Senior security specialist work from home jobs - 189 jobs

Watershed Security, is a Veteran Owned Small Business with over 20 years' Cybersecurity and Government Contracting experiencing. Watershed is looking for a Intel Security Specialist to support the Naval Surface Warfare Center (NSWC) Dahlgren Division Dam Neck Anex (NSWCDD-DNA) in Dam Neck, VA. The successful candidates will have experience coordinating and enacting required security changes, with in various levels of an organization, ensuring compliance with published policies; conducting cybersecurity vulnerability and threat analysis; and be experienced as an ISSO or ISSE. REQUIRED QUALIFICATIONS Bachelor of Science in Information Systems or Bachelor of Science in Information Technology or Bachelor of Science in Computer Science or Bachelor of Science in Computer Engineering. Years of Experience: Ten (10) years of full-time professional experience in performing Risk Management Framework (RMF) activities; (or) 15 years of RMF experience and a GED/High School Diploma. Must be able to maintain IAT-II designation with at least one of the following active certifications: CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP. Any level of Demonstrated experience in all of the following areas: Performing STIG assessments to include using SCAP benchmarks and EvaluateSTIG Performing vulnerability assessments with the Assured Compliance Assessment Solution tool Using eMASS or XACTA for RMF package management Developing Plans of Actions and Milestones (POA&M) entries Completing Risk Management Framework Step 5 authorizations in the ISSE capacity or Information System Security Officer (ISSO) capacity Communicating risk reduction recommendations to stakeholders Managing privileged user documentation, training, and CSWF requirements Researching and evaluating Cyber Task Orders (CTOs) and detailing implementation requirements Tracking documentation requirements and coordination with POCs for updates Reviewing Interconnection Security Agreements (ISAs) for technical details and ensuring within ATO parameters Maintaining inventory, tracking, and destruction of removable media Clearance Level: TOP SECRET with SCI Eligibility; US Citizen. Ability to possibly provide onsite support in Dam Neck VA. Some/all remote work may be an option, however the norm will be onsite support. This will be dependent upon customer needs and classification level of work being performed. Some travel may be required. Proficient with Microsoft Office Suite (Word, Excel, Teams, Project). Self-Starter; detail oriented; able to brief senior level staff. DESIRED QUALIFICATIONS Experience supporting 10 or more Navy Packages (achieving and/or maintaining ATO) Experience with Navy Cybersecurity requirements Experience with the NAVSEA RMF Business Rules Contingent upon award PAY RANGE Final salary is influenced by factors such as location, contract labor categories, experience, skills, education, and certifications. Watershed offers competitive compensation, medical and dental benefits, educational reimbursement, 401K plans with matching, 15 days of PTO to start and 11 paid holidays per year. The proposed salary range for this position is: $100,000.00 - $115,000.00 USD. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Oneleet is on a mission to revolutionize the industry. We make cybersecurity easy, effective, and painless through a comprehensive platform that helps companies build, manage, and monitor their cybersecurity programs. Backed by Y Combinator (S22) and top-tier VCs, our founding team brings over a decade of penetration testing and cybersecurity experience. Join our remote-first crew of opinionated rebels building a category-defining company to fix a broken, fragmented industry. Who we're looking for: We value passionate self-starters with a growth mindset and a bias for action and personal accountability. If you love solving hard problems, thrive in ambiguity, and want to make a real impact, you'll fit right in. We're especially drawn to: Rebels with a cause - frustrated with the status quo and eager to disrupt it. Opinionated (but not obstinate) builders - decisive yet collaborative, who help us move fast. Clear communicators - who own their ideas and follow through. Our mission is simple: make effective cybersecurity painless. We believe cybersecurity should empower, not burden. This belief unites our team and drives every decision we make. If you're ready to challenge the status quo and help shape the future of cybersecurity, we'd love to meet you. The Security Program Manager is part vCISO & part account manager. You will work with our customers from the start to asses their current security/compliance framework, provide guidance and recommendations for improvements, and work with clients to implement recommendations. You're passionate about security, and enjoy sharing your knowledge with not only our customers but your colleagues. Key Responsibilities Conduct initial consultation calls with new clients to assess their current security posture, infrastructure stack, compliance requirements and overall objectives. Provide guidance and recommendations for improving client security posture Develop high-level security programs consisting of technical, operational and administrative controls based on industry frameworks and client needs. Collaborate with clients to customize and refine the security program to match their specific use cases. Communicate with clients and stakeholders to ensure smooth and efficient security program creation Liaise with auditors to ensure clients' security programs align with auditors' expectations Maintain expertise across a range of security frameworks, control types, and technologies including NIST, SOC2, ISO27001, CMMC, AWS, Azure, GCP, Kubernetes, Docker, Terraform, and more. Provide feedback to Oneleet's engineering team to inform development of integrations, solutions, and products that deliver on client needs. Be highly technical, learn new technologies quickly, and translate security concepts into implementations. Partner with internal teams to translate security programs into implementations consisting of policies, procedures, configurations and software integrations. Requirements 3+ years in an information security role Broad knowledge of security best practices, frameworks, control types, and relevant technologies. Ability to understand client infrastructure and map security controls to meet compliance goals. Strong analytical skills to evaluate environments and determine appropriate safeguards. Excellent verbal and written communication skills. Self-driven with the ability to work independently and move fast in a startup environment. Willingness to go the extra mile to meet tight deadlines and deliver results. Why Oneleet? At Oneleet, you'll join a tight-knit team of rebels redefining the cybersecurity industry. We move fast, own our work, and challenge outdated models to make security effortless and effective for companies. Here's what makes us special: We value impact over titles, autonomy over micromanagement, and clarity over jargon. You'll tackle meaningful, hard problems with real-world consequences. You'll work with smart, kind, and ambitious teammates who lift each other up. Perks & Benefits Comprehensive health & welless benefits Competitive comp & equity Generous PTO, including floating holidays to honor what matters most to you Flexible, remote work culture Quarterly off-sites to cool places (Amsterdam, Italy, etc). Remote-First & Global Hiring We're a remote-first company and hire globally in regions where we can legally engage talent-either directly or via our employer-of-record (PEO) partner. If you're based outside the U.S., we'll explore the most compliant hiring arrangement for your location. U.S. Hiring & E-Verify For U.S.-based candidates, Oneleet participates in E-Verify to confirm employment eligibility, in accordance with federal regulations.

