Senior information assurance analyst jobs near me - 80 jobs

About Extend: Extend is revolutionizing the post-purchase experience for retailers and their customers by providing merchants with AI-driven solutions that enhance customer satisfaction and drive revenue growth. Our comprehensive platform offers automated customer service handling, seamless returns/exchange management, end-to-end automated fulfillment, and product protection and shipping protection alongside Extend's best-in-class fraud detection. By integrating leading-edge technology with exceptional customer service, Extend empowers businesses to build trust and loyalty among consumers while reducing costs and increasing profits. Today, Extend works with more than 1,000 leading merchant partners across industries, including fashion/apparel, cosmetics, furniture, jewelry, consumer electronics, auto parts, sports and fitness, and much more. Extend is backed by some of the most prominent technology investors in the industry, and our headquarters is in downtown San Francisco. What You'll Do: Serve as a core member of Security Operations, monitoring and triaging alerts from platforms such as SentinelOne and Wiz. Perform end-to-end investigations to identify, contain, and remediate threats and incidents, driving timely, appropriate response. Proactively identify and assess vulnerabilities in infrastructure and code, working with development and other cross functional teams to address issues. Contribute to the end-to-end detection lifecycle: model attacker behaviors (MITRE ATT&CK), write and test detections as code across security programs and tooling (SentinelOne, Wiz, Okta, AWS CloudTrail), and continuously enrich to reduce false positives and improve MTTD. Support data quality and telemetry onboarding, maintain response playbooks, and provide threat validation assistance across the business. Assist teams with the application of secure configuration baselines and best practices in accordance with CIS Benchmarks, NIST, vendor hardening guides, and applicable compliance standards across all company computing assets. Correlate endpoint and infrastructure telemetry to identify emerging threats. Curate and operationalize intelligence (IOCs, TTPs) into detections and response playbooks, and maintain vetted intelligence feeds. Assist GRC initiatives by mapping controls to internal policies and frameworks (e.g., SOC 2, NIST CSF, NYC DFS 500), identifying gaps, supporting audits and evidence collection, tracking remediation, and maintaining policies and control documentation. Work with engineering and business teams to champion security best practices, communicate risks to accountable owners, and assist with mitigation planning and execution. What We Are Looking For: 3+ years experience in a Security Analyst / Security Operations role 3+ years experience with AWS CloudFormation, or other infrastructure-as-code systems (like Terraform) 3+ years experience or certification in AWS serverless technologies (API Gateway, Lambda, S3, DynamoDB) Certifications (one or more preferred): CISSP, CCSP, GIAC (GCIH/GCIA/GMON/GCED/GCFA/GREM), cloud security (AWS or cloud agnostic security specialty) or equivalent experience. Proficiency with hands on management and use of SIEM, CNAPP, EDR, Vulnerability Management tooling, and Detection Engineering strategies. Proficiency with AI technologies and the corresponding threat landscape and strategies for mitigation. Understands agentic workflows such as AWS Bedrock, MCP based workflows (or similar technologies) Working Knowledge of best practices around security roles and responsibilities for AWS IAM Experience working with observability services and tooling (including Coralogix, CloudWatch, OpenTelemetry) Ability to perform in a high energy environment with dynamic job responsibilities and priorities Nice to Haves: Experience with AWS Cloud Development Kit(CDK) Experience with Mastra AI Expected Pay Range: $157,000 - $182,000 per year salaried* * The target base salary range for this position is listed above. Individual salaries are determined based on a number of factors including, but not limited to, job-related knowledge, skills and experience. Life at Extend: Working with a great team from diverse backgrounds in a collaborative and supportive environment. Competitive salary based on experience, with full medical and dental & vision benefits. Stock in an early-stage startup growing quickly. Generous, flexible paid time off policy. 401(k) with Financial Guidance from Morgan Stanley. Extend CCPA HR Notice

OppFi is a leading tech-enabled digital finance platform that works with banks to provide financial products and services for everyday Americans. Through a transparent and responsible platform, which includes financial inclusion and excellent customer experience, the Company supports consumers who are turned away by mainstream options to build better financial health. We are a team of caring, innovative, and inclusive individuals who thrive in being immersed in diverse talents, expertise, perspectives, and backgrounds. Our employees approach every new challenge with an unparalleled ability to see what could be rather than settle for what is. Our business principles guide us and create an open and collaborative culture where we improve 1% every day, and the best ideas always win! We welcome individuals who want to make an impact in the financial system by facilitating credit access, expanding financial inclusion, promoting financial health, and delivering exceptional customer service. A few other fun facts about us. OppFi is one of the top consumer-rated financial platforms online, maintaining a 4.5/5.0-star rating on Trustpilot. We are a 2025 Crain's Fast 50™ company and were named on Built In's 2025 Best Places to Work in Chicago. Senior Security Analyst III As Senior Information Security Analyst III, you will be a key contributor to our day-to-day security operations, assisting with threat monitoring, incident triage, vulnerability remediation, and GRC activities. This role is an excellent opportunity for someone with security experience who is eager to grow their skills in risk management, cloud environments and security best practices. You will work closely with senior team members and various OppFi internal teams to ensure our environment maintains security, visibility, and compliance standards. What you get to do: Information Security Risk Management: Own the security review and assessment process evaluating the risk associated with introducing new applications/tools into the environment. Assist with security risk management activities, including the analysis, quantification, and tracking of information security risks, plus the review and documentation of risk exception requests. Policy and Compliance Analysis: Identify emerging compliance requirements and assess their impact on our policies. Develop and refresh our policies, procedures, standards, and guidelines to stay compliant and aligned with industry best practices. Governance Visibility: Design and maintain dynamic dashboards or scorecards that offer clear insights into Information Security Governance activities, demonstrating our commitment to security and compliance. Security Operations & Incident Support Monitor security alerts from various tools (SIEM, EDR, cloud logs) and support the triage of potential security incidents by gathering initial data and escalating to senior engineers as needed. Assist in the execution of security incident response playbooks, focusing on initial steps like investigation, basic containment, and documentation. Contribute to the documentation and tracking of security incidents to support audit and compliance requirements. Support the monitoring and logging strategy by assisting with the configuration and tuning of SIEM (Security Information and Event Management) alerts and reports. Perform regular log review and analysis for suspicious activities under the guidance of senior staff. Improvement & Collaboration Contribute to the development and maintenance of operational playbooks and documentation for security processes. Learn to deploy and manage new security tools and assist in the development of basic threat detection logic. Develop basic security performance metrics and assist with reporting to measure the effectiveness of security controls. Performs other related duties as assigned. What you will bring to the team: 3-5 years of professional experience in Information Security or IT Risk Management, with a background supporting IT compliance programs to meet regulatory requirements and demonstrated expertise in at least one of the following areas: Security Operations, Incident Response, or Vulnerability Management. Experience with Security and control frameworks, such as FFIEC, NIST, COBIT, ITIL, and ISO control framework EDR platforms (e.g., CrowdStrike, Defender for Endpoint, SentinelOne) SIEM/SOAR tools (e.g., Sumo Logic, Splunk, Chronicle, or Azure Sentinel) CSPM tools (e.g., Wiz, Prisma, Orca) Vulnerability management platforms (e.g., Qualys, Tenable, Rapid7) Experience identifying potential IT controls risks and opportunities through and offering sustainable recommendations that address cause rather than symptoms Experience with information security standards, best practices for securing computer systems within applicable laws and regulations Experience with Governance Risk & Compliance (GRC) tools and procedure development Solid understanding of common attack techniques (MITRE ATT&CK), incident triage, and remediation workflows. Foundational knowledge of AWS (Amazon Web Services) or other cloud environments. Basic understanding of networking, operating systems (Linux/Windows), and common security principles (e.g., least privilege, defense-in-depth). Familiarity with automation frameworks or API integrations for security tools. Strong written communication skills necessary for developing clear, concise procedures and playbooks, coupled with effective verbal skills for communicating technical findings. Experience building dashboards and metrics for leadership visibility. Strong analytical and problem-solving skills with a keen attention to detail and a desire to learn quickly. Bachelor's degree in Cybersecurity, Computer Science, or equivalent experience. Certifications such as CompTIA CySA+, GCIH, GCIA, GMON, GCDA, GSOC, or CISSP associate are preferred. Experience working in a regulated industry (financial services or health care) Reports to: Manager, Security Operations Total Rewards and Benefits: At OppFi, we are committed to fostering a fair and equitable workplace. The compensation range for this role reflects our good faith compensation estimate for this position. Final offers are determined based on a myriad of factors including, but not limited to experience, skills, qualifications, and other relevant business considerations. Candidates are encouraged to discuss compensation expectations during the hiring process. In addition to base pay, the total compensation package includes eligibility and potential for performance-based bonuses and equity grants dependent upon the role and job level. OppFi offers a flexible, remote environment, 401(k) matching program, and generous paid time off. Other benefits include medical, dental, and vision coverage, and tuition reimbursement. Additional benefits include DoorDash DashPass, Figo pet insurance, Rocket Lawyer, and access to LinkedIn Learning. OppFi also offers Fringe, a lifestyle benefits platform that allows employees to decide how to spend rewards from dozens of vendors like Uber, DoorDash, and UrbanSitter. #LI-Remote Compensation Range:$102,400-$153,600 USD EEO Statement: OppFi is an equal opportunity employer and does not discriminate based on any actual or perceived legally recognized protected bases under local, state, federal law, or regulations. Our goal as a company is to build an equitable workplace that actively works to dismantle systems of oppression in our processes, procedures, and interactions. We aim to help our employees thrive where they work and beyond. Check out our Culture page here. As part of OppFi's commitment to providing equal opportunity to qualified individuals, OppFi will ensure that persons with disabilities are provided reasonable accommodation as defined by applicable laws and organizational policies. If reasonable accommodation is needed to participate in the job application or interview processes or job requirements, please contact our People Team at ********************. Pursuant to the requirements of the California Consumer Privacy Act, OppFi is providing the "OppFi California Employee Privacy Policy", which details the categories of personal information collected and your rights under the policy. If you are a California resident, please review the policy here: ******************************* The information in this document is for general informational purposes only. It is not intended to be an all-inclusive list or description of the organization and its requirements for positions and employees. OppFi reserves the right to modify or change the information on this document at its discretion.

