If you are a motivated individual with a passion for building long term relationships in a fast paced and evolving space that has tremendous upside, then we invite you to apply for this exciting opportunity. Responsibilities: You will develop and execute a strategic sales plan to achieve and exceed sales targets within the cybersecurity and IT solutions portfolio. Prospect, acquire, build and nurture relationships with target clients, understanding their unique challenges and objectives. Collaborate with internal teams, including technical experts, to design and present comprehensive solutions that address client needs. Stay updated on industry trends, emerging technologies, and competitor offerings to maintain a competitive edge. Lead and participate in client presentations, negotiations, and contract discussions. Provide accurate sales forecasts and reports to the leadership team so we can communicate the necessary resources to execute initiatives for our clients. Engage with partner OEM, ISV, and Infrastructure technologies to expand relevance and opportunities for our clients to optimize, reduce risk, increase business resiliency, and safeguard digital assets from threats. Skills you bring with you: Proven experience in consultative sales, preferably in the cybersecurity and IT industry. Strong understanding of cybersecurity solutions and IT services. Excellent communication and presentation skills, with the ability to articulate complex technical concepts to a non-technical audience. Demonstrated success in building and maintaining long-term client relationships. Proactive and results-oriented approach to sales. Must be willing and open to learn new concepts, ideas, frameworks, and technologies that advance and impact our client's organization. Demonstrated ability to cultivate new relationships and gain trust from key stakeholders. Qualifications: Bachelor's degree in a related field or equivalent experience. 5+ years of experience in consultative sales, preferably with a focus on cybersecurity and IT solutions. 100% Hunter Worked for a Value-Added Reseller or an Integrator. Travel required: Travel typically 15-25% or more a month Equal Employment Opportunity: Redapt is an equal opportunity employer. Applicants will not be discriminated against because of race, color, creed, sex, sexual orientation, gender identity or expression, age, religion, national origin, citizenship status, disability, ancestry, marital status, veteran status, medical condition, or any protected category prohibited by local, state, or federal laws. All employment is decided based on qualifications, merit, and business need. #LI-LM1

Since 2016, Wallarm has been on a mission to secure the internet's critical infrastructure: APIs. Today, we are the trusted choice for over 200 of the world's most innovative companies, from high-growth startups to Fortune 500 and Nasdaq leaders. Our unified platform provides full-lifecycle API security - helping teams discover their attack surface, protect against modern threats, and respond to incidents in real-time. As a graduate of Y Combinator and fueled by a recent $55M Series C, we are scaling our global, remote-first team of 150+ innovators to solve the next generation of security challenges. About the role: We are seeking an experienced and highly motivated Alliance Director to lead and expand strategic partnerships with technology vendors. This role will play a critical part in scaling our go-to-market efforts by developing joint solutions, enabling co-selling and co-marketing motions that create long-term value through aligned ecosystem strategies. Responsibilities: Alliance Strategy & Execution Define and execute the strategic partnership roadmap aligned with business goals. Identify, evaluate, and onboard new partners that enhance our API security platform offering. Develop joint business plans with key partners, including co-selling, co-marketing, and solution integration opportunities. Partner Management & Enablement Own and grow relationships with strategic alliance partners. Build executive-level and field-level alignment between Wallarm and alliance partner organizations. Lead alliance enablement programs to ensure successful technical and sales collaboration. Go-to-Market (GTM) Collaboration Drive joint GTM initiatives, including campaigns, demand generation, and solution launches. Align with sales leadership to develop partner-influenced pipeline and revenue targets. Monitor and report on performance metrics for each alliance and recommend adjustments as needed. Cross-Functional Leadership Collaborate with product, marketing, sales engineering, and legal to ensure the successful execution of alliances. Influence product roadmap by advocating for partner-integrated features and capabilities. Job requirements We are looking for candidates with: 7-10 years of experience in strategic alliances, business development, or channel sales within cybersecurity or cloud/SaaS environments. Deep understanding of the cybersecurity landscape; API security knowledge is a strong plus. Experience managing alliances with technology partners. Proven ability to build high-impact GTM partnerships that drive measurable results. Strong business acumen and ability to influence C-level stakeholders both internally and externally. Excellent communication, negotiation, and presentation skills. Bachelor's degree required; MBA or technical degree a plus. Nice to have: Familiarity with modern API ecosystems (e.g., REST, GraphQL, OpenAPI, Kubernetes, API gateways). Background in enterprise security products, including API security. Ability to thrive in a fast-paced, high-growth startup environment. Why Join Us: Be part of a category-defining company in the booming API Security space. Work with a passionate, high-performing team at the intersection of security, innovation, and go-to-market strategy. Remote work and flexible working hours. Competitive salary and bonuses. Paid days off and medical insurance. Working equipment. Professional development and career growth opportunities. All done! Your application has been successfully submitted! Other jobs