JT4, LLC provides engineering and technical support to multiple western test ranges for the U.S. Air Force, Space Force, and Navy under the Joint Range Technical Services Contract, better known as J-Tech II. JT4 develops and maintains realistic, integrated test and training environments and prepares our nation's war-fighting aircraft, weapons systems, and aircrews for today's missions and tomorrow's global challenges. RANGE POSITION DESCRIPTION - ESSENTIAL FUNCTIONS/DUTIES This position includes support in ongoing development and implementation of general and program specific security processes and procedures to include the advisement, planning, implementation, oversight, monitoring, analysis, reporting and assistance in the execution of security operations for a Special Access Programs (SAPs) and associated Facilities (SAPFs). Candidates with certification under the Security Personnel Education and Development program are highly preferred. Candidates with knowledge and experience with JADE are highly preferred. An Active TOP SECRET clearance is required for this position. Primary hours can change as dictated by mission requirements. Performs the daily administrative tasks in support of the site security department. Communicates with the clearance granting agency regarding status of clearances and periodic re-investigations for employees/consultants. Obtains certification of existing clearance levels for employees/consultants and for prospective employees from appropriate customer/agency sponsor. Issues security badges to designated employees and visitors. Maintain logs and records of badges issued and related information. Schedules initial, periodic and exit briefings and notifies supervisors and employees of schedule. Coordinates with employees/consultants for timely submittal of documents for initial clearances and periodic reinvestigations; fingerprint employees/consultants as required. Assists in facilitating security briefings for individuals/groups as required. Performs other related tasks as directed. REQUIREMENTS - EDUCATION, TECHNICAL, AND WORK EXPERIENCE Associate's Degree or equivalent military or technical school and 5 years specifically related work experience in the NISPOM/SAP/SCI security fields, complemented by formal training such as successful completion of the Industrial Security Management Course. Must be knowledgeable with the rules and regulations of the National Industrial Security Program Operation Manual (NISPOM) pertaining to all aspects of security. Must have excellent communication skills, both written and oral. Must be proficient operating personal computers using Microsoft Word, Excel, and graphics software, and possess database management experience. Familiar with a mainframe computer terminal, laminating machine and professional instamatic camera. Must possess a current, State issued driver's license. Must have a current government security clearance and special access. Must be a U.S. citizen. SALARY The expected pay range for this position is $84,000 to $92,000 annually. Note: The salary range offered for this position is a good faith description of the expected salary range this role will pay. JT4, LLC considers factors such as (but not limited to) responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as, market and business considerations when extending an offer. BENEFITS Medical, Dental, Vision Insurance **Benefits Active on Day 1 Life Insurance Health Savings Accounts/FSA's Disability Insurance Paid Time Off 401(k) Plan Options with Employer Match JT4 will match 50%, up to an 8% contribution 100% Immediate Vesting Tuition Reimbursement OTHER RESPONSIBILITIES Each employee must read, understand, and implement the general and specific operational, safety, quality, and environmental requirements of all plans, procedures, and policies pertaining to their job. WORKING CONDITIONS This position involves work typical of an office environment with no unusual hazards. There is occasional lifting (up to 20 pounds), constant sitting and use of a computer terminal, constant use of sight abilities while writing, reviewing, and editing documents, constant use of speech/hearing abilities for routine communications. Must maintain constant mental alertness. Routine travel to remote work locations may be required. DISCLAIMER The above statements are intended to describe the general nature and level of work being performed by personnel assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of persons so classified. Tasking is in support of a Federal Government Contract that requires U.S. citizenship. Some jobs may require a candidate to be eligible for a government security clearance, state-issued driver's license or other licenses/certifications, and the inability to obtain and maintain the required clearance, license or certification may affect an employee's ability to maintain employment. SCC: JSOP8, JCIS11, A1412TW

JT4, LLC provides engineering and technical support to multiple western test ranges for the U.S. Air Force, Space Force, and Navy under the Joint Range Technical Services Contract, better known as J-Tech II. JT4 develops and maintains realistic, integrated test and training environments and prepares our nation's war-fighting aircraft, weapons systems, and aircrews for today's missions and tomorrow's global challenges. JOB SUMMARY -- ESSENTIAL FUNCTIONS/DUTIES Provide administrative and personnel security support to the unit manager and security staff. Employee will be responsible to perform the following functions/duties: Performs the daily administrative tasks in support of the site security department Communicates with the clearance granting agency regarding status of clearances and periodic re-investigations for employees/consultants Obtains certification of existing clearance levels for employees/consultants and for prospective employees from appropriate customer/agency sponsor Issues security badges to designated employees and visitors Maintain logs and records of badges issued and related information Schedules initial, periodic and exit briefings and notifies supervisor and employee of schedule Oversees departmental coordination with employees/consultants for timely submittal of documents for initial clearances and periodic reinvestigations; fingerprint employees/consultants as required Facilitates security briefings for individuals/groups as required Provides work direction to lower level department clerical/administrative personnel Performs other related tasks as directed REQUIREMENTS -- EDUCATION, TECHNICAL AND WORK EXPERIENCE Associate's degree or equivalent military or technical school and five years specifically related work experience in the NISPOM/SAP/SCI security fields, complemented by formal training such as successful completion of the Industrial Security Management Course. Must be very knowledgeable with the rules and regulations of the National Industrial Security Program Operation Manual (NISPOM) pertaining to all aspects of security. In addition, a Security Specialist III must possess the following qualifications: Must have excellent communication skills, both written and oral Must be proficient operating personal computers using Microsoft Word, Excel, and graphics software, and possess data base management experience Must be familiar with a standard intel computer system, laminating machine and professional instamatic camera Must qualify for and maintain a government security clearance Must possess a valid, state-issued driver's license SALARY The expected salary range for this position is $53,976.00 to $81,244.80 annually. Note: The salary range offered for this position is a good faith description of the expected salary range this role will pay. JT4, LLC considers factors such as (but not limited to) responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as, market and business considerations when extending an offer. BENEFITS Medical, Dental, Vision Insurance Benefits Active on Day 1 Life Insurance Health Savings Accounts/FSA's Disability Insurance Paid Time Off 401(k) Plan Options with Employer Match JT4 will match 50%, up to an 8% contribution 100% Immediate Vesting Tuition Reimbursement OTHER RESPONSIBILITIES Each employee must read, understand, and implement the general and specific operational, safety, quality, and environmental requirements of all plans, procedures, and policies pertaining to their job. WORKING CONDITIONS This position involves work typical of an office environment with no unusual hazards. There is occasional lifting (up to 20 pounds), constant sitting and use of a computer terminal, constant use of sight abilities while writing, reviewing, and editing documents, constant use of speech/hearing abilities for routine communications. Must maintain constant mental alertness. Routine travel to remote work locations may be required. DISCLAIMER The above statements are intended to describe the general nature and level of work being performed by personnel assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of persons so classified. Tasking is in support of a federal government contract that requires U.S. citizenship. Some jobs may require a candidate to be eligible for a government security clearance, state-issued driver's license or other licenses / certifications and the inability to obtain and maintain the required clearance, license or certification may affect an employee's ability to maintain employment. SCC: JSOP8; JCIS11 #LI-JD1

