Senior Information Security Consultant remote jobs

Senior Cyber Security Analyst (3rd Party Vendor Security Assessment) required to join an international end user in a long-term freelance contract in Denver, Colorado. Excellent rates, remote working, & long-term assignment. Key Responsibilities: Work with IT and business teams to spot cybersecurity risks in current and upcoming projects. Review third-party security practices to ensure they meet the organization's risk and compliance expectations. Assess vendor and partner risk using questionnaires, industry best practices, and internal security standards. Recommend practical ways to eliminate or reduce security risks, and clearly communicate those recommendations to internal teams and external partners. Key Criteria: Experience in cybersecurity risk management or IT security controls (design or audit). Bachelor's degree in information systems, computer science, or a related field preferred. Security certifications such as CISSP, CISM, CISA, or CRISC preferred; GSEC, Security+, or similar also valued. Familiarity with key security and compliance frameworks (e.g., SOC 1/2, ISO 27000, NIST CSF) and major privacy and regulatory requirements (e.g., SOX, PCI-DSS, GDPR). Open to US Citizens or Green Card Holders within Denver, US - ONLY

Our client Dscout is a flexible Experience Research Platform for capturing in-context insights from high-quality participants, bridging the gap between product teams and users. Leading brands like Sonos, Spotify, Duolingo and Best Buy use Dscout to test ideas, iterate quickly, collaborate, and build confidently. We are expanding our smart and driven team and would love for you to join us. We are looking for a Cybersecurity Engineer to become a part of the Cybersecurity team reporting to the VP, Compliance and Information. The Cybersecurity Engineer will contribute to reducing risk within the Dscout SaaS environment and internal IT systems. This includes planning and implementing cybersecurity controls, supporting cybersecurity operations, and monitoring the threat landscape. This role will ensure Dscout controls operate effectively over time. What You Will Do Lead the process to build security into the Dscout SaaS environment. This includes applying security throughout the software development lifecycle. Collaborate with Engineering to plan and implement cybersecurity controls to protect the SaaS environment. This includes applying leading practices to secure AWS resources (e.g., VPCs, EC2 instances, and containers). Continually enhance security monitoring of the SaaS environment and internal IT services by implementing SIEM and working with Engineering to continuously improve logging and auditability. Assess evolving threats and develop recommendations to mitigate risk to Dscout. You will provide weekly threat intelligence reports highlighting potential risk to the organization. Work side-by-side with Engineering to analyze, contain, and mitigate cyber attacks and other related incidents. Perform vulnerability monitoring and, where appropriate, ensure remediation. Participate in the development of security policies and processes. Assist third party risk reviews. Provide recommendations to continually improve security controls. Assist in development of security programs and efforts to promote security awareness. What you need to have (we can call them Desired Skills and Background): Experience working with developers to conduct security reviews and provide strong recommendations to manage risk. This includes a strong understanding and practical use of OWASP Top 10 (web and AI). Experience securing AWS cloud environments and infrastructure as code solutions such as Terraform. Proven ability to implement security monitoring tools such as Datadog. This includes the ability to identify relevant scenarios and ensure proper logging. Experience responding to cyber attacks such as bots and account compromise as well as threats like data leakage and infected computers. Strong knowledge of cloud computing environments. Working knowledge of security in software development and continuous integration/continuous delivery (CI/CD). Experience documenting and implementing security policies and processes. Knowledge of security frameworks and standards: ISO 27001, NIST, or SANS preferred. Experience with HITRUST and/or SOC 2 certification is preferred. Good communication, documentation and presentation skills. Limitless curiosity and insatiable appetite to understand human behavior and relevant technologies. Background Bachelor's degree is preferred CISSP, CCSP, or GIAC security certification preferred A minimum of 3 years of security experience Of course, what is outlined above is an ideal set of expectations, but things may shift based on business needs, and other projects and tasks could be added at the discretion of your manager. About Dscout Dscout is a team of passionate, empathetic, and curious professionals. As a recognized leader in the Forrester Wave, we're at the cutting edge of experience research technology. The power of research drives us-how in-context insights from real people can build more enjoyable products and services. We prioritize learning, sharing, and building. We also deeply value being a diverse and inclusive team and company and look for team members who align with that belief. Join our dynamic team and help shape product roadmaps and business strategies for the world's most loved brands. It doesn't stop there. When you join the Dscout team, you will get: * A strong and competitive compensation package with a built-in bonus and equity program. * An incredible and progressive benefits package (for both you and your dependents) to support work/life balance, including flexible PTO, 16 company holidays, 12 weeks of paid parental leave, 401k match, and much more. * An education stipend to support your growth & development and a remote work stipend. * A company that is open and transparent with our team. You will know what is happening and why it matters. Dscout is an equal-opportunity employer that values diversity. We do not discriminate based on identity, including race, color, religion, national origin or ancestry, sex, gender identity and expression, age, physical or mental disability, pregnancy, veteran or military status, unfavorable discharge from military service, genetic information, sexual orientation, marital status, order of protection status, citizenship status, arrest record or expunged or sealed convictions, or any other legally recognized protected basis under federal, state, or local law. If you need reasonable accommodations for any part of the employment process, please email us at accommodations@dscout.com with the nature of your request and your contact information. We'll do all we can to ensure you're set up for success during our interview process while upholding your privacy, including accommodation requests. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address. When you apply at Dscout, we will process your job applicant data, including your employment and education history, transcript, writing samples, and references, as necessary to consider your job application for open positions. For more information about our privacy practices, please visit our Privacy Policy. Dscout participates in the E-Verify program in certain locations, as required by law. NOTE: DSCOUT NEVER CONTACTS JOB APPLICANTS VIA TEXT, MESSENGER, OR OTHER SIMILAR APPLICATIONS. BE AWARE OF PHISHING AND SPOOFING SCAMS, BOTH VIA TEXT AND EMAIL. ONLY RESPOND TO EMAILS FROM DSCOUT.COM #BI-Remote #LI-Remote

IF YOU DO NOT HAVE THE REQUIRED BACKGROND IN THE U.S. COMMERCAL NUCLEAR INDUSTRY, PLEASE DO NOT APPLY. Immediate opening for a Cyber Security Engineer with commercial nuclear background, to perform design modifications (involving digital upgrades) as well as preparing cyber assessments on those digital components. Prefer direct/perm hire, will consider contract. This person will be the go-to individual for Cyber related projects. Must be familiar with NEI-08-09, EPRI graded approach, have digital mod experience, and extensive understanding of plant SSC (Safety Classification of Structures, Systems, and Components). Site Cyber qualifications to perform CSAT (Cyber Security Assessment Team) would be a plus. Compensation based on experience, but likely in the 140K-$160K range. JSG offers medical, dental, vision, life insurance options, short-term disability, 401(k), weekly pay, and more. Johnson Service Group (JSG) is an Equal Opportunity Employer. JSG provides equal employment opportunities to all applicants and employees without regard to race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, marital status, protected veteran status, or any other characteristic protected by law. #D650

Our client is building the infrastructure for a more trustworthy internet. We are looking for a Smart Contract Security Engineer. In this role, you wont just audit code, you'll shape the security model for high-value protocols and safeguard the trust of an entire ecosystem. You'll work at the intersection of cutting-edge research, high-stakes engineering, and adversarial thinking, building defences for decentralized systems. This is a full-time position, fully remote or located with our primarily Seattle-based team. What You Will Do Lead design and security reviews of complex staking, reward distribution, and protocol contracts Build tooling, fuzzers, and formal verification pipelines to identify vulnerabilities before attackers do Collaborate directly with protocol researchers and engineers to harden new features from inception Read, interpret, and refine formal verification specifications to ensure they capture critical security properties Work closely with product and leadership teams to set on-chain strategy and roadmaps This is a unique opportunity to create a new paradigm of permissionless innovation and have outsized impact on the protocol and broader ecosystem. What You Will Bring Deep understanding of blockchain fundamentals, EVM, and common vulnerabilities Experience with developer tools for smart contract development (e.g., Hardhat, Foundry) Passion for collaborating with developers, security auditors, and stakeholders Strong testing skills and experience with testing frameworks for smart contracts Experience with production deployments of non-trivial protocols and associated security audits Ability to collaborate with cross-functional and geographically remote teams For more information, please contact **************************