At Crypto.com, our dedication to user security is led by our highly experienced Security Team. Comprising an international roster of seasoned cybersecurity experts, our team leads the company's Security, Privacy, and Security Compliance endeavors. The team includes holders of international patents for technologies integrated in our security architecture. Under the stewardship of a distinguished CISO recognized by the Forbes Technology Council and among the Global Top 100 CISOs, our team has consistently championed industry standards, acquiring certifications like ISO27001, ISO27701, ISO22301, PCI:DSS 3.2.1 (Level 1), NIST Tier 4, and SOC 2 Type II, in addition to the MPI License from Singapore MAS. Our Chief Information Security Officer reports directly to the CEO, underscoring the prioritization of security in our organization's hierarchy. Our Security Team not only places great emphasis on credentials and expertise but also deeply values hands-on experience, rapid cognition, and dynamic learning. The challenges in the world of crypto are ever-evolving, and as such, our team prides itself on quick adaptability and robust teamwork, ensuring that we stay ahead of potential threats and always safeguard our user base. About the Role As our Security Compliance Senior Analyst, you will be tasked with security compliance activities along with our journey. You are expected to take the initiative to assist us with several security compliance programs and certifications. You are required to address and review compliance gaps and give recommendations and support on remediation activities. You will also be trusted to provide technical advice to ensure that security compliance requirements are met throughout all business units. This role requires technical knowledge of network security, especially on-prem and cloud native architectures. A familiarity with US derivatives regulatory frameworks would be advantageous. Job Responsibilities: Assist in our security compliance programs, including ISO27001, ISO27701, PCI-DSS, SOC2 Type 2, and local regulations Participate in internal security and privacy assessments, internal and external audits, compliance certifications, and risk management Provide complete and accurate responses to internal and third-party enquiries on security compliance Perform security compliance assessment activities, including periodic technical, organizational, and third-party risk and control assessments, and managing remediation activities to completion Design and manage necessary control and framework required to comply with international standards and US local regulations Identify and drive process improvements for streamlining global security compliance operations Qualifications: 3-5 years of experience in information security, privacy, IT audit or IT risk management related roles. Prefer experience with one or more of the following: In-house security and privacy operations, conducting security control assessments, risk assessments or audits. Prefer experience with any of the following: ISO27001, ISO27701, SOC1, SOC2, PCI, SOX, COSO, cloud technologies, and data protection regulations and requirements. Ability to analyze and review US and Global privacy and information security compliance and provide guidance. Holders of security-related certifications/qualifications will be an advantage: CISSP, CRISC, CISM, CISA, ISO27001 LA, CIPT, CIPP/E, or other relevant certifications Experience leading compliance initiatives and working with auditors and/or external regulators It's a plus if you: Have experience in information security and privacy management in virtual assets, fintech, online services, platform services, or global services. Have experience in establishing information security and privacy framework to meet US regulations, (CFTC, FINRA, SEC, and other US based regulators.) Are a strong commitment to personal learning and development Are detail minded with an analytical mindset Have good communication skills with an ability to explain complex technical issues to non-technical business users Have prior experience with project management Have an interest and understanding of Blockchain and AI technologies ***************** Empowered to think big. Try new opportunities while working with a talented, ambitious and supportive team.Transformational and proactive working environment. Empower employees to find thoughtful and innovative solutions.Growth from within. We help to develop new skill-sets that would impact the shaping of your personal and professional growth.Work Culture. Our colleagues are some of the best in the industry; we are all here to help and support one another.One cohesive team. Engage stakeholders to achieve our ultimate goal - Cryptocurrency in every wallet. Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up Aspire career alternatives through us - our internal mobility program offers employees a new scope. Are you ready to kickstart your future with us? BenefitsCompetitive salary Attractive annual leave entitlement including: birthday, work anniversary 401(k) plan with employer match Eligible for company-sponsored group health, dental, vision, and life/disability insurance Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up Aspire career alternatives through us. Our internal mobility program can offer employees a diverse scope. Our Crypto.com benefits packages vary depending on region requirements, you can learn more from our talent acquisition team. About Crypto.com:Founded in 2016, Crypto.com serves more than 150 million customers and is the world's fastest growing global cryptocurrency platform. Our vision is simple: Cryptocurrency in Every Wallet™. Built on a foundation of security, privacy, and compliance, Crypto.com is committed to accelerating the adoption of cryptocurrency through innovation and empowering the next generation of builders, creators, and entrepreneurs to develop a fairer and more equitable digital ecosystem. Learn more at ******************* Crypto.com is an equal opportunities employer and we are committed to creating an environment where opportunities are presented to everyone in a fair and transparent way. Crypto.com values diversity and inclusion, seeking candidates with a variety of backgrounds, perspectives, and skills that complement and strengthen our team. Personal data provided by applicants will be used for recruitment purposes only. Please note that only shortlisted candidates will be contacted.