JT4, LLC provides engineering and technical support to multiple western test ranges for the U.S. Air Force, Space Force, and Navy under the Joint Range Technical Services Contract, better known as J-Tech II. JT4 develops and maintains realistic, integrated test and training environments and prepares our nation's war-fighting aircraft, weapons systems, and aircrews for today's missions and tomorrow's global challenges. JOB SUMMARY -- ESSENTIAL FUNCTIONS/DUTIES Provide administrative and personnel security support to the unit manager and security staff. Employee will be responsible to perform the following functions/duties: Performs the daily administrative tasks in support of the site security department Communicates with the clearance granting agency regarding status of clearances and periodic re-investigations for employees/consultants Obtains certification of existing clearance levels for employees/consultants and for prospective employees from appropriate customer/agency sponsor Issues security badges to designated employees and visitors Maintain logs and records of badges issued and related information Schedules initial, periodic and exit briefings and notifies supervisor and employee of schedule Oversees departmental coordination with employees/consultants for timely submittal of documents for initial clearances and periodic reinvestigations; fingerprint employees/consultants as required Facilitates security briefings for individuals/groups as required Provides work direction to lower level department clerical/administrative personnel Performs other related tasks as directed REQUIREMENTS -- EDUCATION, TECHNICAL AND WORK EXPERIENCE Associate's degree or equivalent military or technical school and five years specifically related work experience in the NISPOM/SAP/SCI security fields, complemented by formal training such as successful completion of the Industrial Security Management Course. Must be very knowledgeable with the rules and regulations of the National Industrial Security Program Operation Manual (NISPOM) pertaining to all aspects of security. In addition, a Security Specialist III must possess the following qualifications: Must have excellent communication skills, both written and oral Must be proficient operating personal computers using Microsoft Word, Excel, and graphics software, and possess data base management experience Must be familiar with a standard intel computer system, laminating machine and professional instamatic camera Must qualify for and maintain a government security clearance Must possess a valid, state-issued driver's license SALARY The expected salary range for this position is $53,976.00 to $81,244.80 annually. Note: The salary range offered for this position is a good faith description of the expected salary range this role will pay. JT4, LLC considers factors such as (but not limited to) responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as, market and business considerations when extending an offer. BENEFITS Medical, Dental, Vision Insurance Benefits Active on Day 1 Life Insurance Health Savings Accounts/FSA's Disability Insurance Paid Time Off 401(k) Plan Options with Employer Match JT4 will match 50%, up to an 8% contribution 100% Immediate Vesting Tuition Reimbursement OTHER RESPONSIBILITIES Each employee must read, understand, and implement the general and specific operational, safety, quality, and environmental requirements of all plans, procedures, and policies pertaining to their job. WORKING CONDITIONS This position involves work typical of an office environment with no unusual hazards. There is occasional lifting (up to 20 pounds), constant sitting and use of a computer terminal, constant use of sight abilities while writing, reviewing, and editing documents, constant use of speech/hearing abilities for routine communications. Must maintain constant mental alertness. Routine travel to remote work locations may be required. DISCLAIMER The above statements are intended to describe the general nature and level of work being performed by personnel assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of persons so classified. Tasking is in support of a federal government contract that requires U.S. citizenship. Some jobs may require a candidate to be eligible for a government security clearance, state-issued driver's license or other licenses / certifications and the inability to obtain and maintain the required clearance, license or certification may affect an employee's ability to maintain employment. SCC: JSOP8; JCIS11 #LI-JD1

Act as a Designated Official (DO) for the Controlled Goods Program (CGP) and complete all Security Assessments - Exam and Certification through CGP required Act as an Alternate Company Security Officer (ACSO) for the Contract Security Program (CSP) supporting the initiation, review and submission of security clearance application - Certification through CSP required Understanding both CGP and CSP regulations and how they apply to data and physical access Delivery of required security and Controlled Goods (CG) briefings Completion and submission of CG exemptions for foreign visitors Processing of incoming Request for Visits (RFVs) and CG attestations in support of customers/sub-contractors visiting our sites Supporting the completion and submission of visit documentation for various programs to allow Lockheed Martin Canada Inc. (Lockheed Martin) employees to access customer/subcontractor restricted sites Completion and submission of Security Requirements Check Lists (SRCLs) for services sub-contractors Contributor in process and procedure development Manage and track all CG and security clearance expiry dates and ensure the processing of timely renewals Assist with the internal Lockheed Martin visitor management process including reviewing and approving expected visitors using online tool Support physical security as required Review data and physical access requests for security compliance and approval Provide other administrative support to the Security team including data entry, attendance logging for awareness training and digitizing of security files. Equal Opportunity Statement Lockheed Martin is committed to upholding principles of equal opportunity, fostering a work environment that is aligned with our core values of integrity, respect, and exceptional performance. We recognize the importance of leveraging the unique talents and experiences of all our employees to drive innovation, deliver superior solutions, and maximize value for our customers. Our focus is on identifying the most qualified candidate for each role, regardless of their background. If you are interested in a position, we invite you to share how your skills and perspectives could bolster our team and encourage you to apply, even if you feel your qualifications do not fully meet all the job criteria outlined in our advertisement. Furthermore, Lockheed Martin is dedicated to ensuring our recruitment process is inclusive for all individuals. We are prepared to accommodate reasonable adjustments for applicants as needed. Post secondary education 3-5 years professional experience Self-starter with strong attention to detail Familiarity with the CGP and CSP Previous experience in administrative type role Proficient with MS Word, Excel and PowerPoint Ability to multi-task Comfortable communicating with all levels of leadership Confident in navigating difficult and sensitive conversations Previous ACSO and/or DO experience would be considered an asset. About us Headquartered in Ottawa, Lockheed Martin Canada is the Canadian unit of Lockheed Martin Corporation, a global defense technology company driving innovation and advancing scientific discovery. Our all-domain mission solutions and 21st Century Security vision accelerate the delivery of transformative technologies to ensure those we serve always stay ahead of ready. We operate major facilities in Ottawa, Montreal, Halifax, Calgary and Victoria and work on a wide range of programs from advanced naval technology products, aircraft sustainment, and unmanned systems software. This position is part of the Rotary and Mission Systems business area, where employees across Canada support engineering, systems integration, training, sustainment and in-service support programs for Canadian and international military customers across land, air and sea. What we offer you We walk our talk when it comes to work/life balance! Your physical, mental and financial wellbeing matters to us. On top of working in a highly supportive, friendly, respectful environment, this is what you can expect when you join our team as a Regular Full-Time employee: Flexible, compressed work schedules, depending on business requirements, where you have the option of Fridays off, as well as the possibility to work remote part-time Competitive compensation Time to recharge with vacation, personal days, holidays, and parental leaves Comprehensive Family Medical, Dental and Vision coverage available on your first day of employment, along with: Virtual Health Care (24/7 access to medical professionals) A Wellness Spending Account to aid in your wellness journey Employee & Family Assistance Program (EFAP) which includes free face to face counselling sessions Medical Travel Insurance Onsite fitness facilities at our main office locations A Registered Retirement Savings Plan that includes matching company contributions on your first day of employment, that also includes access to Financial Advisors providing investment advice and comprehensive financial planning Employee discounts to save on goods, services and various recreational activities Access to a robust spectrum of development resources to enhance your skills and/or advance your career including: Free learning resources through a modern and engaging platform Education Assistance Program Reimbursement for a professional membership Self-directed Mentoring Controlled Goods Program