We are seeking an OT Security Architect to work remotely. This position will be responsible for safeguarding our operational technology infrastructure. This role offers the flexibility to work remotely with periodic travel to our manufacturing sites. First Quality is a growing manufacturing organization that has defined security as one of its key business values. Joining our team will provide you with unique personal and professional growth opportunities where you'll be hands-on and securing cutting-edge industrial automation and technologies contributing to a growing field where cybersecurity directly protects critical processes, manufacturing, and safety. Primary responsibilities include: • Primarily responsible for OT security event monitoring, management, and response • Create an IS reference architecture for our OT networks • Work with OT engineering team, as well as with SOC team and verify that the reference architecture fits the business processes and requirements • Work with OT engineering teams for defining security controls for their on-going projects • Provide technical guidance to the GRC team with assessing OT 3rd party vendor and supply chain • Integrate with OT engineering projects and verify that the required IS controls are properly implemented • Revise and develop processes to strengthen the current OT Security Operations Framework, review policies and highlight the challenges in managing SLAs • Perform threat management, threat modeling, identify threat vectors and develop use cases for OT security monitoring including red\blue penetrations tests • Responsible for developing, configuring, and maintaining OT security automation and orchestration IR's and tools. • Creation of reports, dashboards, metrics for OT security operations and presentation to Sr. Mgmt. • Create required standards and procedures (i.e. IS purchasing standard, sanitization process) in coordination with all relevant stakeholders The ideal candidate should possess the following: • Minimum of five (5) years of professional experience in OT security and operations. • Knowledge of controls and automation equipment and principles (i.e. PLCs, SCADA, DCS, HMIs, VFDs, etc.) • Familiarity with security frameworks and standards such as NIST, ICS Mitre ATT&CK, and IEC 62443 • Experience in defining and implementing security controls for OT engineering projects. • Experience managing projects with the abilities to prioritize tasks and manage time effectively. • Experience in developing, configuring, and maintaining OT security automation and orchestration tools. • Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field. In lieu of degree, related experience will be considered. • Background in manufacturing controls is preferred What We Offer You We believe that by continuously improving the quality of our benefits, we can help to raise the quality of life for our team members and their families. At First Quality you will receive: • Competitive base salary and bonus opportunities • Paid time off (three-week minimum) • Medical, dental and vision starting day one • 401(k) with employer match • Paid parental leave • Child and family care assistance (dependent care FSA with employer match up to $2500) • Bundle of joy benefit (years' worth of free diapers to all team members with a new baby) • Tuition assistance • Wellness program with savings of up to $4,000 per year on insurance premiums • ...and more! First Quality is committed to protecting information under the care of First Quality Enterprises commensurate with leading industry standards and applicable regulations. As such, First Quality provides at least annual training regarding data privacy and security to employees who, as a result of their role specifications, may come in to contact with sensitive data. First Quality is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, sexual orientation, gender identification, or protected Veteran status. For immediate consideration, please go to the Careers section at ******************** to complete our online application.

Information Technology at Procter & Gamble is where business, innovation and technology integrate to build a competitive advantage for P&G. Our mission is clear -- we deliver IT to help P&G win with the over 5 billion consumers we serve worldwide. Our IT professionals are diverse business leaders who apply IT expertise to deliver innovative, tech-focused business models and capabilities for our 65 iconic, trusted brands. From Day 1, you'll be trusted to dive right in, take the lead, use your initiative, and build billion-dollar brands that help make everyday activities easier and make the world a better place! Our company offers purposeful work that will take your career places you never envisioned, in creative workspaces where innovation thrives and where your technical expertise is recognized and rewarded. The Opportunity P&G is seeking a Governance, Risk, and Compliance Director passionate about safeguarding data, enabling business through smart risk management, and shaping the future of cybersecurity. The IT Governance, Risk, and Compliance (GRC) Organization at Procter & Gamble is responsible for risk identification, assessment, and remediation across the IT landscape, as well as driving automated governance and compliance breakthroughs. As the GRC expert, you'll play a critical role in maturing and maintaining the security risk and compliance posture of our organization. You will lead initiatives that align our security program with business goals, ensure regulatory and policy compliance, and creatively solve problems to manage risk for the company. Responsibilities: + Governance: + Maintain and evolve the information security policy framework and controls aligned with industry best practices (e.g., NIST, ISO 27001, CIS). + Establish and track metrics to measure policy adherence and program maturity. + Drive internal alignment on security roles, responsibilities, and expectations. + Risk Management: + Manage the enterprise risk management process including risk identification, analysis, treatment planning, and reporting. + Conduct security risk assessments for internal systems, projects, vendors, and business processes. + Facilitate risk-based decision-making at all levels of the organization. + Compliance: + Ensure ongoing compliance with applicable regulations and frameworks (e.g., GDPR, HIPAA, CCPA, SOX). + Maintain a library of evidence and documentation to support audit and regulatory needs. + Monitor the effectiveness of IT controls and identify gaps in compliance. Analyze control measurements for negative trends and reoccurrence frequency. Collaborate with internal/external auditors on compliance audits, audit findings, and issue remediation + Awareness & Enablement: + Contribute to the continuous improvement of the risk and compliance mindset across P&G. Build IT risk awareness by providing support and training to others. + Collaborate cross-functionally with IT, Legal, Privacy, and Business Operations teams. + Stay up to date with how current events, security focus areas, and the regulatory environment may impact P&G's compliance processes Estimated Percent of Time Spent on Work 25% - Risk identification, analysis, and assessment 40% - Plan and drive enterprise-wide initiatives to reduce risk and improve compliance across the organization 25% - Assess and improve the effectiveness of IT controls and compliance across the enterprise 10% - Collaboration with internal/external auditors, driving a risk-aware compliance mindset Job Qualifications Required: + Bachelor's degree in Computer Science, Computer Systems Engineering, Cybersecurity, Industrial Engineering, Business Management Information Systems, Software Development, or related field + Prior hands on experience working in a security-focused role, such as Information Security Analyst, SOC Analyst, Security Engineer, etc. + 8+ years of experience in Governance, Risk, and Compliance with a focus on Information Security + In-depth knowledge of major security frameworks (e.g., NIST CSF, ISO 27001, SOC 2). + Experience conducting risk assessments, audits, and control testing. + Strong understanding of regulatory compliance requirements (e.g., GDPR, HIPAA, SOX, PCI DSS). + Proven ability to write policies, manage documentation, and communicate clearly to both technical and non-technical stakeholders. + Ability to influence and build relationships with business unit stakeholders, external service providers, and architecture teams. + The ability to work independently, collaborate, and learn quickly. + English fluency (speak, write, and read) Preferred Skills: + Certified in CISSP, ISACA CRISC, CGEIT, CISA, or similar Pay Range: $160,000 - $220,000 Compensation for roles at P&G varies depending on a wide array of equal opportunity factors including but not limited to the specific office location, role, degree/credentials, relevant skills, and level of experience. At P&G compensation decisions are dependent on the facts and circumstances of each case. Total rewards at P&G include salary + bonus (if applicable) + benefits. Your recruiter may be able to share more about our total rewards offerings and the specific salary range for the relevant location(s) during the hiring process. Our company is committed to providing equal opportunities in employment. We value diversity and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Immigration Sponsorship is not available for this role. For more information regarding who is eligible for hire at P&G along with other work authorization FAQ's, please click HERE (******************************************************* . P&G participates in e-verify as required by law. Qualified individuals will not be disadvantaged based on being unemployed. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Job Schedule Full time Job Number R000136880 Job Segmentation Experienced Professionals Starting Pay / Salary Range $160,000.00 - $220,000.00 / year