BlackCloak's mission is to protect corporate executives and high-profile individuals in their personal lives, mitigating risks to their families, companies, reputation, and finances. We defend our clients' digital lives from hackers, privacy leaks, and identity theft. If you are passionate about helping to protect others, then keep reading - this may be your next great opportunity. Ready to be on the front lines of cybersecurity? BlackCloak is looking for a sharp and proactive Security Analyst to join our team. In this role, you'll be the first responder, monitoring and triaging security alerts from a variety of sources and leading the charge on security incidents. You'll play a critical part in our continuous compliance program, help develop our threat detection capabilities, and analyze emerging threats. If you're passionate about protecting against cyber threats and thrive in a fast-paced environment, we want to hear from you.What You Will Do Monitor and triage security alerts from a variety of sources including SIEM (SecOps, Sentinel), EDR (SentinelOne, CrowdStrike) and cloud security platforms like Wiz, Orca. Serve as a primary responder for security incidents, executing the incident response lifecycle from initial detection and containment to eradication and recovery. Support development of threat detection library, including incorporating threat intelligence, tuning within security tools, and SOAR response actions. Maintain and draft SOP's and supporting documents for the Incident Response Plan and strategy Analyze phishing attempts, malware, and other cyber threats; partner with Security Engineering to devise additional security controls, administer email security, EDR, ZTNA, and other security tooling configurations to block emerging threats. Participate in a 24/7 on-call rotation to respond to critical security incidents. Support triage and response for compliance alerts and requests, enabling the continuous compliance program at BlackCloak using tools such as Vanta, Drata. Prepare and present detailed incident reports and security metrics to technical and leadership audiences. What You Need To Be Successful 4-6 years of direct experience in a Security Operations Center, incident response, threat intelligence, or similar cybersecurity role. Ability to navigate complex problems, stay cool under pressure, and be highly inquisitive. Hands-on experience with SIEM, SOAR, and other security platforms for log analysis, correlation, automated response, and maturation of detections/runbooks. Deep understanding and practical experience with Endpoint Detection and Response (EDR) tools and their investigative capabilities. Good knowledge of cloud security principles and services in AWS, Azure, or GCP, including experience with security tools like Wiz or Prisma Cloud. Solid understanding of network protocols, operating systems (Windows, Linux, mac OS), and common attack vectors (OWASP, MITRE) Familiarity with identity and access management concepts, including SAML, OAuth, and role-based access control (RBAC) Relevant industry certifications are highly desirable, such as GIAC (GCIH, GCFA), CISSP, or CompTIA Security+. Excellent problem-solving skills and the ability to communicate complex technical concepts to both technical and non-technical audiences. $100,000 - $130,000 a year About BlackCloakBlackCloak is an extremely fast-growing company in an entirely new product category. We have amazing product fit validated by industry awards and an impressive client base of Fortune 500 companies across all industries. BlackCloak offers a competitive salary, exceptional benefits, and a dynamic work environment. Below is a quick summary of BlackCloak's generous benefits package for full-time employees includes: - 100% Remote Company, within the USA - Comprehensive Medical, Dental, and Vision plans with a 100% employer-paid monthly premium option for employees & 50% employer-paid monthly premiums for dependents. - Health Savings Account with company contribution for eligible medical plans. - Flexible Vacation Plan - 10 Paid Company Holidays - 100% employer-paid Life, AD&D and Short- and Long-Term Disability Insurance - 401k with Traditional and Roth options, including employer match. - Company Equity - Paid Parental and Pregnancy Recovery Leave - Company and team off-sites and virtual events throughout the year - Home office stipend We are an equal opportunity employer. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, marital status, age, disability, national or ethnic origin, military service status, citizenship, or other protected characteristic. Learn More about UsWebsite: ********************* LinkedIn: /blackcloak Twitter: @BlackCloakCyberWhite Paper: ******************************************************************************************************* #liremote

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU. If you'd like to build the world's best AI cloud, join us. *Note: This position requires presence in our San Francisco or San Jose office location 4 days per week; Lambda's designated work from home day is currently Tuesday. What You'll Do Validate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives Manage IT Risk Register including risk identification, tracking, and prioritization. Assist with and drive remediation of control deficiencies and gaps Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.) Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting Assist with the Customer Trust program which may include managing customer assessments, and security questionnaires Assist control owners with root cause analysis and track risk management action plan progress. Create risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings Assist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements You Have a minimum of 8 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements Have experience managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks Have experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations Possess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives Nice to Have Experience in the machine learning or computer hardware industry Experience with Security by Design and/or Privacy by Design principles Experience with standard cyber controls frameworks, including CIS Top18, NIST Cyber Security Framework (CSF), NIST 800.53, NIST 800.171, CMMC, Cybersecurity Maturity Model Certification (CMMC), ISO 27001 and 27701, and SOX ITGC control frameworks. Broad knowledge of IT infrastructure and architecture of computer systems as well as exposure to a variety of platforms such as operating systems, networks, databases, and ERP systems Familiarity with using third-party tools such as Audit Board, Whistic, RSA Archer, ServiceNow for third-party risk management Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Experience in the AI infrastructure, machine learning and/or computer hardware industry Salary Range Information The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description. About Lambda Founded in 2012, with 500+ employees, and growing fast Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG Our values are publicly available: ************************* We offer generous cash & equity compensation Health, dental, and vision coverage for you and your dependents Wellness and commuter stipends for select roles 401k Plan with 2% company match (USA employees) Flexible paid time off plan that we all actually use A Final Note: You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills. Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.

Make a difference. Be happy. Grow your career. A Nordic consultant is more than just an Epic expert. Our analysts take ownership for their work and the greater success of the organization. We're also looking for someone who listens to the client and understands that each project and each organization is unique. You'll need to tackle tough projects to help those organizations succeed. Experience implementing Epic is required, and if you have experience on a Connect or optimization project, that's a plus. Here are a couple things you'll need: -At least 3 years of Epic experience -At least 1 current Epic certification (Security, Security Coordinator) Senior Consultant A Senior Consultant provides consulting services to clients on Epic-related projects in an analyst, project management, project leadership or training capacity. Key Responsibilities Perform Epic-related consulting and administrative computer services for Nordic clients Apply technical expertise to individual client system build in order to identify, troubleshoot, and resolve problems. Mentor client project teams as necessary in project and system build strategy. Track and document risks and issues. Analyze and document workflows. Work closely with project leadership, including documentation and facilitation. Work directly with Epic end users. Monitor workflows, provide documentation, and optimization suggestions. Lead meetings regarding project status and on-going work-product coordination. Additional specific duties related to the project as may be required and dictated by individual clients. These duties are documented on a per-contract basis in the client's statement of work. May be invited to attend corporate functions as a representative of the company to meet prospective consultants, as well as solidify relationships with client and Nordic co-workers. #LI-AB1 EEO Language: Nordic is an equal opportunity employer dedicated to a policy of non-discrimination on any protected basis including race, creed, color, age, gender, religion, national origin, disability, marital or veteran status, sexual orientation, or any other legally protected status under applicable local, state or federal law. EEO/AA Employer: M/F/Disabled and Vet. Nordic is an equal opportunity employer. We are committed to creating an inclusive environment for all employees and applicants. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, marital or veteran status, or any other protected status under applicable federal, state, or local laws. We encourage individuals of all backgrounds to apply, including women, minorities, individuals with disabilities, and veterans.

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU. If you'd like to build the world's best AI cloud, join us. * Note: This position requires presence in our San Francisco or San Jose office location 4 days per week; Lambda's designated work from home day is currently Tuesday. What You'll Do * Validate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives * Manage IT Risk Register including risk identification, tracking, and prioritization. * Assist with and drive remediation of control deficiencies and gaps * Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.) * Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting * Assist with the Customer Trust program which may include managing customer assessments, and security questionnaires * Assist control owners with root cause analysis and track risk management action plan progress. * Create risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings Assist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements You * Have a minimum of 8 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements * Have experience managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks * Have experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations * Possess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives Nice to Have * Experience in the machine learning or computer hardware industry * Experience with Security by Design and/or Privacy by Design principles * Experience with standard cyber controls frameworks, including CIS Top18, NIST Cyber Security Framework (CSF), NIST 800.53, NIST 800.171, CMMC, Cybersecurity Maturity Model Certification (CMMC), ISO 27001 and 27701, and SOX ITGC control frameworks. * Broad knowledge of IT infrastructure and architecture of computer systems as well as exposure to a variety of platforms such as operating systems, networks, databases, and ERP systems * Familiarity with using third-party tools such as Audit Board, Whistic, RSA Archer, ServiceNow for third-party risk management * Certified Information Systems Auditor (CISA) * Certified Information Security Manager (CISM) * Certified Information Systems Security Professional (CISSP) * Certified in Risk and Information Systems Control (CRISC) * Experience in the AI infrastructure, machine learning and/or computer hardware industry Salary Range Information The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description. About Lambda * Founded in 2012, with 500+ employees, and growing fast * Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove * We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG * Our values are publicly available: ************************* * We offer generous cash & equity compensation * Health, dental, and vision coverage for you and your dependents * Wellness and commuter stipends for select roles * 401k Plan with 2% company match (USA employees) * Flexible paid time off plan that we all actually use A Final Note: You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills. Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.