Clearance Required: Public Trust (Minimum Background Investigation - MBI) Employment Type: Full-Time Lucayan Technology Solutions is seeking an experienced Security Specialist to support the security posture of the IRS Microsoft 365 (M365) environment. This role will focus on security analysis, compliance, risk management, and protection of cloud-based services. The ideal candidate brings deep expertise in Microsoft 365 security capabilities, federal compliance frameworks, and hands-on experience supporting high-security environments in government or large enterprises. Key Responsibilities Conduct security and privacy analysis of Microsoft 365 services to ensure compliance with IRS and federal security standards. Implement, configure, and monitor M365 security controls, compliance settings, and governance policies. Support ongoing risk assessments, vulnerability management activities, and remediation efforts. Develop, maintain, and update security documentation, including policies, procedures, and incident response plans. Collaborate with technical teams, engineers, and IRS SMEs to ensure secure architecture, integration, and operation of M365 tools. Monitor security alerts, assess potential threats, and support incident response activities. Adapt quickly to IRS-specific compliance requirements, security controls, and operational processes. Required Qualifications Minimum 5 years of IT security experience, preferably supporting Microsoft 365 environments in large government or enterprise settings. Experience supporting federal government clients or similar high-security, compliance-driven environments; IRS experience preferred. Strong understanding of Microsoft 365 security, compliance, governance, and privacy features. Hands-on experience with Azure AD, Intune, Exchange Online security, and identity protection tools. Familiarity with federal cybersecurity standards and frameworks such as NIST 800-53, FISMA, and Zero Trust. Strong analytical, troubleshooting, and problem-solving abilities. Excellent communication skills and ability to coordinate security-related activities with cross-functional teams. Security Clearance & Training Requirements Must have or be able to obtain a Public Trust (MBI) clearance. Must complete all IRS-required security, privacy, and compliance training. Must comply with federal cybersecurity guidelines and organizational security protocols. Preferred Qualifications Experience supporting IRS programs or IRS modernization efforts. Certifications such as: CISSP, CISM, Security+ Microsoft Certified: Security Operations Analyst Microsoft 365 Certified: Security Administrator Experience with incident response, threat analysis, and security automation. Knowledge of cloud governance and compliance tooling across Microsoft 365 and Azure. Work Environment Fully remote position with collaboration across distributed technical and security teams. Must be comfortable working in a compliance-focused federal environment. Occasional after-hours support may be required for incident response, maintenance windows, or urgent security issues. Requires strong attention to detail, documentation discipline, and adherence to IRS and federal security standards.

Who Are We? Decentralized Masters is at the forefront of DeFi education globally. In just two years, we have grown from a pioneering pair of co-founders to over 130 dedicated professionals. Today, we are recognized as one of the fastest-growing enterprises in the sector, with industry insiders predicting our evolution into a unicorn company by 2030. Operating on a bootstrapped model, we are on track to achieve an impressive $50 million in revenue this year alone. Our Impact While our growth has been remarkable, we take even greater pride in the success of our clients. To date, we have empowered over 4000 investors to break into the DeFi world. At Decentralized Masters, we don't just offer education; we cultivate a powerhouse of knowledge combined with an engaging community, innovative technology, and a team of leading DeFi and blockchain experts. Our commitment is to deliver unparalleled resources designed for long-term success in the world of DeFi and Web3, ensuring our members not only safeguard but also enhance their financial future. Our Vision Our goal is to create the largest and most influential DeFi ecosystem the world has ever seen, starting with becoming the gold standard in DeFi education. This vision is ambitious, transformative, and poised to change the landscape of digital finance. Are You Ready? This is more than just a job; it's an opportunity to shape the future of Web3 technology and education. Are you ready to be part of our vision to redefine what's possible in DeFi and beyond? Apply below, and let's explore this journey together. Check us out here: ****************************** What will you be doing? We are seeking a Security Specialist to develop, maintain, and continuously improve the security infrastructure across Decentralized Masters and our new SaaS venture. This role focuses on operational security, data protection, risk prevention, and proactive threat mitigation. You'll work cross-functionally with engineering, data protection, compliance, operations, and product teams to ensure the confidentiality, integrity, and availability of our systems, data, and customer assets. This is a hands-on role, ideal for someone who thrives in a fast-moving, high-ownership environment. Key ResponsibilitiesOperational & Technical Security Monitor, analyze, and respond to security events across systems, cloud environments, applications, and internal tools. Implement and manage SIEM, IDS/IPS, endpoint protection, vulnerability scanners, and logging infrastructure. Conduct regular vulnerability assessments and coordinate remediation with engineering teams. Oversee secure configuration baselines for infrastructure, servers, cloud accounts, and internal systems. Implement and enforce Data Loss Prevention (DLP) policies, tools, and controls to prevent unauthorized data transfers, including hands-on work with data classification and monitoring systems. Perform detailed data flow mapping to understand how customer data moves across internal systems, SaaS apps, APIs, and third-party integrations. Cloud Security Secure cloud environments (AWS preferred) including data at rest and in transit using encryption and cloud-native security tools. Manage cloud access policies, network segmentation, secrets management, and continuous monitoring. Risk Management & Compliance Support compliance frameworks including GDPR, SOC 2, ISO 27001, and crypto-specific security standards as required. Develop and maintain internal security policies, procedures, and security controls. Partner with the Data Protection & Information Security Officer to ensure alignment across security, privacy, and data governance. Access & Identity Management Serve as the Access & Control Monitoring expert, managing IAM, RBAC policies, least-privilege access, MFA, and anomaly detection systems. Perform regular access reviews, privilege audits, and segregation-of-duty checks. Maintain strong audit logging practices and monitoring of access behavior. Security Awareness & Culture Deliver training, simulations, and internal education to strengthen internal security awareness. Lead phishing simulation programs and social engineering prevention initiatives. Incident Response Lead the incident response process: detection, escalation, containment, investigation, and post-incident review. Maintain and improve the incident response playbook; run annual and quarterly tabletop exercises. Secure Development & SaaS Security (Bonus) Collaborate with engineering teams to embed secure-by-design practices into our SaaS products. Conduct application security reviews, threat modeling, and code analysis (bonus). Contribute to architecture decisions for new features and infrastructure. Requirements What You Will BringMust-Have 3+ years of experience in cybersecurity, information security, or security operations. Hands-on experience with Data Loss Prevention (DLP) tools and data classification frameworks. Strong data flow mapping expertise with the ability to trace data across systems, integrations, and APIs. Solid understanding of cloud security concepts, encryption, and cloud-native security tools (AWS preferred). Expertise in IAM and Access Control Monitoring, including least-privilege models, RBAC, MFA, and anomaly detection. Familiarity with audit logging, SIEM tools, vulnerability management, and endpoint security. Experience with incident response processes and playbooks. Strong understanding of MITRE ATT&CK, threat actors, and common attack vectors. Working knowledge of compliance standards such as GDPR, SOC 2, and data protection regulations. Excellent communication skills and the ability to collaborate with technical and non-technical teams. Nice-to-Have Experience working in fintech, blockchain, or DeFi environments. Familiarity with cryptographic concepts, wallets, smart contracts, or key-management practices. Certifications such as Security+, CySA+, GSEC, GCIH, OSCP, CCSP, or similar. Experience automating security workflows using scripting languages. Exposure to ISO 27001, SOC 2 Type II audits, or similar security frameworks. Benefits What We Offer Competitive salary package Flexible 40-hour workweek Unlimited PTO and flexible work schedules Team off-sites and events Fully remote work setup - join our global team from anywhere! Are You Ready? This is more than a job; it's an opportunity to shape the future of Web3 education and finance. If you're a visionary leader ready to drive our mission and help us achieve unicorn status, we want to hear from you. Apply now to join us in redefining what's possible in DeFi and beyond.