About Extend: Extend is revolutionizing the post-purchase experience for retailers and their customers by providing merchants with AI-driven solutions that enhance customer satisfaction and drive revenue growth. Our comprehensive platform offers automated customer service handling, seamless returns/exchange management, end-to-end automated fulfillment, and product protection and shipping protection alongside Extend's best-in-class fraud detection. By integrating leading-edge technology with exceptional customer service, Extend empowers businesses to build trust and loyalty among consumers while reducing costs and increasing profits. Today, Extend works with more than 1,000 leading merchant partners across industries, including fashion/apparel, cosmetics, furniture, jewelry, consumer electronics, auto parts, sports and fitness, and much more. Extend is backed by some of the most prominent technology investors in the industry, and our headquarters is in downtown San Francisco. What You'll Do: Serve as a core member of Security Operations, monitoring and triaging alerts from platforms such as SentinelOne and Wiz. Perform end-to-end investigations to identify, contain, and remediate threats and incidents, driving timely, appropriate response. Proactively identify and assess vulnerabilities in infrastructure and code, working with development and other cross functional teams to address issues. Contribute to the end-to-end detection lifecycle: model attacker behaviors (MITRE ATT&CK), write and test detections as code across security programs and tooling (SentinelOne, Wiz, Okta, AWS CloudTrail), and continuously enrich to reduce false positives and improve MTTD. Support data quality and telemetry onboarding, maintain response playbooks, and provide threat validation assistance across the business. Assist teams with the application of secure configuration baselines and best practices in accordance with CIS Benchmarks, NIST, vendor hardening guides, and applicable compliance standards across all company computing assets. Correlate endpoint and infrastructure telemetry to identify emerging threats. Curate and operationalize intelligence (IOCs, TTPs) into detections and response playbooks, and maintain vetted intelligence feeds. Assist GRC initiatives by mapping controls to internal policies and frameworks (e.g., SOC 2, NIST CSF, NYC DFS 500), identifying gaps, supporting audits and evidence collection, tracking remediation, and maintaining policies and control documentation. Work with engineering and business teams to champion security best practices, communicate risks to accountable owners, and assist with mitigation planning and execution. What We Are Looking For: 3+ years experience in a Security Analyst / Security Operations role 3+ years experience with AWS CloudFormation, or other infrastructure-as-code systems (like Terraform) 3+ years experience or certification in AWS serverless technologies (API Gateway, Lambda, S3, DynamoDB) Certifications (one or more preferred): CISSP, CCSP, GIAC (GCIH/GCIA/GMON/GCED/GCFA/GREM), cloud security (AWS or cloud agnostic security specialty) or equivalent experience. Proficiency with hands on management and use of SIEM, CNAPP, EDR, Vulnerability Management tooling, and Detection Engineering strategies. Proficiency with AI technologies and the corresponding threat landscape and strategies for mitigation. Understands agentic workflows such as AWS Bedrock, MCP based workflows (or similar technologies) Working Knowledge of best practices around security roles and responsibilities for AWS IAM Experience working with observability services and tooling (including Coralogix, CloudWatch, OpenTelemetry) Ability to perform in a high energy environment with dynamic job responsibilities and priorities Nice to Haves: Experience with AWS Cloud Development Kit(CDK) Experience with Mastra AI Expected Pay Range: $157,000 - $182,000 per year salaried* * The target base salary range for this position is listed above. Individual salaries are determined based on a number of factors including, but not limited to, job-related knowledge, skills and experience. Life at Extend: Working with a great team from diverse backgrounds in a collaborative and supportive environment. Competitive salary based on experience, with full medical and dental & vision benefits. Stock in an early-stage startup growing quickly. Generous, flexible paid time off policy. 401(k) with Financial Guidance from Morgan Stanley. Extend CCPA HR Notice

OppFi is a leading tech-enabled digital finance platform that works with banks to provide financial products and services for everyday Americans. Through a transparent and responsible platform, which includes financial inclusion and excellent customer experience, the Company supports consumers who are turned away by mainstream options to build better financial health. We are a team of caring, innovative, and inclusive individuals who thrive in being immersed in diverse talents, expertise, perspectives, and backgrounds. Our employees approach every new challenge with an unparalleled ability to see what could be rather than settle for what is. Our business principles guide us and create an open and collaborative culture where we improve 1% every day, and the best ideas always win! We welcome individuals who want to make an impact in the financial system by facilitating credit access, expanding financial inclusion, promoting financial health, and delivering exceptional customer service. A few other fun facts about us. OppFi is one of the top consumer-rated financial platforms online, maintaining a 4.5/5.0-star rating on Trustpilot. We are a 2025 Crain's Fast 50™ company and were named on Built In's 2025 Best Places to Work in Chicago. Senior Security Analyst III As Senior Information Security Analyst III, you will be a key contributor to our day-to-day security operations, assisting with threat monitoring, incident triage, vulnerability remediation, and GRC activities. This role is an excellent opportunity for someone with security experience who is eager to grow their skills in risk management, cloud environments and security best practices. You will work closely with senior team members and various OppFi internal teams to ensure our environment maintains security, visibility, and compliance standards. What you get to do: Information Security Risk Management: Own the security review and assessment process evaluating the risk associated with introducing new applications/tools into the environment. Assist with security risk management activities, including the analysis, quantification, and tracking of information security risks, plus the review and documentation of risk exception requests. Policy and Compliance Analysis: Identify emerging compliance requirements and assess their impact on our policies. Develop and refresh our policies, procedures, standards, and guidelines to stay compliant and aligned with industry best practices. Governance Visibility: Design and maintain dynamic dashboards or scorecards that offer clear insights into Information Security Governance activities, demonstrating our commitment to security and compliance. Security Operations & Incident Support Monitor security alerts from various tools (SIEM, EDR, cloud logs) and support the triage of potential security incidents by gathering initial data and escalating to senior engineers as needed. Assist in the execution of security incident response playbooks, focusing on initial steps like investigation, basic containment, and documentation. Contribute to the documentation and tracking of security incidents to support audit and compliance requirements. Support the monitoring and logging strategy by assisting with the configuration and tuning of SIEM (Security Information and Event Management) alerts and reports. Perform regular log review and analysis for suspicious activities under the guidance of senior staff. Improvement & Collaboration Contribute to the development and maintenance of operational playbooks and documentation for security processes. Learn to deploy and manage new security tools and assist in the development of basic threat detection logic. Develop basic security performance metrics and assist with reporting to measure the effectiveness of security controls. Performs other related duties as assigned. What you will bring to the team: 3-5 years of professional experience in Information Security or IT Risk Management, with a background supporting IT compliance programs to meet regulatory requirements and demonstrated expertise in at least one of the following areas: Security Operations, Incident Response, or Vulnerability Management. Experience with Security and control frameworks, such as FFIEC, NIST, COBIT, ITIL, and ISO control framework EDR platforms (e.g., CrowdStrike, Defender for Endpoint, SentinelOne) SIEM/SOAR tools (e.g., Sumo Logic, Splunk, Chronicle, or Azure Sentinel) CSPM tools (e.g., Wiz, Prisma, Orca) Vulnerability management platforms (e.g., Qualys, Tenable, Rapid7) Experience identifying potential IT controls risks and opportunities through and offering sustainable recommendations that address cause rather than symptoms Experience with information security standards, best practices for securing computer systems within applicable laws and regulations Experience with Governance Risk & Compliance (GRC) tools and procedure development Solid understanding of common attack techniques (MITRE ATT&CK), incident triage, and remediation workflows. Foundational knowledge of AWS (Amazon Web Services) or other cloud environments. Basic understanding of networking, operating systems (Linux/Windows), and common security principles (e.g., least privilege, defense-in-depth). Familiarity with automation frameworks or API integrations for security tools. Strong written communication skills necessary for developing clear, concise procedures and playbooks, coupled with effective verbal skills for communicating technical findings. Experience building dashboards and metrics for leadership visibility. Strong analytical and problem-solving skills with a keen attention to detail and a desire to learn quickly. Bachelor's degree in Cybersecurity, Computer Science, or equivalent experience. Certifications such as CompTIA CySA+, GCIH, GCIA, GMON, GCDA, GSOC, or CISSP associate are preferred. Experience working in a regulated industry (financial services or health care) Reports to: Manager, Security Operations Total Rewards and Benefits: At OppFi, we are committed to fostering a fair and equitable workplace. The compensation range for this role reflects our good faith compensation estimate for this position. Final offers are determined based on a myriad of factors including, but not limited to experience, skills, qualifications, and other relevant business considerations. Candidates are encouraged to discuss compensation expectations during the hiring process. In addition to base pay, the total compensation package includes eligibility and potential for performance-based bonuses and equity grants dependent upon the role and job level. OppFi offers a flexible, remote environment, 401(k) matching program, and generous paid time off. Other benefits include medical, dental, and vision coverage, and tuition reimbursement. Additional benefits include DoorDash DashPass, Figo pet insurance, Rocket Lawyer, and access to LinkedIn Learning. OppFi also offers Fringe, a lifestyle benefits platform that allows employees to decide how to spend rewards from dozens of vendors like Uber, DoorDash, and UrbanSitter. #LI-Remote Compensation Range:$102,400-$153,600 USD EEO Statement: OppFi is an equal opportunity employer and does not discriminate based on any actual or perceived legally recognized protected bases under local, state, federal law, or regulations. Our goal as a company is to build an equitable workplace that actively works to dismantle systems of oppression in our processes, procedures, and interactions. We aim to help our employees thrive where they work and beyond. Check out our Culture page here. As part of OppFi's commitment to providing equal opportunity to qualified individuals, OppFi will ensure that persons with disabilities are provided reasonable accommodation as defined by applicable laws and organizational policies. If reasonable accommodation is needed to participate in the job application or interview processes or job requirements, please contact our People Team at ********************. Pursuant to the requirements of the California Consumer Privacy Act, OppFi is providing the "OppFi California Employee Privacy Policy", which details the categories of personal information collected and your rights under the policy. If you are a California resident, please review the policy here: ******************************* The information in this document is for general informational purposes only. It is not intended to be an all-inclusive list or description of the organization and its requirements for positions and employees. OppFi reserves the right to modify or change the information on this document at its discretion.