At OneStudyTeam (a Reify Health company), we specialize in speeding up clinical trials and increasing the chance of new therapies being approved with the ultimate goal of improving patient outcomes. Our cloud-based platform, StudyTeam, brings research site workflows online and enables sites, sponsors, and other key stakeholders to work together more effectively. StudyTeam is trusted by the largest global biopharmaceutical companies, used in over 6,000 research sites, and is available in over 100 countries. Join us in our mission to advance clinical research and improve patient care. One mission. One team. That's OneStudyTeam. We are seeking a Senior Security Compliance Analyst with expertise in Governance, Risk, and Compliance (GRC) to support and enhance our security and compliance programs within the healthcare industry. This role is critical in ensuring adherence to industry regulations, responding to customer audits, and maintaining compliance with ISO 27001, HIPAA, and other security frameworks. The ideal candidate will be a detail-oriented compliance expert who can navigate complex regulatory environments, assist with internal/external audits, and drive continuous improvement in security governance. The ideal candidate must be able to operate independently while delivering on the following duties. What You'll Be Working On: Lead and support customer security audits, responding to security questionnaires and demonstrating compliance with security frameworks. Prepare, coordinate, and manage ISO 27001 audits, including evidence collection, control implementation, and auditor engagement. Ensure ongoing compliance with HIPAA, NIST CSF, and other regulatory requirements applicable to healthcare data security. Develop and maintain policies, procedures, and security documentation to meet regulatory and contractual obligations. Perform gap analyses and risk assessments to identify and remediate compliance risks. Manage and improve security governance frameworks, ensuring alignment with industry best practices and business objectives. Conduct third-party vendor risk assessments, ensuring compliance with security policies and contractual obligations. Monitor security controls, ensuring effectiveness and continuous improvement in alignment with security frameworks. Support security awareness training initiatives, ensuring employees understand compliance responsibilities. Stay current on ISO 27001, HIPAA, NIST 800-53, and other relevant standards, translating them into actionable security controls. Assist in defining security metrics and reporting on compliance status and risk posture to leadership. Work closely with legal, security, IT, and business teams to align compliance requirements with security operations. What You'll Bring to OneStudyTeam: Bachelor's degree in Information Security, Computer Science, Risk Management, or related field (or equivalent experience). 8+ years of progressive experience in GRC, compliance, or security audit roles. Experience in healthcare or regulated industries strongly preferred. Certifications strongly preferred: ISO 27001 Lead Auditor/Implementer, CISSP, CISM, CISA, HITRUST CCSFP, CRISC. Experience leading ISO 27001, SOC2, or HITRUST audits, including ISMS implementation and external audit coordination. Strong understanding of NIST CSF, SOC 2, GDPR, and other security frameworks. Hands-on experience with customer security audits, including responding to security questionnaires and managing security assessments. Ability to perform risk assessments, policy reviews, and compliance gap analyses. Strong written and verbal communication skills, with the ability to explain technical concepts to non-technical stakeholders. Detail-oriented with excellent organizational and project management skills. Ability to work independently and collaboratively in a remote environment. Familiarity with GRC tools (e.g., OneTrust, LogicGate, Archer, Vanta, Drata) is a plus. We value diversity and believe the unique contributions each of us brings drives our success. We do not discriminate on the basis of race, sex, religion, color, national origin, gender identity, age, marital status, veteran status, or disability status. Note: OneStudyTeam is unable to sponsor work visas at this time. If you are a non-U.S. resident applicant, please note that OneStudyTeam works with a Professional Employer Organization. As a condition of employment, you will abide by all organizational security and privacy policies. This organization participates in E-Verify (E-Verify's Right to Work guidance can be found here).

The Information Security Specialist/Analyst III reports to the Manager, Security Operations. Under indirect supervision, the Information Security Specialist/Analyst III provides a variety of operational, compliance, and consultative functions. This position designs, implements, manages, and monitors technical, administrative, and physical controls to protect the confidentiality, integrity, and availability of the organization's information assets. This role may be required to provide rotating 24x7 on-call support. Entity Medical University Hospital Authority (MUHA) Worker Type Employee Worker Sub-Type Regular Cost Center CC005101 SYS - IS Tidelands Integration Pay Rate Type Salary Pay Grade Health-29 Scheduled Weekly Hours 40 Work Shift We are seeking a highly skilled and experienced Senior Information Security Analyst to join our team. This role is critical in safeguarding our complex healthcare IT environment and ensuring compliance with industry standards. Key Responsibilities: 45% - Network Security Monitoring and Incident Response: Serve as a lead escalation point for security incidents, overseeing detection, investigation, containment, and remediation within a CrowdStrike EDR environment across a healthcare infrastructure. Experience with Microsoft Defender for Endpoint EDR is also desired. Analyze findings from security monitoring systems, including Intrusion Detection/Prevention Systems (ID/PS) and Security Information Event Management (SIEM) consoles, to identify and respond to potential security incidents and data breaches. Perform cyber security incident handling, tracking and reporting. Utilize professional judgment and institutional knowledge to assess risk levels, conduct forensic investigations, isolate malware, identify attack vectors, provide guidance on remediation planning, and prioritize remediation efforts. Respond to relevant service requests received from end users (e.g. for investigation of security events). Collaborate with internal Security Operations Center (SOC) teams and external Managed Security Service Providers (MSSPs) to contain and remediate security incidents. 20% - Security Technology management: Configure, manage, and optimize SIEM platforms (Crowdstrike and/or Microsoft Sentinel) to enhance threat detection and response capabilities. Lead and manage large scale security-related projects, including tool implementations, upgrades, and process improvements. 10% - Vulnerability Management: Conduct vulnerability assessments to identify security risks and report findings to system owners. Manage workflows to ensure that protected assets are properly assessed in a timely manner. 15% - Threat Analysis Continuously evaluate and update analytics to counter evolving Threat Actor tactics, techniques, and procedures (TTPs). Perform risk assessments and translate business requirements into effective security controls. Maintain comprehensive documentation and present findings to stakeholders in a clear and actionable manner. 10% - Security Awareness: Create and deliver security awareness training for technical and non-technical audiences. Additional Job Description Required Education/Skills/Work Experience: A Bachelor's degree in information security, information assurance, computer science, or a related field with 5 years of IT security experience; or 10 years of hands-on experience in information security or related IT experience required, at least 6 of which must be directly related IT security experience; or a Master's degree in information security, information assurance, computer science, or a related field, and 3 years of IT security experience required. Advanced knowledge of information security principles, risk management, and regulatory compliance (HIPAA, FERPA, NIST, etc.). Strong analytical and problem-solving skills with the ability to make decisions under pressure. Hands-on experience with Crowdstrike EDR, SIEM, IDS/IPS, vulnerability management, and threat intelligence tools. Familiarity with cloud security (Azure, AWS) and identity management solutions. Advanced Understanding on the administration and securing of various operating systems and enterprise applications with advanced security best practices. Excellent written and verbal communication skills, with the ability to translate technical findings into business-relevant language. Mentor junior analysts and contribute to the development of security standards, procedures, and playbooks. Highly Desired Certifications: CISSP, CISM, GIAC, or equivalent. Physical Requirements Mobility & Posture Standing: Continuous Sitting: Continuous Walking: Continuous Climbing stairs: Infrequent Working indoors: Continuous Working outdoors (temperature extremes): Infrequent Working from elevated areas: Frequent Working in confined/cramped spaces: Frequent Kneeling: Infrequent Bending at the waist: Continuous Twisting at the waist: Frequent Squatting: Frequent Manual Dexterity & Strength Pinching operations: Frequent Gross motor use (fingers/hands): Continuous Firm grasping (fingers/hands): Continuous Fine manipulation (fingers/hands): Continuous Reaching overhead: Frequent Reaching in all directions: Continuous Repetitive motion (hands/wrists/elbows/shoulders): Continuous Full use of both legs: Continuous Balance & coordination (lower extremities): Frequent Lifting & Force Requirements Lift/carry 50 lbs. unassisted: Infrequent Lift/lower 50 lbs. from floor to 36”: Infrequent Lift up to 25 lbs. overhead: Infrequent Exert up to 50 lbs. of force: Frequent Examples: Transfer 100 lb. non-ambulatory patient = 50 lbs. force Push 400 lb. patient in wheelchair on carpet = 20 lbs. force Push patient stretcher one-handed = 25 lbs. force Vision & Sensory Maintain corrected vision 20/40 (one or both eyes): Continuous Recognize objects (near/far): Continuous Color discrimination: Continuous Depth perception: Continuous Peripheral vision: Continuous Hearing acuity (with correction): Continuous Tactile sensory function: Continuous Gross motor with fine motor coordination: Continuous Selected Positions: Olfactory (smell) function: Continuous Respirator use qualification: Continuous Work Environment & Conditions Effective stress management: Continuous Rotating shifts: Frequent Overtime as required: Frequent Latex-safe environment: Continuous If you like working with energetic enthusiastic individuals, you will enjoy your career with us! The Medical University of South Carolina is an Equal Opportunity Employer. MUSC does not discriminate on the basis of race, color, religion or belief, age, sex, national origin, gender identity, sexual orientation, disability, protected veteran status, family or parental status, or any other status protected by state laws and/or federal regulations. All qualified applicants are encouraged to apply and will receive consideration for employment based upon applicable qualifications, merit and business need. Medical University of South Carolina participates in the federal E-Verify program to confirm the identity and employment authorization of all newly hired employees. For further information about the E-Verify program, please click here: ***************************************