ASSOCIATE SECURITY SPECIALIST - REMOTE ARC Group has an immediate opportunity for an Associate Security Specialist! This position is 100% remote working eastern time zone business hours. This is starting out as a contract position running through February 2025 with strong potential to extend longer or convert to FTE. This is a fantastic opportunity to join a well-respected organization offering tremendous career growth potential. At ARC Group, we are committed to fostering a diverse and inclusive workplace where everyone feels valued and respected. We believe that diverse perspectives lead to better innovation and problem-solving. As an organization, we embrace diversity in all its forms and encourage individuals from underrepresented groups to apply. 100% REMOTE! Candidates must currently have PERMANENT US work authorization. Sorry, but we are not considering any candidates from outside companies for this position (no C2C, 3rd party / brokering). Job Description: Accountable for activities that ensure all users in the organization have the appropriate levels of access to applications, systems and data resources. Evaluates and maintains procedures to safeguard information systems assets from intentional or inadvertent access or destruction. Ensures compliance with Security regulations and laws. Recommends and implements changes to enhance security controls and prevent unauthorized access. Essential functions: Performs a lead role in promotion of security awareness programs, assessing gaps and implementing solutions. Responsible for the end-to-end completion of security requests. Provisions user security roles and manages security groups across systems, platforms, databases, applications, servers, directors and folders. Analyzes existing role structures to improve and streamline structures, security administration and improve end-user experience. Responsible for highly sensitive security access for outsourced vendors and ensuring compliance with policy, regulations and contractual requirements. Accountable for highly sensitive emergency processes. Creates or maintains application scripts and uses application specific tools to create or manage application security. Tracks and documents security issues and requests, actively monitors work queue. Plans, coordinates, communicates, tests and implements audits ensuring that access entitlements are appropriate for job requirements. Creates and coordinates completion of detailed security reports to fulfill audit, management or business owner requirements. Accountable for follow-up of all security work requests including collaborating with other IT areas to ensure timely completion/resolution and obtainment of appropriate approval levels. Interfaces with users to understand new capabilities, implement procedures, ensure security procedures have been communicated properly and are being adhered to. Provides input to drive process improvements. Works closely with business areas and IT partners on troubleshooting, pre-implementation activities and to assess application security. Maintains and creates operational procedures and maintains Security Knowledge Base. Performs system monitoring activities, identification and evaluation of security threats, breaches and vulnerabilities. Responds to security alerts. Responsible for on-call release support. Acts as lead liaison for internal and external audit requests and activities. Leads remedial activities as the result of audit findings. Defines scope of operational initiatives and adjusts priorities to support workload. Provides subject matter expertise, leadership and guidance to work teams and end users on security policies, standards and procedures and processes. Investigates business processes to understand and implement security requirements weighing business needs and security risks and resolving issues. Researches solutions works with vendors to enhance Security Monitoring Program. Coordinates and documents exceptions to security policy as directed by the Exception Governance Team. Develops training content as needed. Job Duties: In-depth knowledge of Information Technology field and computer systems Must have advanced security knowledge of the organization's existing platforms, systems, databases, and application security and are able to handle most regular issues independently. Advanced analytical thinking, problem solving, quantitative analysis ability. Must have an advanced understanding of Information Security concepts, protocols, industry best practices, and regulatory requirements. Must have advanced proficiency with RACF, TSO and tools used to administer security on the mainframe Must have advanced proficiency with Active Directory groups and user accounts, Windows folder structures and folder security. Proficiency with Windows skills are required, e.g., Windows Explorer, Word, Excel, PowerPoint, Outlook, etc. Must have advanced proficiency of UNIX/Linux security and tools used to administer security in these environments Must have advanced proficiency of LDAP groups and user accounts and tools used to administer security in this environment Must have advanced proficiency with database security and tools used to administer security within the various databases, e.g., UDB, DB2, SQL and Oracle Must demonstrate expertise with security management tools Works without daily supervision to meet customer expectations High critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy Experience using Agile methodology specific tools, languages and specialty skills may vary Our ideal candidate would be someone with experience provisioning access using Microsoft Active Directory, IBM Mainframe TSO, Unix / RIG, Oracle, SQL, PowerShell, and experience with Cloud IAM Security such as Azure IAM, Azure Active Directory environment, and Microsoft Azure Access Controls, basic understanding of Microsoft Security Services (e.g., Microsoft Defender for Identity, Azure Information Protection, Microsoft Cloud App Security), and understanding of Oracle Identity Cloud offering Required Experience: 2+ years of relevant work experience Preferred Education: Bachelor's degree in a related field Required Education: HS diploma or GED Would you like to know more about our new opportunity? For immediate consideration, please apply online and view all our open positions at ******************* ARC Group is a Forbes-ranked a top 20 recruiting and executive search firm working with clients nationwide to recruit the highest quality technical resources. We have achieved this by understanding both our candidate's and client's needs and goals and serving both with integrity and a shared desire to succeed. At ARC Group, we are committed to providing equal employment opportunities and fostering an inclusive work environment. We encourage applications from all qualified individuals regardless of race, ethnicity, religion, gender identity, sexual orientation, age, disability, or any other protected status. If you require accommodations during the recruitment process, please let us know. Position is offered with no fee to candidate.