Vectra is the leader in AI-driven threat detection and response for hybrid and multi-cloud enterprises. The Vectra AI Platform delivers integrated signal across public cloud, SaaS, identity, and data center networks in a single platform. Powered by patented Attack Signal Intelligence, it empowers security teams to rapidly prioritize, investigate and respond to the most advanced cyber-attacks. With 35 patents in AI-driven threat detection and the most vendor references in MITRE D3FEND, organizations worldwide rely on the Vectra AI to move at the speed and scale of hybrid attackers. For more information, visit ************** *Location: US-Remote This position works on a 4x10, 2nd or 3rd shift Position Overview Vectra is seeking a highly skilled and experienced MDR (Managed Detection and Response) Security Analyst to join our team. As a Sr. Security Analyst, you will serve in a critical role in protecting and defending Vectra MDR customer infrastructure. You will be responsible for supervising and analyzing security events, responding to incidents, conducting SOC (Security Operations Center) operations, and assisting MDR customers to ensure their needs are met. A successful candidate will have sound technical experience and skills, blended with good interpersonal, communication, and project management skills. Responsibilities Monitor security logs and alerts from various sources, including intrusion detection systems, Endpoint Detection and Response (EDR) systems, and security information and event management (SIEM) tools. Investigate and analyze security incidents, identify root cause, and develop appropriate mitigation strategies. Complete security response actions, including full remote remediation of endpoints. Perform threat hunting and proactive analysis to identify potential security risks and vulnerabilities. Collaborate with multi-functional teams, including product, engineering, and support, to resolve customer incidents or issues. Mentor and provide guidance to junior security analysts, sharing knowledge and standard processes. Conduct health checks and architecture reviews, providing technical expertise and real-life experience in creating solutions, designs, and recommendations. Be a strong voice for your customers across business to identify new detection models, identify new product features, build content for both internal and external customer knowledge bases, and ensure successful Vectra deployments. Travel expected 0-5% Requirements Demonstrable experience as an MDR security analyst, SOC analyst, or similar role in a fast-paced environment. Experience providing remote response and remediation activities within networks and on endpoints. Solid understanding of intrusion detection systems, artificial intelligence-based attack detection and prevention, incident response methodologies, and SOC operations. Experience with SIEM tools, log analysis, network analysis, endpoint analysis, and threat intelligence platforms. Solid knowledge of operating systems, networking protocols, and security technologies. Proficient in incident handling, threat hunting, and forensics. Excellent analytical and problem-solving skills, with the ability to think critically under pressure. Good communication skills to effectively collaborate with multi-functional teams and communicate complex security issues to non-technical stakeholders. Continuous learning attitude to stay updated with the evolving threat landscape and emerging security technologies. Desirable Prior experience with Vectra, SentinelOne, Microsoft Defender, or CrowdStrike Coding experience in Bash, Python, or Powershell Open-source development Our competitive total rewards package includes cash compensation within the range provided below. Actual pay for this position may vary based on the hired candidate's location, experience and relevant incumbent pay position. Vectra Total Rewards$110,000-$150,000 USD Vectra provides a comprehensive total rewards package that supports the financial, physical, mental and overall health of our employees and their families. Compensation includes competitive base pay, incentive plan eligibility, and participation in the employee equity plan (stock options). Specific benefits offered varies by location, but commonly include health care insurance, income protection / life insurance, access to retirement savings plans, behavioral & emotional wellness services, generous time away from work, and a comprehensive employee recognition program. Vectra is committed to creating a diverse environment and is proud to be an equal opportunity employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.

About the Role iCapital is looking to hire a Vice President Information Security Governance Specialist. This individual will be a key person in iCapital's second line of defense team. The ideal candidate will support the organization's security governance program by ensuring compliance with regulatory requirements, security frameworks, and contractual obligations. This role involves reviewing the information security program against industry standards, assessing security clauses in client and vendor contracts, designing and maintaining security controls, and responding to regulatory audits. Responsibilities Assist in authoring, maintaining, and updating security governance policies and standards to align with industry frameworks and management direction. Evaluate the organization's information security program against common frameworks (e.g., ISO 27001, CIS, NIST 800-53, SOC 2) and applicable regulations (e.g., NYDFS, DORA, FFIEC, GDPR). Identify gaps and recommend control enhancements to align with compliance requirements. Review and negotiate information security sections of client and vendor contracts in partnership with the Legal team. Ensure contractual obligations meet internal security standards, regulatory expectations, and reasonability. Collaborate with Technology, Information Security, and Risk teams to design, document, and enhance security controls for infrastructure, applications, and data. Coordinate responses for internal and regulatory audits for information security team. Qualifications 7-10 years of experience in information security governance, compliance, or risk management in a financial service, fintech, or technology-driven environment Bachelor's degree in information security, risk management, or a related field Strong written and verbal communication skills Excellent analytical and problem-solving skills Able to manage multiple priorities and deadlines in a fast-paced environment Comfortable engaging with senior leaders Knowledge of cybersecurity frameworks (ISO, CIS, NIST, SOC 2) and audit processes CISM, CRISC, or CISSP certifications are preferred Benefits The base salary range for this role is $150,000 to $180,000. iCapital offers a compensation package which includes salary, equity for all full-time employees, and an annual performance bonus. Employees also receive a comprehensive benefits package that includes an employer matched retirement plan, generously subsidized healthcare with 100% employer paid dental, vision, telemedicine, and virtual mental health counseling, parental leave, and unlimited paid time off (PTO). We believe the best ideas and innovation happen when we are together. Employees in this role will work in the office Monday-Thursday, with the flexibility to work remotely on Friday. For additional information on iCapital, please visit **************************************** Twitter: @icapitalnetwork | LinkedIn: ***************************************************** | Awards Disclaimer: ****************************************/recognition/ iCapital is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, gender identity, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