Primary Responsibilities: Execute and support the Risk Management Framework (RMF) lifecycle including system categorization, control selection, implementation, assessment, and authorization. Develop, maintain, and validate System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, Contingency Plans (CPs), and related compliance documentation. Conduct and lead vulnerability assessments, leveraging tools such as Nessus, ACAS, and Fortify to identify and prioritize remediation efforts. Perform continuous monitoring of security controls and produce metrics, dashboards, and evidence in support of ATO renewals and sustainment. Analyze and respond to security incidents, working with SOC personnel and SIEM tools to evaluate logs, investigate events, and contain potential threats. Conduct internal audits and risk assessments to validate the effectiveness of implemented controls and identify compliance gaps. Provide security guidance to engineering and development teams, ensuring adherence to cybersecurity standards in a DevSecOps environment. Stay informed of evolving threats, vulnerabilities, and regulatory changes to proactively enhance security postures. Coordinate with Security Control Assessors (SCAs), ISSOs, system owners, and federal stakeholders on audit readiness and policy compliance. Draft and enforce cybersecurity policies, SOPs, and standards that support mission-critical systems across hybrid environments. All other duties as assigned by management. Qualifications Bachelor's or Associate's degree in Computer Science, Math, Information Technology, Engineering, or related field. Five (5) years of directly relevant experience may substitute for two (2) years of formal education. Minimum of five (5) years of experience in experience with vulnerability scanning tools and security assessment methodologies. Minimum of five (5) years of experience with network security, firewall management, intrusion detection/prevention systems (IDS/IPS). Minimum of (5) years of experience with Security Information and Event Management (SIEM). Minimum of five (5) years of experience in the risk management framework. Basic knowledge of the following: Active Directory, UNIX, RHEL, Windows, Relational Databases. Previous support of federal government enterprise systems or DHS/DOD programs is strongly preferred. Must have an active DoD Secret Clearance.

MILITARY FRIENDLY & PREFERRED - HOH SPONSOR The Information Systems Security Officer (ISSO) is responsible for supporting the full lifecycle of security assessment and authorization (A&A) activities for information systems. The ISSO ensures that assigned systems comply with federal cybersecurity standards and maintain their Authority to Operate (ATO) through continuous monitoring and documentation. The ISSO will be responsible for developing and providing risk assessments, Security Control Assessments (SCA), A&A documentation and various reports, based on NIST guidelines and client's policies, procedures and request. The ISSO will be responsible for providing security recommendations on any system changes or new technologies, analysis on vulnerability scans, conducting continuous monitoring activities, and provide mitigation recommendations for any risks or threats. RESPONSIBILITIES: Lead and conduct Pre-Security Assessment and Authorization (A&A) activities, including stakeholder identification, change request submissions, appointment memorandums, and IT Security Kickoff meetings. Supports the ISBO in day-to-day IT security activities. Assists the ISBO with reviews of the security posture of the system and report any findings to the ISBO, CISO, and the AO. Conduct Information System Categorization by identifying information types, completing FIPS-199 assessments, and facilitating Business Impact Analyses (BIA), Privacy Threshold Analyses (PTA), and Privacy Impact Assessments (PIA). Develop and maintain system security documentation, including: System Administration Plan (SAM) Configuration Management Plan (CMP) IT Contingency Plan (ITCP) Information Security Continuous Monitoring (ISCM) Plan Incident Response Plan (IRP) Security Assessment Report (SAR) System Security Plan (SSP) Coordinate initial and annual ITCP testing in collaboration with the OCIO Business Continuity and Disaster Recovery (BCDR) Office. Develop and manage inter-agency agreements and documentation such as MOUs, MOAs, ISAs, IT Security Waivers, and Risk Acceptance Memorandums. Document and maintain Security Control Implementation details, ensuring updates are made according to required frequency. Coordinate vulnerability and compliance scans, Security Control Assessments (SCA), and track remediation efforts with the IT Security Test Team. Manage and update Plan of Action and Milestones (POA&M) entries, submitting remediated findings for closure. Prepare and present SAR to Authorizing Officials to obtain or renew ATO. Perform Information Security Continuous Monitoring (ISCM) activities to ensure ongoing compliance and security posture of systems. Develop and update project schedule, including A&A / SCA task and milestones, task dependencies, and personnel resources. Conduct A&A activities and tasks and obtain ATO in line with NIST and client guidance and directives. Determining the baseline IT Security requirements for IT Systems, identifying system boundaries, determining information categories, assisting with FIPS-199. Ensure that IT Systems are operated, used, maintained, and disposed of in accordance with internal security policies and practices. Enforce security policies and safeguards on all personnel having access to the IT System for which the ISSO has responsibility. Ensure users and system support personnel have the required authorization and need-to-know; have been indoctrinated; and are familiar with internal security practices before access to the IT System. Implement security controls based on IT System FIPS categorization. Document security control implementation in the system's Security Plan using the client's GRC tool. Document system's risk assessment per client directives and requirements. Review and monitoring system security and audit logs. Develop and maintain Plan of Actions and Milestones (POA&Ms) for IT systems. Update A&A documentation and artifacts on a regular basis (e.g. annually, after approved change). QUALIFICATIONS: A minimum of five (5) years of demonstrated experience in the Information Security or IT field. Demonstrates a proficiency with developing, maintaining and managing SA&A packages. Experience with developing and managing POA&M's. Strong problem solving and analysis skills, self-motivated, and able to work and communicate in a team environment. Strong understanding of federal cybersecurity frameworks (e.g., NIST RMF, FIPS-199, FISMA). Experience in developing and maintaining security documentation and plans. Possess experience conducting CPT's. Experience conducting audit log reviews. Technical experience with conducting vulnerability management, compliance scanning, and providing mitigation techniques. Excellent communication and coordination skills with technical and non-technical stakeholders. Ability to manage multiple systems and projects simultaneously in a dynamic environment. Excellent communication (written and verbal) skills. CERTIFICATION: A minimum of at least one (1) certification that meet DOD 8570 IAT Level II (e.g., Security+, GSEC, CASP) requirements or any equivalent or more advanced. CLEARANCE: Client Suitability and Public Trust LOCATION and HOURS: Location: Primary location is at Zermount HQ (Arlington, VA) and the Client Site (Washington, D.C.). Remote work is authorized. Onsite work at the primary location., may be occasionally required. Hours of Operation (Business Hours): 8:00 am ET - 5:30 pm ET