About Extend: Extend is revolutionizing the post-purchase experience for retailers and their customers by providing merchants with AI-driven solutions that enhance customer satisfaction and drive revenue growth. Our comprehensive platform offers automated customer service handling, seamless returns/exchange management, end-to-end automated fulfillment, and product protection and shipping protection alongside Extend's best-in-class fraud detection. By integrating leading-edge technology with exceptional customer service, Extend empowers businesses to build trust and loyalty among consumers while reducing costs and increasing profits. Today, Extend works with more than 1,000 leading merchant partners across industries, including fashion/apparel, cosmetics, furniture, jewelry, consumer electronics, auto parts, sports and fitness, and much more. Extend is backed by some of the most prominent technology investors in the industry, and our headquarters is in downtown San Francisco. What You'll Do: Serve as a core member of Security Operations, monitoring and triaging alerts from platforms such as SentinelOne and Wiz. Perform end-to-end investigations to identify, contain, and remediate threats and incidents, driving timely, appropriate response. Proactively identify and assess vulnerabilities in infrastructure and code, working with development and other cross functional teams to address issues. Contribute to the end-to-end detection lifecycle: model attacker behaviors (MITRE ATT&CK), write and test detections as code across security programs and tooling (SentinelOne, Wiz, Okta, AWS CloudTrail), and continuously enrich to reduce false positives and improve MTTD. Support data quality and telemetry onboarding, maintain response playbooks, and provide threat validation assistance across the business. Assist teams with the application of secure configuration baselines and best practices in accordance with CIS Benchmarks, NIST, vendor hardening guides, and applicable compliance standards across all company computing assets. Correlate endpoint and infrastructure telemetry to identify emerging threats. Curate and operationalize intelligence (IOCs, TTPs) into detections and response playbooks, and maintain vetted intelligence feeds. Assist GRC initiatives by mapping controls to internal policies and frameworks (e.g., SOC 2, NIST CSF, NYC DFS 500), identifying gaps, supporting audits and evidence collection, tracking remediation, and maintaining policies and control documentation. Work with engineering and business teams to champion security best practices, communicate risks to accountable owners, and assist with mitigation planning and execution. What We Are Looking For: 3+ years experience in a Security Analyst / Security Operations role 3+ years experience with AWS CloudFormation, or other infrastructure-as-code systems (like Terraform) 3+ years experience or certification in AWS serverless technologies (API Gateway, Lambda, S3, DynamoDB) Certifications (one or more preferred): CISSP, CCSP, GIAC (GCIH/GCIA/GMON/GCED/GCFA/GREM), cloud security (AWS or cloud agnostic security specialty) or equivalent experience. Proficiency with hands on management and use of SIEM, CNAPP, EDR, Vulnerability Management tooling, and Detection Engineering strategies. Proficiency with AI technologies and the corresponding threat landscape and strategies for mitigation. Understands agentic workflows such as AWS Bedrock, MCP based workflows (or similar technologies) Working Knowledge of best practices around security roles and responsibilities for AWS IAM Experience working with observability services and tooling (including Coralogix, CloudWatch, OpenTelemetry) Ability to perform in a high energy environment with dynamic job responsibilities and priorities Nice to Haves: Experience with AWS Cloud Development Kit(CDK) Experience with Mastra AI Expected Pay Range: $157,000 - $182,000 per year salaried* * The target base salary range for this position is listed above. Individual salaries are determined based on a number of factors including, but not limited to, job-related knowledge, skills and experience. Life at Extend: Working with a great team from diverse backgrounds in a collaborative and supportive environment. Competitive salary based on experience, with full medical and dental & vision benefits. Stock in an early-stage startup growing quickly. Generous, flexible paid time off policy. 401(k) with Financial Guidance from Morgan Stanley. Extend CCPA HR Notice

Oportun (Nasdaq: OPRT) is a mission-driven fintech that puts its members' financial goals within reach. With intelligent borrowing, savings, and budgeting capabilities, Oportun empowers members with the confidence to build a better financial future. Since inception, Oportun has provided more than $19.7 billion in responsible and affordable credit, saved its members more than $2.4 billion in interest and fees, and helped its members save an average of more than $1,800 annually. Oportun has been certified as a Community Development Financial Institution (CDFI) since 2009. WORKING AT OPORTUN Working at Oportun means enjoying a differentiated experience of being part of a team that fosters a diverse, equitable and inclusive culture where we all feel a sense of belonging and are encouraged to share our perspectives. This inclusive culture is directly connected to our organization's performance and ability to fulfill our mission of delivering affordable credit to those left out of the financial mainstream. We celebrate and nurture our inclusive culture through our employee resource groups. POSITION OVERVIEW The Security GRC Specialist, Audit & Assurance is responsible for leading Oportun's audit readiness and assurance initiatives across security and compliance programs. This role will oversee execution and continuous improvement of control frameworks supporting SOC 2, PCI DSS, and partner assurance programs, ensuring alignment with Oportun's compliance strategy and regulatory expectations. The ideal candidate will serve as a subject matter expert in security controls, evidence management, and audit coordination using AuditBoard and Microsoft Office Suite. Experience with FTC Safeguards, SOC 1, or SOX programs is beneficial but not required. This role partners closely with internal teams, external auditors, and business stakeholders to maintain a robust and transparent compliance posture. RESPONSIBILITIES • Lead the planning, coordination, and execution of internal and external audits across SOC 2, PCI DSS, and partner assurance programs. • Maintain Oportun's control framework within AuditBoard, ensuring timely updates, documentation accuracy, and evidence completeness. • Collaborate with control owners and cross-functional teams to prepare audit artifacts, track remediation activities, and communicate progress to leadership. • Develop and refine audit procedures, evidence collection methodologies, and reporting standards using Microsoft Excel, PowerPoint, and SharePoint. • Support development and maintenance of policies, standards, and procedures aligned to regulatory and industry frameworks (NIST CSF, ISO 27001, AICPA/SOC, PCI DSS). • Conduct internal readiness assessments and gap analyses to proactively identify compliance risks and improvement opportunities. • Manage auditor and partner requests, providing timely and professional responses. • Serve as a mentor and escalation point for junior GRC analysts. REQUIREMENTS • Bachelor's degree in Information Systems, Cybersecurity, Business, or related field. • 6-8 years of experience in IT audit, security governance, risk, and compliance, or related functions. • Hands-on experience supporting or leading SOC 2 and PCI DSS audits. • Proficiency with AuditBoard, Microsoft Office (Excel, Word, PowerPoint), and collaboration tools. • Strong understanding of information security frameworks (NIST, ISO 27001, AICPA/SOC, PCI DSS, FTC). • Excellent written and verbal communication skills, with the ability to translate technical topics into business terms. • Proven ability to manage multiple concurrent audits or assurance initiatives in a dynamic environment. Preferred • Certifications such as CISA, CIA, CRISC, or CISSP. • Experience coordinating SOC 1, FTC Safeguards, or SOX ITGC programs. • Experience in the financial services or fintech industry. • Demonstrated ability to build relationships across technical and non-technical teams. LEVEL VALIDATION: A7 (Specialist / Lead) Aligned to Oportun's Professional & Management Global Level Criteria: • Recognized for specialized depth in GRC and audit frameworks. • Leads complex audit initiatives with limited guidance. • Decisions have cross-functional impact on compliance and risk posture. • Provides guidance and mentorship to junior staff. The US base salary range for this full-time position is $114,500 - $183,200. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects a national minimum and maximum range for new hire salaries for this position. Within this range, individual pay is determined by work location and additional factors, such as job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range that meets your criteria during the hiring process. Please note that the compensation range listed in this posting reflects only the base salary for this position and does not include other compensation elements or benefits. #LI-REMOTE #LI-RR1 We are proud to be an Equal Opportunity Employer and consider all qualified applicants for employment opportunities without regard to race, age, color, religion, gender, national origin, disability, sexual orientation, veteran status or any other category protected by the laws or regulations in the locations where we operate. California applicants can find a copy of Oportun's CCPA Notice here: ******************************************************* We will never request personal identifiable information (bank, credit card, etc.) before you are hired. We do not charge you for pre-employment fees such as background checks, training, or equipment. If you think you have been a victim of fraud by someone posing as us, please report your experience to the FBI's Internet Crime Complaint Center (IC3).