At OneStudyTeam (a Reify Health company), we specialize in speeding up clinical trials and increasing the chance of new therapies being approved with the ultimate goal of improving patient outcomes. Our cloud-based platform, StudyTeam, brings research site workflows online and enables sites, sponsors, and other key stakeholders to work together more effectively. StudyTeam is trusted by the largest global biopharmaceutical companies, used in over 6,000 research sites, and is available in over 100 countries. Join us in our mission to advance clinical research and improve patient care. One mission. One team. That's OneStudyTeam. We are seeking a Senior Security Compliance Analyst with expertise in Governance, Risk, and Compliance (GRC) to support and enhance our security and compliance programs within the healthcare industry. This role is critical in ensuring adherence to industry regulations, responding to customer audits, and maintaining compliance with ISO 27001, HIPAA, and other security frameworks. The ideal candidate will be a detail-oriented compliance expert who can navigate complex regulatory environments, assist with internal/external audits, and drive continuous improvement in security governance. The ideal candidate must be able to operate independently while delivering on the following duties. What You'll Be Working On: Lead and support customer security audits, responding to security questionnaires and demonstrating compliance with security frameworks. Prepare, coordinate, and manage ISO 27001 audits, including evidence collection, control implementation, and auditor engagement. Ensure ongoing compliance with HIPAA, NIST CSF, and other regulatory requirements applicable to healthcare data security. Develop and maintain policies, procedures, and security documentation to meet regulatory and contractual obligations. Perform gap analyses and risk assessments to identify and remediate compliance risks. Manage and improve security governance frameworks, ensuring alignment with industry best practices and business objectives. Conduct third-party vendor risk assessments, ensuring compliance with security policies and contractual obligations. Monitor security controls, ensuring effectiveness and continuous improvement in alignment with security frameworks. Support security awareness training initiatives, ensuring employees understand compliance responsibilities. Stay current on ISO 27001, HIPAA, NIST 800-53, and other relevant standards, translating them into actionable security controls. Assist in defining security metrics and reporting on compliance status and risk posture to leadership. Work closely with legal, security, IT, and business teams to align compliance requirements with security operations. What You'll Bring to OneStudyTeam: Bachelor's degree in Information Security, Computer Science, Risk Management, or related field (or equivalent experience). 8+ years of progressive experience in GRC, compliance, or security audit roles. Experience in healthcare or regulated industries strongly preferred. Certifications strongly preferred: ISO 27001 Lead Auditor/Implementer, CISSP, CISM, CISA, HITRUST CCSFP, CRISC. Experience leading ISO 27001, SOC2, or HITRUST audits, including ISMS implementation and external audit coordination. Strong understanding of NIST CSF, SOC 2, GDPR, and other security frameworks. Hands-on experience with customer security audits, including responding to security questionnaires and managing security assessments. Ability to perform risk assessments, policy reviews, and compliance gap analyses. Strong written and verbal communication skills, with the ability to explain technical concepts to non-technical stakeholders. Detail-oriented with excellent organizational and project management skills. Ability to work independently and collaboratively in a remote environment. Familiarity with GRC tools (e.g., OneTrust, LogicGate, Archer, Vanta, Drata) is a plus. We value diversity and believe the unique contributions each of us brings drives our success. We do not discriminate on the basis of race, sex, religion, color, national origin, gender identity, age, marital status, veteran status, or disability status. Note: OneStudyTeam is unable to sponsor work visas at this time. If you are a non-U.S. resident applicant, please note that OneStudyTeam works with a Professional Employer Organization. As a condition of employment, you will abide by all organizational security and privacy policies. This organization participates in E-Verify (E-Verify's Right to Work guidance can be found here).

SpyCloud is on a mission to make the internet a safer place by disrupting the criminal underground. SpyCloud's solutions thwart cyberattacks and protect more than 4 billion accounts worldwide. Cybersecurity is an exciting, evolving space, and being at the forefront of the fight to disrupt cybercrime makes SpyCloud a special place to work. If you're driven to align your career with a fantastic mission, look no further! *This role can be hybrid out of Austin (preferred) or remote in the United States with occasional travel to the office (around once per quarter) We are looking for a passionate Senior Security Data Analyst/Python Developer to help us parse, transform, and analyze dirty data. The ideal candidate has a thorough understanding of Python, Data analysis techniques, AWS, ETL patterns, and Automation techniques. Our Stack: Python Linux Databases: Relational and NoSQL AWS (EC2, RDS, SQS, S3, Lambda, API Gateway, and more) What You'll Do: Parse and transform structured and unstructured datasets. Build Python-based automation for the parsing platform. Bring order to dirty and/or unstructured data. Develop ETL-style automation scripts. Maintain and improve the existing codebase and infrastructure. Manage the weekly data ingestion process. Collaborate with the team to design and build innovative data systems. Data analysis based on the consumption of blogs for the marketing team. Develop processes, standards and CI/CD pipelines to manage our codebase. Leverage AI to automatically parse data. Requirements: 5-7 years of professional experience as a Python developer. A love of working with data. Familiarity with cleaning/transforming data. Experience building data solutions and automation tools using Python. Proficient in Linux bash/ksh scripting and Regular Expressions. Interest in cybersecurity. Strong understanding of computer science fundamentals (data structures, algorithms, data processing). Experience with relational and NoSQL databases. Excellent communication skills. Great team player. Self-directed, empathetic, and eager to automate repetitive tasks. Able to switch contexts as business needs change. Nice to Have: Background or strong interest in cybersecurity. Familiarity with Git version control system. Experience with AWS (Compute, Storage, Database). Experience working with Infrastructure as Code (we use Terraform and Ansible). SpyCloud is not sponsoring visas at this time. U.S.-Based Benefits + Perks (for Full Time Employees): At SpyCloud, we are committed to working alongside individuals who are equally passionate about preventing cybercrime, regardless of their department or role. Guided by our core values in all business decisions, we prioritize unity in our mission and ensure all SpyCloud employees have the support and benefits they need to stay focused on our goals. In addition to our engaging workspace in South Austin, flexible and remote-friendly work options, and competitive salary package, we offer our employees a comprehensive benefits package that includes: 401(k) with Employer Contribution Health, Vision, and Dental Insurance Health Savings Account (HSA) available with Employer Contribution Employer Paid Life, Short-term, and Long-term Disability Insurance Generous PTO Plan and 16 paid holidays per year U.K.-Based Benefits + Perks (for Full Time Employees): Retirement Savings Plan with Employer Contribution Employer Provided Private Health Insurance and Healthcare Cashplan Employer Paid Life Insurance and Income Replacement Generous Holiday Plan and 14 paid holidays per year About SpyCloud: SpyCloud is on a mission to disrupt the cycle of cybercrime. As the leader in Cybercrime Analytics, our solutions thwart cyberattacks that originate from the use of stolen data, including account takeover, ransomware, and online fraud. More than 550 customers and partners trust SpyCloud to protect users' identities, prevent targeted attacks, and unmask adversaries attempting to harm businesses and their customers. To learn more and see insights on your company's exposed data, visit SpyCloud. Our Mission: Our mission is to make the internet a safer place by disrupting the criminal underground. Together with our customers and partners, we aim to end criminals' ability to profit from stolen information. Who We Are: SpyCloud is a place for innovative, collaborative, and problem-solvers to thrive. Individually, we're amazing, but together, we're unstoppable. We celebrate diversity and various perspectives and aim to create an inclusive and supportive environment for all. We are proud to be an Equal Employment Opportunity and Affirmative Action employer of choice. All aspects of employment decisions will be based on merit, performance, and business needs. We do not discriminate on the basis of any status protected under federal, state, or local law. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. Women, minorities, individuals with disabilities, and protected veterans are encouraged to apply. SpyCloud complies with applicable state and local laws governing nondiscrimination in employment. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. SpyCloud expressly prohibits any form of workplace harassment. Improper interference with the ability of SpyCloud's employees to perform their job duties may result in discipline up to and including discharge. SpyCloud shares the right to work and participates in the E-Verify program in all locations. If you need assistance or accommodation due to a disability, you may contact us. Our Culture: Our culture is something really special. We're all driven to disrupt the cybercriminal economy as we keep customer accounts safe from compromise. We support a truly worthy and serious mission, but we have fun doing it together. If you are driven, inventive, and collaborative, you'll fit right in. SpyCloud's Recruitment Policy: We will never ask an applicant for sensitive or personal financial information during the recruitment process. We advise all applicants seeking employment with SpyCloud to review available information on recruitment fraud. Anyone who suspects that they have been contacted by someone falsely representing SpyCloud should email ********************. Compensation Transparency Policy: At SpyCloud, we believe in transparency and fairness in compensation. We strive to ensure that all employees are fairly compensated for their contributions, and we openly discuss our compensation philosophy and structure. We are committed to providing competitive salaries and benefits packages to attract and retain top talent, and we encourage open dialogue and feedback regarding compensation matters. Learn more and apply: SpyCloud Careers