Your Role We are seeking a Senior Security Analyst reporting to the Cybersecurity Architecture team that will have a critical role in translating enterprise security standards into actionable technical controls and processes. This position acts as a security subject matter expert, focusing on ensuring the security integrity of technology solutions from the initial phases of a project through deployment. The successful candidate is analytical and detail-oriented, has intellectual curiosity, focus on problem solving, and proactive in adapting and anticipating risks. Why You Belong Here At Victoria's Secret & Co, you'll join a world-leading specialty retail brand recognized globally for innovation and excellence in lingerie and fashion. You'll work alongside industry leaders to set the standard for what a retail brand can achieve, placing customers at the center of everything we do to create products and experiences that bring them joy. We believe everyone deserves a place where they truly belong. We celebrate individuality and know that your passion, experience, and unique perspective strengthen our team and business. Here, you'll be empowered to perform, grow, and engage through unmatched opportunities to develop your skills, gain real-world experience, and learn from the best in the business. Your Impact Architectural Guidance and Review: * Conduct thorough project security assessments (including risk analysis, penetration test coordination, and vulnerability reviews) on existing infrastructure and new application designs. * Develop and socialize robust security requirements and technical specifications for new systems, platforms, and architectural patterns, ensuring alignment with risk, regulatory, and compliance needs. * Diagram and document the security posture of critical enterprise assets, creating clear, technical representations of control mapping, data flow, and threat models. * Inform and update internal security standards and requirements. Security Technology Portfolio: * Research and evaluate the latest security threats, technologies, and industry best practices. * Oversee the effective implementation and maintenance of defined security controls (e.g., identity management, data protection, network segmentation) across various cloud and on-premises environments. Collaboration: * Educate teams on secure design principles, defensive programming techniques, and proper configuration of security tools and services. * Develop and grow relationships with system and technology owners across the business. Ad-hoc duties as assigned Click here for benefit details related to this position. Minimum Salary: $96,500.00 Maximum Salary: $131,775.00 VS&Co provides a range of compensation for this role as shown. Your actual salary will be determined by a number of factors, including: your specific skills and experience, geographic region, or other relevant factors. Qualifications Your Experience Required Qualifications * Strong understanding of IT security concepts and technologies. Have experience with specific security tools and applications, such as firewalls, intrusion detection systems, and vulnerability scanners. * Strong communication skills, the ability to problem solve, and work as part of a team. * Work effectively with other IT and security professionals, as well as business stakeholders. * Experience with security frameworks (e.g., NIST CSF, SABSA, TOGAF) and risk methodologies (e.g., FAIR, OCTAVE). Preferred Qualifications * 5+ years of progressive experience in security, with at least 1 year in a dedicated security architecture role. * Relevant industry certifications such as ISA/IEC 62443 (Cybersecurity Risk Assessment Specialist), CISA (ISACA Certified Information Systems Auditor), CSA CGC (Cloud Security Alliance Cloud Governance and Compliance), GCIP (GIAC Critical Infrastructure Protection) * Bachelor's degree in Computer Science, Information Technology, or a related field; or equivalent practical experience. We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws. Please see links: California Fair Chance Act, Los Angeles Fair Chance Initiative for Hiring Ordinance, Philadelphia Fair Chance Law, San Francisco Fair Chance Ordinance, Los Angeles County Fair Chance Ordinance An equal opportunity employer, we do not discriminate in hiring or terms and conditions of employment because of an individual's race, color, religion, gender, gender identity, national origin, citizenship, age, disability, sexual orientation, marital status or any other protected category recognized by state, federal or local laws. We only hire individuals authorized for employment in the United States.

TO BE CONSIDERED FOR THIS POSITION YOU MUST CURRENTLY HAVE AN ACTIVE TS/SCI WITH POLYGRAPH SECURITY CLEARANCE WITH THE FEDERAL GOVERNMENT. (U.S. CITIZENSHIP REQUIRED). Provides support for a program, organization, system, or enclave's information assurance program. Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed. Assists with the management of security aspects of the information system and performs day-to-day security operations of the system. Evaluate security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support certification and accreditation. Provides configuration management for information system security software, hardware, and finnware. Manages changes to system and assesses the security impact of those changes. Prepares and reviews documentation to include SSPs, Risk Assessment Reports, C&A packages, and SRTMs. Supports security authorization activities in compliance with NIST RMF. The Level 3 ISSO shall possess the following capabilities: Interact with customers, IT staff, and high-level corporate officers to define and achieve required IA objectives Provide daily oversight and direction to contractor ISSOs Serve as an ISSM Qualifications: Fifteen (15) years experience as an ISSO on programs and contracts of similar scope, type, and complexity is required. Experience is to include at least three (3) of the following areas: knowledge of current security tools, hardware/software security implementation; communication protocols; and encryption techniques/tools. Bachelor's degree in Computer Science or related discipline from an accredited college or university is required. DoD 8570 compliance with IAM Level I or higher is required. Four (4) years of additional experience as an ISSO may be substituted for a bachelor's degree. Compensation: We are committed to providing fair and competitive compensation. The salary range for our positions vary depending on accepted contractual position skill level. These salaries fall within the range of $78,000 to $275,000 per year. This range reflects the compensation offered across the locations where we hire. The exact salary will be determined based on the candidate's work location, specific role, skill set, and level of expertise. Benefits: We offer a comprehensive benefits package, including: Health Coverage: Medical, dental, and vision insurance Additional Insurance: Basic Life/AD&D, Voluntary Life/AD&D, Short and Long-Term Disability, Accident, Critical Illness, Hospitalization Indemnity, and Pet Insurance Retirement Plan: 401(k) plan with company match Paid Time Off: Generous PTO, paid holidays, parental leave, and more Wellness: Access to wellness programs and mental health support Professional Development: Opportunities for growth, including tuition reimbursement Additional Perks: Flexible work arrangements, including remote work options Flexible Spending Accounts (FSAs) Employee referral programs Bonus opportunities Technology allowance A diverse, inclusive, and supportive workplace culture

IDEALFORCE has a CONTRACT position available immediately for a IT Security Specialist(ITSS2) to join our customer in Columbus, OH. This is an ONSITE position and require in person interview. Please find below additional details about this job. Job Description Security Consultant to help IT Augment the security staff until OIT can take over all Security related needs for the agency. This position will function as a highly skilled Security Consultant with specific responsibilities that include: -Monitor network and information system activity. -Respond to alerts (analyze, interpret, investigate, resolve) based on monitoring activity, for security (malware, malicious actor), and other purposes (malicious activity, misuse, etc.) Uses creativity and innovation to automate and streamline processes and procedures. -Understands customer support, likes to work with people and can ensure that the customer is satisfied. -Manage, update, modify alerts, adjust/fine tune event correlation rules, etc. (e.g. filter false positives, increase accuracy/relevance/effectiveness), create new rules based on threat changes/evolving risk, etc. -Understanding of basic Networking principles, including network troubleshooting for connectivity issues, DHCP, DNS, use of tools like PING, NSLOOKUP and NETSTAT -Perform specialized security functions (e.g. forensics for incident response). -Perform event correlation, analysis of malicious activity indicators, and appropriate response, based on review and access to multiple security tools and services. -Provide routine security and general support (tickets, ad-hoc requests, etc.) to all DPS departments/users, IT groups/resources, external (other state agencies, public), etc. SPECIAL NOTE: Client is running a 24/7 operation. Consultant may need to come in during incident or emergency situations. During the interview process with the ODPS staff, the resource consultant must demonstrate competence/experience in their specific area(s) of project assignment. The resource's experience must also be documented for review and verification. Offered resources not showing technical or functional competence/experience will be sufficient reason to reject the Offeror's proposal. It is the responsibility of the Offeror to pre-screen their candidates to ensure compliance. Resource will have a background check conducted by ODPS. Qualifications -1-2 Years SIEM (Q-Radar preferred) -8 years customer service experience -8 Years Troubleshooting experience -8+ years knowledge of Networking to including PING, NETSTAT, DHCP, DNS, and NSLOOKUP. -8 years' experience with Active Directory. -4 Years experience with Web and Email Filtering and Security (Ironport) -5+ Years experience with Imperva (DAM/WAF) -1 years of Vulnerability scanning experience (Qualys) -3 years A/V suite experience McAfee -3 years IPS (IBM) -Contributes to continuous process improvements to increase the efficiency of section. -Excellent communication skills both written and oral. -Strong communication/ leadership skills. -Strong influence, collaboration and negotiation experience. -Ability to collaborate with supporting resources across business and/or functional lines. -Have excellent oral and written skills/possess strong meeting and work session facilitation skills. -Have the ability to work independently and as part of a team, the ability to manage time and resources to meet assigned deadlines. -Have strong understanding of prioritization stemming from the elicitation of system and/or user requirements. -Have excellent organizational skills, proven analytical, planning, problem solving, and decision-making skills. -Must be knowledgeable in the English language/speak clearly and understandably use the English language. Desired Skills -Q-Radar -Ironport Web and Email Security -Imperva -Certifications in Microsoft -Powershell 3.0 scripting background. -Qualys -McAfee Enterprise solutions -IPS -Splunk -Other security related tools. -ITIL Knowledge and ITSM Tools. Additional Information Additional Information : - "All your information will be kept confidential according to EEO guidelines". - All candidates who are authorized to work in US are encouraged to apply. - Candidates must clear the Background check prior to commencing the assignment. THIRD PARTY CANDIDATES: Email your candidate/s resume to joseph dot shelton at idealforce.com along with the following details: Rate, Current location and Availability. Disclaimer : The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.