Personnel Security Specialist II (PSS) - Adjudicator "Fully Remote in the US" About Us: Do you want to make a difference? Do you want to join a diverse team supporting a unifying mission? PSI is always looking to enhance its staff with professional, talented individuals. PSI is willing to sponsor candidates for Top Secret Clearance (for specific jobs that require it) Culture PSI's success is driven by our motto "People First, Mission Always." We put people first, and this starts with our team members. We treat everyone on our diverse team with respect, and we work hard to ensure everyone's success by providing leadership, training, mentorship, and development opportunities. Our competitive benefits and culture of integrity, professionalism, and excellence attracts top talent in the industry. Missions Together with our federal partners, PSI is engaged in protecting critical assets by investigating and adjudicating personnel for secure and sensitive programs, protecting the resiliency of the Nation's essential infrastructure, and supporting the safe placement of unaccompanied refugee minors. We support the mission of our customers through trusted partnerships and by creating tailored solutions that meet their needs and overcome the challenges created by the ever-evolving landscape. Workforce Diversity PSI has achieved and maintains one of the most diverse workforces in the country. 56% of our workforce is ethnically diverse and 53% of our workforce are women. This extends to our leadership team as well. 56% of our leadership team is ethnically diverse and 50% of our leadership team are women. At PSI, we do not talk about doing the right thing, we just do it. About the role: This individual supports the Office of Security Services, Personnel Security Operations Branch providing administrative and technical support for a staff engaged in personnel security and suitability operations and assuring the implementation and compliance with security and suitability programs, policies, and requirements. In addition, this position is responsible for first-level adjudicative recommendations on both interim and final decisions, as well as quality review of work products of lower-level specialists and assistants. Responsibilities: Validates the need for investigation by conducting a check of the OPM CVS. Establishes, reviews, and monitors background investigation accounts, and information in the DCSA NBIS eApp system. Identifies where reciprocity may be accepted in processing based on PERSEC community and client policies. Initiates background investigations at the correct tier based on the risk/sensitivity level of the position in the DCSA NBIS eApp system. Creates security and/or suitability files for applicants or contractors; organizes records; maintains files; and collates documents in support of the client background investigation process. Utilizes the GSA USAccess system to sponsor individuals for HSPD-12 PIV credentials to grant logical and physical access to client facilities and allow enrollment of fingerprints for criminal history records checks. Subject to review by client personnel, and pursuant to protocols and processes approved by client personnel, the individual's specific duties are as follows: Conducts pre-employment inquiries as necessary to resolve issues. Contacts other personnel security operations and documents the reason for a "please call" designation in CVS. Conducts status checks on background investigations utilizing the automated OPM Personnel Investigations Processing System (PIPS). Assists in training staff. Reviews the entire case file and makes a suitability/fitness recommendation based on the criteria found in the OPM Suitability Processing Handbook. Reviews all required documentation to ensure they are complete and accurate and that the information in all documents and case papers, hard copy or electronic, meets OPM standards for case scheduling. Conducts telephone and written inquiries in accordance with the Privacy Act of 1974. Conducts Subject contact in accordance with the Privacy Act of 1974 and obtains written statements when required. Conducts post-investigation follow-up necessary for issue resolution and adjudication. Utilizes case management systems to document adjudicative recommendations as appropriate. Completes adjudicative recommendations within established time frames. Drafts correspondence in the form of Letters of Interrogatory, Adjudicative Worksheets, and Notices of Proposed Action. Conducts inventory and quality checks on pending Report of Investigation (ROI). Reports results of adjudication as required by client internal policy. Must have applied knowledge of GSA PIV card processing system, USAccess. Must have applied knowledge of Trusted Workforce. Qualifications/Requirements: A minimum of two years of experience in adjudication rendering suitability and fitness recommendations on behalf of the Federal Government. Have successfully completed formal training in suitability adjudications towards adjudicator certification in compliance with National Training Standards established by OPM. Conducted first and second level and/or quality review of others making suitability or fitness recommendations. Experience conducting and interpreting database checks and credit reports. Three to four years of experience providing professional and competent customer service, working with customers by phone, by email, and in person. Ability to pay strict attention to detail to ensure data errors are minimized. Ability to apply analytical security processes and procedures with assigned tasks in a timely manner or as requested. Ability to perform and adapt in a high tempo, fast paced and fluid security environment. Experienced in the adjudication of complex and multi-issue cases. Proficiency with MS Office Suite applications including Word, Excel, Outlook and PowerPoint. Demonstrated ability to effectively communicate both orally and in writing to elicit detailed information from a variety of sources necessary to evaluate an individual's conduct and character. Demonstrated practical knowledge of commonly applied personnel security and suitability principles, concepts, and methodologies in carrying out a variety of support assignments. Ability and willingness to learn the basic functions and operations of all systems associated with personnel security processing. Must possess and demonstrate an applied knowledge of utilizing the General Services Administration USAccess system to sponsor individuals for HSPD-12 PIV credentials to grant logical and physical access to client facilities and allow enrollment of fingerprints for criminal history records checks. Must possess a favorably adjudicated background investigation completed within the last five years at the BI, Tier 4 level or SSBI, Tier 5 level; and be able to maintain the favorable result throughout employment on the contract. Company Benefits/Perks: Medical HSA + HRA Goodrx Telemedicine Dental Benefits Vision Benefits Basic and Voluntary Life and Ad&D Disability Products Employee Assistance Program 401(K) Retirement Plan Commuter Benefits Financial Advisor Tuition Assistance EEO Statement: We are an equal opportunity employer. All qualified applicants will be considered without discrimination based on race, color, religion, sex, national origin, age, disability, or protected veteran status. Employment offers will be contingent on passing a pre-employment drug screen.