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU. If you'd like to build the world's best AI cloud, join us. *Note: This position requires presence in our San Francisco or San Jose office location 4 days per week; Lambda's designated work from home day is currently Tuesday. What You'll Do Validate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives Manage IT Risk Register including risk identification, tracking, and prioritization. Assist with and drive remediation of control deficiencies and gaps Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.) Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting Assist with the Customer Trust program which may include managing customer assessments, and security questionnaires Assist control owners with root cause analysis and track risk management action plan progress. Create risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings Assist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements You Have a minimum of 8 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements Have experience managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks Have experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations Possess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives Nice to Have Experience in the machine learning or computer hardware industry Experience with Security by Design and/or Privacy by Design principles Experience with standard cyber controls frameworks, including CIS Top18, NIST Cyber Security Framework (CSF), NIST 800.53, NIST 800.171, CMMC, Cybersecurity Maturity Model Certification (CMMC), ISO 27001 and 27701, and SOX ITGC control frameworks. Broad knowledge of IT infrastructure and architecture of computer systems as well as exposure to a variety of platforms such as operating systems, networks, databases, and ERP systems Familiarity with using third-party tools such as Audit Board, Whistic, RSA Archer, ServiceNow for third-party risk management Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Experience in the AI infrastructure, machine learning and/or computer hardware industry Salary Range Information The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description. About Lambda Founded in 2012, with 500+ employees, and growing fast Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG Our values are publicly available: ************************* We offer generous cash & equity compensation Health, dental, and vision coverage for you and your dependents Wellness and commuter stipends for select roles 401k Plan with 2% company match (USA employees) Flexible paid time off plan that we all actually use A Final Note: You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills. Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.

About Us At SentinelOne, we're redefining cybersecurity by pushing the limits of what's possible-leveraging AI-powered, data-driven innovation to stay ahead of tomorrow's threats. From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We're looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you're excited about solving complex challenges in bold, innovative ways, we'd love to connect with you. What are we looking for? We are looking for a highly motivated, collaborative and experienced Senior InfoSec Risk Specialist with a security-focused mindset who can balance risk, business drivers and timelines. This position will be responsible for understanding and supporting the design of SentinelOne's organizational, procedural and technological security controls within the context of the security frameworks applicable to SentinelOne. In addition, you will be responsible for identifying and testing appropriate controls to ensure they are designed, implemented, and operating effectively to mitigate risk. The selected employee will help implement, automate, document and maintain controls while supporting and responding to inquiries from internal and external stakeholders. This individual must be self-directed and be able to work independently and collaboratively. What will you do? Support the planning and performance of IT risk-based security audits and projects, risk assessments, execution of fieldwork and communication to stakeholders. Help in evaluating relevant global standards, compliance frameworks and regulations to analyze existing controls; identify areas for improvement; and design control growth. Collaborate with process and control owners through the audit lifecycle for process documentation updates, testing coordination, remediation of identified deficiencies and advising on internal control enhancements or process changes, as appropriate. Proactively manage audit findings, tracking and documentation of status updates obtained via action owners, and timely execution of remediation activities. Participate in internal security and compliance programs and track recurring controls, such as SSAE 18 SOC 2, ISO 27001/27002. Provide control consultative support to the business to assist in redesign efforts to improve the control environment and identify opportunities for control improvements with the objective of mitigating risk and improving compliance and operational performance. Help support internal/external audits and evidence collection via a GRC tool. Document new and update existing policies, procedures, standards and resources Participate in Security awareness program, train personnel on data security and privacy-related processes and responsibilities. Help support customer security reviews, RFPs and external security and privacy inquiries. Participate in defining, collecting and tracking various Security Metrics. What skills and experience should you bring? 5+ years of experience working in information security, risk or compliance. Experience working with Security Controls across at least some of the following domains: Access Management, Encryption, Risk Management, Network Security, Configuration Management, Patch Management, Change Management, Awareness and Training, BC/DRP, etc. Ability to perform internal audits with minimal direct supervision, exhibit professional audit judgment and have experience in a broad range of audit projects such as SSAE 16/18 SOC 2, ISO 27001/2, NIST. Strong risk management experience, performing assessments and audits, designing controls, managing enterprise control frameworks, and prioritizing risk. Strong project management skills and ability to manage a variety of projects simultaneously to completion within the agreed timelines. Excellent collaboration and interpersonal skills. Must be able to communicate with all levels in the organization. Ability to communicate effectively, in writing and verbally, to target audiences, including customers, partners, auditors, executive management, vendors, and peers. Experience working with both technical and non-technical teams. Ability and desire to understand the intent of requirements and provide effective recommendations. Ability to prioritize in a highly dynamic work environment. Our Preferred Qualifications: Advanced degree in computer science, Information Technology, Information Security or related field. Experience with, and strong understanding of common Security Compliance frameworks, controls, and best practices such as COSO, SOC 2, SOX ITGC, ISO 27001/27002, GDPR, PCI, NIST and other applicable regulatory compliance frameworks. Relevant certifications (ISO 27001 LA/LI, CISA, CISM, CISSP, CRISC, etc.) Ability to assess and pragmatically define scope and relevant controls. Strong desire to learn and continuously develop and deepen technical skills. Why us? You will be joining a cutting-edge company where you will tackle extraordinary challenges and work with the very best in the industry. Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA Unlimited PTO Industry-leading gender-neutral parental leave Paid Company Holidays Paid Sick Time Employee stock purchase program Disability and life insurance Employee assistance program Gym membership reimbursement Cell phone reimbursement Numerous company-sponsored events, including regular happy hours and team-building events This U.S. role has a base pay range that will vary based on the location of the candidate. For some locations, a different pay range may apply. If so, this range will be provided to you during the recruiting process. You can also reach out to the recruiter with any questions. Base Salary Range$104,000-$138,000 USD SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. SentinelOne participates in the E-Verify Program for all U.S. based roles.