Why PlayStation? PlayStation isn't just the Best Place to Play - it's also the Best Place to Work. Today, we're recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation 5, PlayStation 4, PlayStation VR, PlayStation Plus, acclaimed PlayStation software titles from PlayStation Studios, and more. PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team. The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Group Corporation. Sony Interactive Entertainment LLC seeks a Staff Information Security Analyst in San Mateo, CA to define strategic GRC (Governance, Risk and Compliance) input in global initiatives, including Artificial Intelligence (AI) and Machine Learning (ML) adoption, cloud security, and enterprise wide policies, ensuring resilience while balancing business and regulatory needs. Requires a Master's degree in Cybersecurity, Information Security, or related field or equivalent, and four (4) years of experience conducting risk assessments on critical information systems to maintain and manage risk registers; facilitating the Security Risk Assessment methodology, policy, strategy and process; writing security assessment reports following security breaches and detailing the associated impact; monitoring and reviewing IT Security controls to identify operational effectiveness; mapping security controls to policies, standards, procedures and processes to ensure compliance with security measures; managing security remediation efforts and tracking status of security deficiencies; translating security risk mitigation plans into actionable items to mitigate risk in coordination with technical and business teams; developing and implementing policy frameworks for emerging technologies, including AI/ML and cloud security, with governance and legal stakeholders; applying industry standards including NIST, ISO 27001, and PCI DSS in support of organizational security objectives; supporting the evaluation of third-party vendor security through documentation review and risk assessment; contributing to the enhancement of vendor onboarding and compliance workflows; and, in executing duties, utilizing Archer GRC, ServiceNow, Splunk, JIRA, Confluence, SharePoint, Palo Alto Prisma Cloud and AWS. Telecommuting and/or working from home may be permissible pursuant to company policies. Sony is an EOE. Salary range: $185,639.00 - $261,000.00/year Equal Opportunity Statement: Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category. We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond. PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.

The Information Security Specialist/Analyst III reports to the Manager, Security Operations. Under indirect supervision, the Information Security Specialist/Analyst III provides a variety of operational, compliance, and consultative functions. This position designs, implements, manages, and monitors technical, administrative, and physical controls to protect the confidentiality, integrity, and availability of the organization's information assets. This role may be required to provide rotating 24x7 on-call support. Entity Medical University Hospital Authority (MUHA) Worker Type Employee Worker Sub-Type Regular Cost Center CC005101 SYS - IS Tidelands Integration Pay Rate Type Salary Pay Grade Health-29 Scheduled Weekly Hours 40 Work Shift We are seeking a highly skilled and experienced Senior Information Security Analyst to join our team. This role is critical in safeguarding our complex healthcare IT environment and ensuring compliance with industry standards. Key Responsibilities: 45% - Network Security Monitoring and Incident Response: * Serve as a lead escalation point for security incidents, overseeing detection, investigation, containment, and remediation within a CrowdStrike EDR environment across a healthcare infrastructure. Experience with Microsoft Defender for Endpoint EDR is also desired. * Analyze findings from security monitoring systems, including Intrusion Detection/Prevention Systems (ID/PS) and Security Information Event Management (SIEM) consoles, to identify and respond to potential security incidents and data breaches. * Perform cyber security incident handling, tracking and reporting. * Utilize professional judgment and institutional knowledge to assess risk levels, conduct forensic investigations, isolate malware, identify attack vectors, provide guidance on remediation planning, and prioritize remediation efforts. * Respond to relevant service requests received from end users (e.g. for investigation of security events). * Collaborate with internal Security Operations Center (SOC) teams and external Managed Security Service Providers (MSSPs) to contain and remediate security incidents. 20% - Security Technology management: * Configure, manage, and optimize SIEM platforms (Crowdstrike and/or Microsoft Sentinel) to enhance threat detection and response capabilities. * Lead and manage large scale security-related projects, including tool implementations, upgrades, and process improvements. 10% - Vulnerability Management: * Conduct vulnerability assessments to identify security risks and report findings to system owners. * Manage workflows to ensure that protected assets are properly assessed in a timely manner. 15% - Threat Analysis * Continuously evaluate and update analytics to counter evolving Threat Actor tactics, techniques, and procedures (TTPs). * Perform risk assessments and translate business requirements into effective security controls. * Maintain comprehensive documentation and present findings to stakeholders in a clear and actionable manner. 10% - Security Awareness: * Create and deliver security awareness training for technical and non-technical audiences. Additional Job Description Required Education/Skills/Work Experience: * A Bachelor's degree in information security, information assurance, computer science, or a related field with 5 years of IT security experience; or 10 years of hands-on experience in information security or related IT experience required, at least 6 of which must be directly related IT security experience; or a Master's degree in information security, information assurance, computer science, or a related field, and 3 years of IT security experience required. * Advanced knowledge of information security principles, risk management, and regulatory compliance (HIPAA, FERPA, NIST, etc.). * Strong analytical and problem-solving skills with the ability to make decisions under pressure. * Hands-on experience with Crowdstrike EDR, SIEM, IDS/IPS, vulnerability management, and threat intelligence tools. * Familiarity with cloud security (Azure, AWS) and identity management solutions. * Advanced Understanding on the administration and securing of various operating systems and enterprise applications with advanced security best practices. * Excellent written and verbal communication skills, with the ability to translate technical findings into business-relevant language. * Mentor junior analysts and contribute to the development of security standards, procedures, and playbooks. Highly Desired Certifications: * CISSP, CISM, GIAC, or equivalent. Physical Requirements * Mobility & Posture * Standing: Continuous * Sitting: Continuous * Walking: Continuous * Climbing stairs: Infrequent * Working indoors: Continuous * Working outdoors (temperature extremes): Infrequent * Working from elevated areas: Frequent * Working in confined/cramped spaces: Frequent * Kneeling: Infrequent * Bending at the waist: Continuous * Twisting at the waist: Frequent * Squatting: Frequent * Manual Dexterity & Strength * Pinching operations: Frequent * Gross motor use (fingers/hands): Continuous * Firm grasping (fingers/hands): Continuous * Fine manipulation (fingers/hands): Continuous * Reaching overhead: Frequent * Reaching in all directions: Continuous * Repetitive motion (hands/wrists/elbows/shoulders): Continuous * Full use of both legs: Continuous * Balance & coordination (lower extremities): Frequent * Lifting & Force Requirements * Lift/carry 50 lbs. unassisted: Infrequent * Lift/lower 50 lbs. from floor to 36": Infrequent * Lift up to 25 lbs. overhead: Infrequent * Exert up to 50 lbs. of force: Frequent * Examples: * Transfer 100 lb. non-ambulatory patient = 50 lbs. force * Push 400 lb. patient in wheelchair on carpet = 20 lbs. force * Push patient stretcher one-handed = 25 lbs. force * Vision & Sensory * Maintain corrected vision 20/40 (one or both eyes): Continuous * Recognize objects (near/far): Continuous * Color discrimination: Continuous * Depth perception: Continuous * Peripheral vision: Continuous * Hearing acuity (with correction): Continuous * Tactile sensory function: Continuous * Gross motor with fine motor coordination: Continuous * Selected Positions: * Olfactory (smell) function: Continuous * Respirator use qualification: Continuous * Work Environment & Conditions * Effective stress management: Continuous * Rotating shifts: Frequent * Overtime as required: Frequent * Latex-safe environment: Continuous If you like working with energetic enthusiastic individuals, you will enjoy your career with us! The Medical University of South Carolina is an Equal Opportunity Employer. MUSC does not discriminate on the basis of race, color, religion or belief, age, sex, national origin, gender identity, sexual orientation, disability, protected veteran status, family or parental status, or any other status protected by state laws and/or federal regulations. All qualified applicants are encouraged to apply and will receive consideration for employment based upon applicable qualifications, merit and business need. Medical University of South Carolina participates in the federal E-Verify program to confirm the identity and employment authorization of all newly hired employees. For further information about the E-Verify program, please click here: ***************************************