At OneStudyTeam (a Reify Health company), we specialize in speeding up clinical trials and increasing the chance of new therapies being approved with the ultimate goal of improving patient outcomes. Our cloud-based platform, StudyTeam, brings research site workflows online and enables sites, sponsors, and other key stakeholders to work together more effectively. StudyTeam is trusted by the largest global biopharmaceutical companies, used in over 6,000 research sites, and is available in over 100 countries. Join us in our mission to advance clinical research and improve patient care. One mission. One team. That's OneStudyTeam. The Director of Security leads enterprise security strategy and execution across governance, risk, compliance, and security engineering. This role manages the GRC and Security Engineering teams, partners with technology and business leaders, and ensures the design and operation of secure systems and processes across the organization. The Director is accountable for program maturity, audit readiness, and continual improvement. The scope includes third party risk, vendor assessment and qualification, security architecture oversight, AI related security assessments and guidance, incident response leadership, and budget ownership for security programs. This is a hands-on, technical leadership role with high autonomy that blends strategic program leadership with practical execution. The Director will develop roadmaps and metrics, allocate resources, and ensure alignment with business priorities and regulatory obligations. What You'll Be Working On: Lead and manage the GRC and Security Engineering teams, including strategy, objectives, staffing, coaching, and performance management. Own governance, risk, and compliance programs. Maintain ISO 27001 and related controls. Drive audit readiness for HIPAA and other frameworks. Coordinate policy lifecycle management and control testing. Run vendor assessment and qualification program. Oversee third party risk management, due diligence, contractual security requirements, and continuous monitoring. Provide AI related security assessments and guidance. Establish acceptable use guardrails for AI, assess model and data risks, and advise on controls for AI enabled solutions. Oversee security architecture for cloud environments and enterprise platforms. Partner with engineering on secure design for AWS, Azure, identity, network, and data protection. Direct security engineering operations. Manage EDR and threat detection with CrowdStrike, SIEM operations, CSPM posture management, vulnerability management, and SOAR automation. Lead incident response readiness and execution. Run tabletop exercises, coordinate investigations, and deliver root cause and lessons learned. Own and manage security budgets, multiyear planning, vendor contracts, and cost optimization while meeting control objectives. Report program status and risk posture to executives and the board. Define and track KPIs and KRIs. Communicate clearly with technical and non technical stakeholders. Establish and enforce secure software development practices and SDLC controls with engineering leadership. Maintain a current security roadmap and maturity plan aligned to business priorities. Oversee metrics, dashboards, and reporting for program performance and risk reduction. Coordinate with Legal, Privacy, and Compliance on regulatory obligations and customer security assessments. Champion security awareness training and culture, sponsor targeted training for engineering and high risk roles. Evaluate, select, and manage strategic security vendors and platforms, drive successful implementations and integrations. Represent security in customer meetings and due diligence, provide credible technical and compliance answers. What You'll Bring to OneStudyTeam: 15+ years of progressive experience in information security or related fields. 10+ years of management experience leading security teams, including people leadership and program ownership. Bachelor's degree in Computer Science, Engineering, Information Security, or related field. Relevant certifications strongly preferred. Examples include CISSP and CISM. [Proven leadership of security programs at enterprise scale. Ability to set strategy, drive execution, and deliver measurable outcomes. Demonstrated expertise in governance, risk, and compliance programs, including driving the implementation of ISO27001, SOC2, or HITRUST certification. Experience with AI security risk management, data protection for AI use cases, and acceptable use guardrails for AI and large language models. Strong background in secure software development, application security, and SDLC controls, including threat modeling and secure coding practices. Hands-on knowledge of cloud security for AWS and Azure, identity and access management, network security, data protection, and key management. We value diversity and believe the unique contributions each of us brings drives our success. We do not discriminate on the basis of race, sex, religion, color, national origin, gender identity, age, marital status, veteran status, or disability status. Note: OneStudyTeam is unable to sponsor work visas at this time. If you are a non-U.S. resident applicant, please note that OneStudyTeam works with a Professional Employer Organization. As a condition of employment, you will abide by all organizational security and privacy policies. This organization participates in E-Verify (E-Verify's Right to Work guidance can be found here).