Our Director of Information Security provides strategic leadership and vision for enterprise-wide security operations. This role oversees and matures the organization's operations security program, ensuring alignment with business objectives, regulatory requirements, and industry best practices. The Director partners with senior leadership, technology leaders, and business stakeholders to embed security into products, services, and culture. This position reports to the Vice President of Information Security and leads a growing team (4-6 ICs) of security professionals across operational security, incident response, compliance, and governance. Responsibilities Strategic Leadership & Vision Help define and execute the enterprise information security strategy, ensuring alignment with corporate objectives and customer trust. Serve as an advisor to the various teams, technology leaders, and business stakeholders on emerging threats, risks, and security requirements. Lead the evolution of security as a business enabler and differentiator, ensuring resilience, trust, and compliance are built into tools and operations Team & Program Leadership Manage, mentor, and scale a high-performing security team across security operations, incident response, and data security functions. Establish clear career paths, KPIs, and success metrics to drive accountability, engagement, and professional growth. Foster a culture of continuous improvement, innovation, and proactive risk management. Operational Security & Incident Response Oversee enterprise security operations, including SIEM, log correlation, endpoint security, threat hunting, and vulnerability management. Direct incident response efforts, ensuring effective playbooks, rapid resolution, and post-incident learning. Drive automation, orchestration, and AI/ML-enabled threat detection to increase efficiency and reduce response times. Governance, Risk, & Compliance Partner with the GRC Team with security compliance frameworks (e.g., SOC 2, ISO 27001, PCI-DSS, HIPAA, FedRAMP, etc.) and ensure continuous readiness for audits. Develop and maintain enterprise security procedures, standards, and controls aligned to NIST, CIS, and OWASP frameworks. Participate in third-party risk management, vendor security assessments, and business continuity planning. Innovation & Emerging Technologies Provide guidance on secure adoption of cloud, SaaS, and SASE platforms. Champion responsible and secure use of emerging technologies (e.g., AI/ML, automation, zero trust, secure access). Anticipate future risks and proactively shape organizational security posture. Qualifications Education/Experience 10+ years of progressive information security experience, including significant leadership responsibility. 5+ years leading security teams in enterprise environments. Industry-recognized certifications strongly preferred (CISSP, CCISO, CISM, GSEC, GCIH, CEH, etc.). Required Skills/Abilities Proven success in building and maturing security programs that align with business strategy. Strong knowledge of security technologies (firewalls, DLP, IDS/IPS, MDM, SIEM, EDR, etc.) and modern architectures (SaaS, SASE, Zero Trust). Deep technical foundation across cloud/SaaS systems, network and endpoint security, cloud security, and secure configurations. Familiarity with penetration testing, forensic practices, and threat modeling. Strong executive communication skills with experience presenting to leadership, audit committees, and regulators. Demonstrated ability to lead cross-functional initiatives and drive measurable risk reduction. National Debt Relief Role Qualifications: Computer competency and ability to work with a computer. Prioritize multiple tasks and projects simultaneously. Exceptional written and verbal communication skills. Punctuality expected, ready to report to work on a consistent basis. Attain and maintain high performance expectations on a monthly basis. Work in a fast-paced, high-volume setting. Use and navigate multiple computer systems with exceptional multi-tasking skills. Remain calm and professional during difficult discussions. Take constructive feedback. Compensation Information Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for each position across the US. Within the range, individual pay is determined by work location, job-related skills, experience, and relevant education or training. This good faith pay range is provided in compliance with NYC law and the laws of other jurisdictions that may require a salary range in job postings. The salary for this position is $198,500 - $228,500. About National Debt Relief National Debt Relief was founded in 2009 with the goal of helping an expanding number of consumers deal with overwhelming debt. We are one of the most-trusted and best-rated consumer debt relief providers in the United States. As a leading debt settlement organization, we have helped over 450,000 people settle over $10 billion of debt, while empowering them to lead a healthier financial lifestyle and feel free to live their best life. At National Debt Relief, we treat our clients like real people. Our purpose is to elevate, empower, and transform their lives. Rated A+ by the Better Business Bureau, our goal is to help individuals and families get out of debt with the least possible cost through conducting financial consultations, educating the consumer and recommending the appropriate solution. We become our clients' number one advocate to help them reestablish financial stability as quickly as possible. Benefits National Debt Relief is a team-oriented environment full of rewards and growth opportunities for our employees. We are dedicated to our employee's success and growth within the company, through our employee mentorship and leadership programs. Our extensive benefits package includes: Generous Medical, Dental, and Vision Benefits 401(k) with Company Match Paid Holidays, Volunteer Time Off, Sick Days, and Vacation 12 weeks Paid Parental Leave Pre-tax Transit Benefits No-Cost Life Insurance Benefits Voluntary Benefits Options ASPCA Pet Health Insurance Discount Access to your earned wages at any time before payday National Debt Relief is a certified Great Place to Work ! National Debt Relief is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other status protected by law. For information about our Employee Privacy Policy, please see here For information about our Applicant Terms, please see here #LI-REMOTE

Primary Responsibilities: Execute and support the Risk Management Framework (RMF) lifecycle including system categorization, control selection, implementation, assessment, and authorization. Develop, maintain, and validate System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, Contingency Plans (CPs), and related compliance documentation. Conduct and lead vulnerability assessments, leveraging tools such as Nessus, ACAS, and Fortify to identify and prioritize remediation efforts. Perform continuous monitoring of security controls and produce metrics, dashboards, and evidence in support of ATO renewals and sustainment. Analyze and respond to security incidents, working with SOC personnel and SIEM tools to evaluate logs, investigate events, and contain potential threats. Conduct internal audits and risk assessments to validate the effectiveness of implemented controls and identify compliance gaps. Provide security guidance to engineering and development teams, ensuring adherence to cybersecurity standards in a DevSecOps environment. Stay informed of evolving threats, vulnerabilities, and regulatory changes to proactively enhance security postures. Coordinate with Security Control Assessors (SCAs), ISSOs, system owners, and federal stakeholders on audit readiness and policy compliance. Draft and enforce cybersecurity policies, SOPs, and standards that support mission-critical systems across hybrid environments. All other duties as assigned by management. Qualifications Bachelor's or Associate's degree in Computer Science, Math, Information Technology, Engineering, or related field. Five (5) years of directly relevant experience may substitute for two (2) years of formal education. Minimum of five (5) years of experience in experience with vulnerability scanning tools and security assessment methodologies. Minimum of five (5) years of experience with network security, firewall management, intrusion detection/prevention systems (IDS/IPS). Minimum of (5) years of experience with Security Information and Event Management (SIEM). Minimum of five (5) years of experience in the risk management framework. Basic knowledge of the following: Active Directory, UNIX, RHEL, Windows, Relational Databases. Previous support of federal government enterprise systems or DHS/DOD programs is strongly preferred. Must have an active DoD Secret Clearance.