Title: Information Security SME/Developer with .NET development Duration : 5 Months contract (High possibility of Extension) Interview Type: Both iLinc Web Cam and In Person Interview Skills Required Experience working in Microsoft Identity Integration Server (MIIS) 2003 Required 2 Years Experience with Identity Lifecycle Manager (ILM) 2007 Required 2 Years Experience with Forefront Identity Manager (FIM) 2010 including design and implementation Required 2 Years Experience and strong development skills in the MS Metadirectory Services Namespace in C# Required 2 Years .NET development experience Required 5 Years Thanks Naimesh Solanki Sr. Technical Recruiter Phone: ************ x 6578 Qualifications Experience working in Microsoft Identity Integration Server (MIIS) 2003 Required 2 Years Experience with Identity Lifecycle Manager (ILM) 2007 Required 2 Years Experience with Forefront Identity Manager (FIM) 2010 including design and implementation Required 2 Years Experience and strong development skills in the MS Metadirectory Services Namespace in C# Required 2 Years Additional Information All your information will be kept confidential according to EEO guidelines.

United Community is seeking an experienced Information Security Controls Analyst to serve as a subject matter expert in evaluating and strengthening our cybersecurity and technology controls. This role plays a critical part in assessing risk exposure, recommending control improvements, and ensuring alignment with regulatory standards and business risk tolerance. You'll collaborate with enterprise risk, compliance, and legal teams to provide visibility into our risk posture and drive meaningful change across the organization. What You'll Do Review and document the adequacy of security and technology controls across business and IT environments. Evaluate control posture through interviews, documentation reviews, and workflow analysis. Recommend and support implementation of risk reduction strategies via policies, procedures, and technical controls. Partner with risk management and security leadership to align controls with organizational risk tolerance. Identify control strengths and weaknesses related to privacy, security, resiliency, and compliance. Document and advocate for control improvements that balance risk with operational efficiency. Support control development across testing, QA, and production environments. Present control effectiveness reports to senior risk leadership. Stay current on regulatory requirements, internal policies, and industry best practices. Requirements For Success Experience: 3+ years in cybersecurity or IT practitioner roles. 2+ years in IT risk or controls analysis. Practical experience with risk management and IT control frameworks. Education: Bachelor's degree preferred in Information Assurance, Computer Science, Engineering, or a related technical field. Required Skills: Strong understanding of risk frameworks (CRI, COSO, RMF, COBIT, NIST). Familiarity with regulatory standards (PCI, FFIEC, SOX, HIPAA, GDPR, CCPA, GLBA). Experience with CIS CSC, ISO 2700, or NIST CSF. Excellent written and verbal communication across all organizational levels. Strong organizational skills and ability to meet SLAs. Sound judgment and decision-making in complex scenarios. High integrity, trustworthiness, and adaptability. Preferred Skills: Certifications such as CISSP, CISA, CRISC, or CISM. Technical experience with enterprise networks, applications, and directory services. Familiarity with enterprise GRC platforms. Conditions of Employment Must be able to pass a criminal background & credit check This is a full-time, non-remote position FLSA Status: Exempt We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state, or local protected class. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Pay Range USD $49,972.00 - USD $76,958.00 /Yr.

Join a team dedicated to making a real difference in the lives of our community. Our Mission at Friendship Village of Dublin is “To care for, engage, and inspire our community to reimagine and maximize quality of life at every age” . At Friendship Village our Values Drive us to RISE to any Occasion Values: Respect Integrity and Innovation Stewardship Excellence We are seeking a Information Security & Systems Analyst to contribute to our mission by: The Entry to Mid-Level System Analyst performs security, compliance and administration of systems and is responsible for the design, installation and management, configuration and reliable operation of security/compliance mechanisms, systems and policies that protect the computer network and information systems against cyber events. Participate in research and development to continuously improve and keep up with the IT business needs of the organization. Actively resolve problems and issues with computer and server systems to limit work disruptions within the company. Essential Duties: Design, install and manage security mechanisms that protect the computer network and information systems against threats including but not limited to hackers, breaches, viruses and spyware. Educate and provide awareness to users regarding security policies and procedures as well as threats. Develop and maintain security policies and guidelines around information classification, system integrity, incident response and user access. Monitor, audit and review systems for and identify violations or attempted violations of security procedures, processes and access. Plan and implement appropriate measures to safeguard data from accidental or unauthorized modification, destruction or disclosure. Respond to incidents, investigate potential incidents and recommend enhancements to close potential security gaps and serve as a backup to other members of the Technology department. Responsible for post breach/data loss activities including but not limited preservation of evidence, review of data to determine scope and support of legal and other processes. Participate in supporting efforts, making sure all networks, systems, applications, servers, technology tools and related equipment problems are resolved in a timely manner with limited disruptions. Monitor performance and maintain systems according to requirements. Ensure security through access controls, backups and firewalls. Recommend when to upgrade systems with new releases and models. Timely completion of IT Projects. All other duties as assigned. Information Security & Systems Analyst Responsibilities: Safeguard and help prevent cyber-attacks: Implement industry best practices for cyber security. Be up to date about the latest security trends and newest security technology. Assist other technical support staff in identifying and implementing appropriate security safeguards, including patch applications and anti-malware strategies. Operate, administer and monitor network and host-based intrusion detection/prevention systems. Ensure ongoing compliance with industry standards for information security: Participating in risk assessments to identify potential security threats Conducting employee training on security policies and responsibilities Auditing IT systems to ensure compliance with regulations. Reporting security breaches to management for prompt resolution. Collaborating with vendors to ensure proper data handling security measures. Monitoring compliance with state and federal data privacy and security regulations. Developing policies and procedures for maintaining data security. Monitor and report on devices and networks including: Maintain, configure, secure and provide reliable operation of computers systems, network servers, and virtualization. Network switch and firewall health Internet traffic and usage metrics Design and install network devices and systems (including maintaining current software versions on all network equipment) Demonstrates ability to independently troubleshoot and diagnose network, telephone, Internet, Wi-Fi, network. Assists with work order requests: Helps the IT Team meet service levels of quality and responsiveness: Satisfaction goal of 90% 2-business-day response time (resolution time dependent on issue SLA) Creates, updates and closes tickets in incident management system. Qualifications: • Bachelor's degree in computer science, programming, or a related field or equivalent industry experience. • 2-4 Years of Security or Systems Analyst experience REQUIRED NON TECHNICAL QUALIFICATIONS • Must have the ability to work under pressure, without constant direction and to react in a positive and spontaneous manner to the needs of residents, staff, visitors, and vendors. • Must be able to independently handle multiple simultaneous tasks, following specific instructions carefully and general instructions completely. • Excellent communication skills • Resourcefulness and problem-solving aptitude • Self-starter mentality willing to make constant improvements in the technical support process. • Takes pride and ownership of the support role. • Excellent customer service and communication skills • Ability to assess resident and staff complaints and resolve disputes in a friendly professional manner. REQUIRED TECHNICAL QULAIFICATION • Strong understanding of cybersecurity tools, concepts and best practices. • Knowledge of information security frameworks (e.g.,HIPAA, NIST) and relevant regulations. • Knowledge of Windows Operating Systems - Desktop (10 and 11) and Server (2016+) • Windows desktop device configuration, management, and operation. • IOS Device configuration, management, and operation. • Networking Concepts and basic troubleshooting (DNS, DHCP, IP Addressing). • Switching and Routing Concepts (basic troubleshooting and configuration). • Meraki Network and Camera Equipment • VOIP/PBX • Demonstrated working in a helpdesk ticketing environment.