Neko Health is a Swedish healthcare technology company co-founded in 2018 by Hjalmar Nilsonne and Daniel Ek. Neko's vision is to shift healthcare from reactive treatment toward preventative health and early detection. This requires completely reimagining the patient's experience and incorporating the latest advances in sensors and AI. Neko Health has developed a new medical scanning technology concept to make it possible to do broad and non-invasive health data collection that is convenient and affordable for the public. The company is based in Stockholm, offering the Neko Body Scan experience at locations in Stockholm, London and Manchester, with over 500 employees. We are looking for a Security Manager - Awareness & Training to lead our global security education program and strengthen Neko's security culture. This role focuses on reducing human‑driven risk, designing engaging training, driving behavioural change, and ensuring all employees meet security and compliance obligations. You will own Neko's security awareness roadmap, phishing program, onboarding experience, role-based training, and internal communication strategy. You will also support security requirements for ISO 27001, HIPAA, SOC 2, IEC 81001‑5‑1, and security‑related audits. This is a high‑impact role where you will collaborate closely with Engineering, IT, People/HR, Compliance, Platform, and Leadership teams to embed security into daily operations. Responsibilities * Awareness & Behavioural Security * Own and lead the company‑wide Security Awareness & Training Program. * Design and deliver engaging learning formats: micro‑training, videos, workshops, newsletters, simulated exercises. * Run and continuously improve phishing simulation campaigns, including reporting metrics and follow‑up training. * Maintain a quarterly awareness and communication campaign calendar. Training & Competence Ensure employees meet all required annual and role‑based security training, including: onboarding training secure coding and developer education incident response roles clinical and operational security basics Maintain training records and prepare audit‑ready evidence. Define and track security culture KPIs: competence scores, reporting rates, behavioural improvement indicators. Cross‑Functional Enablement Collaborate with Engineering & Platform teams to deliver secure coding and best‑practice training. Partner with People/HR to embed security into onboarding, offboarding, and role changes. Support internal communication of security requirements, policy changes, and emerging threats. Prepare and maintain awareness-related artifacts for audits and compliance reviews. Requirements * 5+ years in security awareness, information security, training, behavioural security, or a related role. * Strong understanding of human risk, phishing, social engineering, and behavioural change principles. * Experience designing or managing security awareness programs. * Familiarity with secure coding or technical security topics (AppSec, cloud security fundamentals). * Excellent communication skills; ability to translate complex topics into simple, engaging content. * Experience with LMS platforms or enterprise learning tools. * Experience in regulated industries (health‑tech, medical device, healthcare, fintech). * Background in psychology, behavioural science, or learning & development is a plus. About the Engineering Team Distributed and Remote First We are nearly 100 full time engineers at the company, working from Berlin, Chamonix, Hamburg, Lisbon, Marseille, Vilnius, and Stockholm, spanning diverse disciplines such as Hardware Engineering, Firmware Development, Electrical Design, Algorithm Development, Machine Learning Development, Optronics Research, Frontend Development and more. We don't expect people to join us with a specific tech knowledge, but we do expect you to work with our tools. We use a mix of React, Typescript, C++, and Python. Our APIs are written in C# with ASP.NET Core, uses Azure Cosmos DB, and Azure Active Directory for authentication. Our headquarters and our hardware development team are in Stockholm, Sweden. We are a Remote First company; however, it is of course much easier to work remotely as a software engineer than a hardware or firmware engineer (since they require access to hardware or devices occasionally). Software engineers based in Stockholm work maybe one day a week or one day every two weeks from the office. We meet a couple of times per year to get to know each other and have fun. Organization and Way of Working The engineering team is divided into smaller cross functional project teams that each focus on a specific goal or target, where some groups are long-lived, and some are short-lived, depending on how big the goal or deliverable is. We strive to create groups which are cross-functional and able to complete their goals without dependence on other teams, even though this is of course not always possible. Groups track goals on a yearly and quarterly basis with goal follow-up across the entire engineering organization on a bi-weekly basis. Most groups do internal planning on a bi-weekly basis, but in the end it's up to the group to decide how they want to work. We have, however, mandated that all groups must present their progress or failures or hacks at our bi-weekly engineering demo, a fun meeting/presentation where we talk about everything from short-circuiting power-modules, how hard it is to calibrate cameras or align polygons in space, to neat new command line tools for operations, a new auth mechanism in the backend, a cool new way to visualize health data or a new feature which helps our doctors be more productive. We have a flexible workplace that focuses on work/life balance, and we strongly believe in our mission but do not think that achieving it requires sacrificing everything else. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Benefits: 401(k) 401(k) matching Competitive salary Dental insurance Health insurance Opportunity for advancement Paid time off Vision insurance Benefits/Perks Competitive Compensation Career Advancement Opportunities Great Work Environment Job SummaryWe are seeking an experienced Information Security Manager to join our team! As our Information Security Manager, you will be responsible for managing all Information Security projects, ensuring the safety and security of the data in our care, and identifying and eliminating threats before they start. You will also work closely with other departments to ensure compliance with security best practices and create reports to present to upper management and other department heads on security protocols. The ideal candidate has previous experience working in Information Security, has demonstrable experience leading a team, and has a deep understanding of best security practices. Responsibilities Manage IT projects and oversee goals, ensure metrics are being met, and projects are being completed in a timely manner Work closely with staff to manage any support issues that arise, handle all user access credentials, and hardware inventory Maintain and adjust any documentation for users in regard to common technology processes, hardware handling, and more Maintain and adjust any communications procedures to ensure staff issues are being heard and handled appropriately Investigate any security incidents and handle documentation and remediation Monitor security systems to protect data and spot any questionable activity before it becomes a threat Present reports to upper management to discuss security concerns and ongoing efforts, as needed Qualifications Previous experience in IT Security and Management preferred Strong interpersonal and communication skills Demonstratable experience and knowledge in IT, security, and best practices Strong leadership ability Self-driven and motivated The ability to meet deadlines and work under high-pressure situations Flexible work from home options available. Compensation: $140,000.00 - $150,000.00 per year PROVIDING QUALITY STAFFING AND CONSULTING SINCE 2011 Based out of San Antonio, Tex as, our minority women-owned company specializes in all staffing and consulting needs. Whether you're trying to hire a pharmacist, a respiratory therapist, or skilled and non-skilled laborer, we will staff your company with the best candidate. We bring extensive experience and professionalism and we will personalize our assistance to your needs and concerns. Most of our contracts are with the Army and Air Force as Sub-Contractors. Our staff has a quick turn around and have been able to fill positions within 48 hours with short notice, we have filled hard to fill locations and jobs, and managed over 16 contracts with over 70 employees at a time. Managed call-ins at 24/7 hospitals and ensured shifts were filled, and managed PRNs with notice of less than 24 hours. Also, provided temp laborers for next day jobs. Our consulting division provides contracting assistance, program managing, application assistance, certification assistance and proposal writing. We are very knowledgeable in a variety of areas and are eager to assist your company's prosperity.

Compliance & Information Security Manager Department: Compliance Reports To: VP of Compliance Installation Made Easy (“IME”) provides software and process management that enable retailers and contractors to offer installed home improvements to homeowners in a convenient, consistent, and affordable manner. IME senior management has over 100 years of retail management and home improvement industry experience. We are seeking a Compliance & Information Security Manager to build and manage our corporate compliance and information security governance program. The role will lead regulatory compliance initiatives, manage audit and certification efforts, and partner closely with Compliance, IT, and Security teams to support a strong risk and compliance posture. The candidate must be able to work independently in a remote environment. Essential Functions: Manage compliance programs related to PCI DSS, SOC 1 / SOC 2, and related frameworks. Serve as project manager for external audits and certifications, coordinating internal teams and external auditors. Maintain compliance with U.S. consumer privacy and data protection laws, including state privacy and breach notification requirements. Develop and maintain compliance, privacy, and information security policies and documentation. Review and redline agreements with customers, partners, and vendors, focusing on data protection, security, and compliance terms. Oversee the maintenance of the company's certifications and licenses, such as money services licensure and/or business registrations Support information security governance, risk assessments, vendor risk reviews, and remediation tracking. Provide compliance support during security incidents and investigations. Partner cross-functionally and provide compliance guidance and training across the organization. Perform other duties as required. Minimum Qualifications: 5+ years of experience in compliance, information security, risk management, or GRC roles. Hands-on experience managing PCI and SOC audits. Working knowledge of U.S. consumer privacy and data protection laws. Experience reviewing and redlining commercial agreements. Strong project management and communication skills. Bachelor's degree in a related field or equivalent experience. Preferred Qualifications: Certifications such as CISSP, CISM, CRISC, CISA, or CIPP/US. Experience in a SaaS or software environment. Familiarity with NIST or ISO 27001 frameworks. Physical Requirements: Prolonged periods of sitting at a desk and working on a computer. Benefits to working with IME: 100% remote work environment Employer provided equipment. Medical, dental, and vision insurance Health savings plan includes employer contribution to health savings account. Medical and dental flexible spending accounts Company paid basic life, short-term disability, and long-term disability insurance. 401K plan with employer match Company matches 100% of the first 4% of salary deferrals. All contributions, including employer contributions, are 100% vested immediately. Employee discount program for Electronics, Groceries, Travel, Entertainment, and more Employee assistance program Pay on demand. Critical illness, hospital indemnity, group accident, and legal insurance Paid time off. And more! We are an Equal Opportunity and Drug-Free Workplace. The is not an exhaustive statement of all duties, responsibilities, or qualifications of the job, nor is it intended to limit opportunities for necessary modifications. The Job Description does not constitute an employment contract of any kind.