What Information Security and Risk contributes to Cardinal Health Information Security and Risk develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure or destruction. This job family develops system back-up and disaster recovery plans. Information Technology also conducts incident response, threat management, vulnerability scanning, virus management and intrusion detection and completes risk assessments. The Director, Information Security and Risk (Identity & Access Management) is responsible for leading the organization's Identity & Access Management (IAM) strategy, governance, and operations to ensure secure, efficient, and compliant access to technology resources. This role requires a leader with proven ability to execute large-scale enterprise IAM programs that directly impact how employees, contractors, and customers interact with Cardinal Health technology. Success in this role demands a balance between delivering a frictionless, user-friendly experience and maintaining the highest standards of security. The Director must also excel at building partnerships across the organization and collaborating on program delivery, while driving operational excellence and anticipating business risks associated with IAM changes. Location - Ideally targeting individuals local to Central Ohio, but open to candidates located nationwide (fully remote). If living within commutable distance of our corporate HQ in Dublin, OH - the expectation would be to come in-office two or three days a month for team meetings. Responsibilities Act as a visionary in designing and executing multi-year IAM strategy that aligns with business goals and customer needs Develop and oversee enterprise IAM policies, standards, and procedures, ensuring consistent enforcement across the organization. Lead IAM initiatives including identity lifecycle management (provisioning, de-provisioning, role-based access, entitlement reviews). Direct privileged access management (PAM) programs to safeguard critical systems and sensitive data. Ensure compliance with internal policies and external regulatory requirements (e.g., SOX, HIPAA, GDPR, PCI-DSS) through strong access controls. Execute enterprise IAM programs with significant business impact, ensuring seamless access for employees, contractors, and customers. Balance user experience with security by designing IAM solutions that are simple, intuitive, and resilient. Drive operational excellence by establishing repeatable processes, KPIs, and service delivery models for IAM functions. Build strong partnerships across IT, Security, HR, and business units to align IAM delivery with organizational priorities. Establish metrics and reporting mechanisms to monitor IAM effectiveness, operational performance, and program maturity for executive leadership. Lead training and awareness programs related to IAM policies, secure access practices, and identity governance. Qualifications Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field preferred. Ideally targeting individuals with 12+ years of IT/security experience with at least 5 years in IAM leadership roles preferred. Proven track record of executing enterprise IAM programs with measurable business impact. Prior people leadership experience and demonstrated ability to manage operational IAM teams, highly preferred. Expertise with IAM tools and platforms (e.g., Okta, SailPoint, CyberArk, Azure AD). Strong understanding of relevant Regulatory and Compliance requirements (HIPAA, SOX, HITRUST CSF, etc.). Strong understanding of authentication protocols (SAML, OAuth, OpenID Connect, Kerberos) and cloud IAM (AWS IAM, Azure RBAC, GCP IAM). Certifications such as CISSP, CIAM, or CISM preferred. Strong analytical, relationship management, and communication skills (both written and verbal). Ability to collaborate across functions and influence stakeholders to achieve IAM program success. What is expected of you and others at this level Provides leadership to managers and experienced professional staff; may also manage front line supervisors Manages an organizational budget Develops and implements policies and procedures to achieve organizational goals Assists in the development of functional strategy Decisions have an extended impact on work processes, outcomes, and customers Interacts with internal and/or external leaders, including senior management Persuades others into agreement in sensitive situations while maintaining positive relationships #LI-LP #LI-Remote Anticipated salary range: $135,400 - $228,910 Bonus eligible: Yes Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being. Medical, dental and vision coverage Paid time off plan Health savings account (HSA) 401k savings plan Access to wages before pay day with my FlexPay Flexible spending accounts (FSAs) Short- and long-term disability coverage Work-Life resources Paid parental leave Healthy lifestyle programs Application window anticipated to close: 12/25/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply. Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law. To read and review this privacy notice click here

Together, We Enhance Innovation and Growth i2G specializes in advanced physical electronic security and life safety solutions. I2G has proven experience in surveillance, access control, and intrusion detection systems, biometrics, fence sensors, radars, ground sensors, anti-drone technologies, and more. We excel in design, project management, commissioning, and enterprise technology integrations. i2G's mission is to provide the products and services that meet our customers' needs to give them a vital advantage in today's market, helping to protect what matters most. This position will provide engineering design and support for security solutions for new and existing clients while working alongside internal teams, external teams, clients, and subcontractors to ensure project success. Responsibilities * Possess a thorough understanding of standard Electronic Security technology (ACS, IDS, FDS, CCTV) and supporting equipment such as computer software/hardware, databases, and networking infrastructure. * Ability to review architectural, electrical, telecommunication, security engineering floor plans, riser drawings, device schedules, and detail drawings. * Design, develop, and implement solutions for system installations, upgrades, repairs, and conversions. * Review of Field Site Survey documentation and provide technical assistance with RFI/RFP responses. * Create solution design documentation (drawings, BOMs, solution design summaries). * Provide technical support for in-office and on-site team members. * Support management in the process of creating documentation for implementing new technology with new and existing customers. * Maintain familiarity with current and emerging electronic security technologies such as access control, video surveillance, intrusion detection, biometrics, etc. and industry leading vendors. Qualifications * A minimum of 3-7 years previous experience in the industry. * Associate or bachelor's degree in relevant field preferred or applicable amount of experience in the appropriate field may be substituted for the educational background. * Experience in the design and planning of access control and video systems. * Professional Electronic Security Certifications or training (Lenel, Genetec, C-Cure. Avigilon, Axis, Bosch, Milestone, etc.) preferred. Company Overview This is a Security Systems Engineer career opportunity with i2G Systems. Learn more about i2G: *************************************** "Kastle Systems Makes Strategic Investment in i2G Systems, Strengthening Leadership in Serving High-Security Industries and High-Value, Large Scale Facilities" Read More About the Partnership Here: *********************************************************************************************************************************************************************************** Equal Opportunity Statement We are an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, protected veteran status, marital status, pregnancy or any other basis protected by applicable federal or state laws.

About the Role: United Community is seeking an experienced Information Security Controls Analyst to serve as a subject matter expert in evaluating and strengthening our cybersecurity and technology controls. This role plays a critical part in assessing risk exposure, recommending control improvements, and ensuring alignment with regulatory standards and business risk tolerance. You'll collaborate with enterprise risk, compliance, and legal teams to provide visibility into our risk posture and drive meaningful change across the organization. What You'll Do: Review and document the adequacy of security and technology controls across business and IT environments. Evaluate control posture through interviews, documentation reviews, and workflow analysis. Recommend and support implementation of risk reduction strategies via policies, procedures, and technical controls. Partner with risk management and security leadership to align controls with organizational risk tolerance. Identify control strengths and weaknesses related to privacy, security, resiliency, and compliance. Document and advocate for control improvements that balance risk with operational efficiency. Support control development across testing, QA, and production environments. Present control effectiveness reports to senior risk leadership. Stay current on regulatory requirements, internal policies, and industry best practices. Participate in required compliance training and support internal/external audit activities. What We're Looking For: • Experience: 3+ years in cybersecurity or IT practitioner roles. 2+ years in IT risk or controls analysis. Practical experience with risk management and IT control frameworks. • Education: Bachelor's degree preferred in Information Assurance, Computer Science, Engineering, or a related technical field. • Required Skills: Strong understanding of risk frameworks (CRI, COSO, RMF, COBIT, NIST). Familiarity with regulatory standards (PCI, FFIEC, SOX, HIPAA, GDPR, CCPA, GLBA). Experience with CIS CSC, ISO 2700, or NIST CSF. Excellent written and verbal communication across all organizational levels. Strong organizational skills and ability to meet SLAs. Sound judgment and decision-making in complex scenarios. High integrity, trustworthiness, and adaptability. • Preferred Skills: Certifications such as CISSP, CISA, CRISC, or CISM. Technical experience with enterprise networks, applications, and directory services. Familiarity with enterprise GRC platforms. Travel: Up to 5% travel required. Supervisory Responsibility: This position does not have direct supervisory responsibilities. Conditions of Employment: Must be able to pass a criminal background & credit check This is a full-time, non-remote position FLSA Status: Non-Exempt We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state, or local protected class. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.