OppFi is a leading tech-enabled digital finance platform that works with banks to provide financial products and services for everyday Americans. Through a transparent and responsible platform, which includes financial inclusion and excellent customer experience, the Company supports consumers who are turned away by mainstream options to build better financial health. We are a team of caring, innovative, and inclusive individuals who thrive in being immersed in diverse talents, expertise, perspectives, and backgrounds. Our employees approach every new challenge with an unparalleled ability to see what could be rather than settle for what is. Our business principles guide us and create an open and collaborative culture where we improve 1% every day, and the best ideas always win! We welcome individuals who want to make an impact in the financial system by facilitating credit access, expanding financial inclusion, promoting financial health, and delivering exceptional customer service. A few other fun facts about us. OppFi is one of the top consumer-rated financial platforms online, maintaining a 4.5/5.0-star rating on Trustpilot. We are a 2025 Crain's Fast 50™ company and were named on Built In's 2025 Best Places to Work in Chicago. Senior Security Analyst III As Senior Information Security Analyst III, you will be a key contributor to our day-to-day security operations, assisting with threat monitoring, incident triage, vulnerability remediation, and GRC activities. This role is an excellent opportunity for someone with security experience who is eager to grow their skills in risk management, cloud environments and security best practices. You will work closely with senior team members and various OppFi internal teams to ensure our environment maintains security, visibility, and compliance standards. What you get to do: Information Security Risk Management: Own the security review and assessment process evaluating the risk associated with introducing new applications/tools into the environment. Assist with security risk management activities, including the analysis, quantification, and tracking of information security risks, plus the review and documentation of risk exception requests. Policy and Compliance Analysis: Identify emerging compliance requirements and assess their impact on our policies. Develop and refresh our policies, procedures, standards, and guidelines to stay compliant and aligned with industry best practices. Governance Visibility: Design and maintain dynamic dashboards or scorecards that offer clear insights into Information Security Governance activities, demonstrating our commitment to security and compliance. Security Operations & Incident Support Monitor security alerts from various tools (SIEM, EDR, cloud logs) and support the triage of potential security incidents by gathering initial data and escalating to senior engineers as needed. Assist in the execution of security incident response playbooks, focusing on initial steps like investigation, basic containment, and documentation. Contribute to the documentation and tracking of security incidents to support audit and compliance requirements. Support the monitoring and logging strategy by assisting with the configuration and tuning of SIEM (Security Information and Event Management) alerts and reports. Perform regular log review and analysis for suspicious activities under the guidance of senior staff. Improvement & Collaboration Contribute to the development and maintenance of operational playbooks and documentation for security processes. Learn to deploy and manage new security tools and assist in the development of basic threat detection logic. Develop basic security performance metrics and assist with reporting to measure the effectiveness of security controls. Performs other related duties as assigned. What you will bring to the team: 3-5 years of professional experience in Information Security or IT Risk Management, with a background supporting IT compliance programs to meet regulatory requirements and demonstrated expertise in at least one of the following areas: Security Operations, Incident Response, or Vulnerability Management. Experience with Security and control frameworks, such as FFIEC, NIST, COBIT, ITIL, and ISO control framework EDR platforms (e.g., CrowdStrike, Defender for Endpoint, SentinelOne) SIEM/SOAR tools (e.g., Sumo Logic, Splunk, Chronicle, or Azure Sentinel) CSPM tools (e.g., Wiz, Prisma, Orca) Vulnerability management platforms (e.g., Qualys, Tenable, Rapid7) Experience identifying potential IT controls risks and opportunities through and offering sustainable recommendations that address cause rather than symptoms Experience with information security standards, best practices for securing computer systems within applicable laws and regulations Experience with Governance Risk & Compliance (GRC) tools and procedure development Solid understanding of common attack techniques (MITRE ATT&CK), incident triage, and remediation workflows. Foundational knowledge of AWS (Amazon Web Services) or other cloud environments. Basic understanding of networking, operating systems (Linux/Windows), and common security principles (e.g., least privilege, defense-in-depth). Familiarity with automation frameworks or API integrations for security tools. Strong written communication skills necessary for developing clear, concise procedures and playbooks, coupled with effective verbal skills for communicating technical findings. Experience building dashboards and metrics for leadership visibility. Strong analytical and problem-solving skills with a keen attention to detail and a desire to learn quickly. Bachelor's degree in Cybersecurity, Computer Science, or equivalent experience. Certifications such as CompTIA CySA+, GCIH, GCIA, GMON, GCDA, GSOC, or CISSP associate are preferred. Experience working in a regulated industry (financial services or health care) Reports to: Manager, Security Operations Total Rewards and Benefits: At OppFi, we are committed to fostering a fair and equitable workplace. The compensation range for this role reflects our good faith compensation estimate for this position. Final offers are determined based on a myriad of factors including, but not limited to experience, skills, qualifications, and other relevant business considerations. Candidates are encouraged to discuss compensation expectations during the hiring process. In addition to base pay, the total compensation package includes eligibility and potential for performance-based bonuses and equity grants dependent upon the role and job level. OppFi offers a flexible, remote environment, 401(k) matching program, and generous paid time off. Other benefits include medical, dental, and vision coverage, and tuition reimbursement. Additional benefits include DoorDash DashPass, Figo pet insurance, Rocket Lawyer, and access to LinkedIn Learning. OppFi also offers Fringe, a lifestyle benefits platform that allows employees to decide how to spend rewards from dozens of vendors like Uber, DoorDash, and UrbanSitter. #LI-Remote Compensation Range:$102,400-$153,600 USD EEO Statement: OppFi is an equal opportunity employer and does not discriminate based on any actual or perceived legally recognized protected bases under local, state, federal law, or regulations. Our goal as a company is to build an equitable workplace that actively works to dismantle systems of oppression in our processes, procedures, and interactions. We aim to help our employees thrive where they work and beyond. Check out our Culture page here. As part of OppFi's commitment to providing equal opportunity to qualified individuals, OppFi will ensure that persons with disabilities are provided reasonable accommodation as defined by applicable laws and organizational policies. If reasonable accommodation is needed to participate in the job application or interview processes or job requirements, please contact our People Team at ********************. Pursuant to the requirements of the California Consumer Privacy Act, OppFi is providing the "OppFi California Employee Privacy Policy", which details the categories of personal information collected and your rights under the policy. If you are a California resident, please review the policy here: ******************************* The information in this document is for general informational purposes only. It is not intended to be an all-inclusive list or description of the organization and its requirements for positions and employees. OppFi reserves the right to modify or change the information on this document at its discretion.

True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that said outcomes begin and end with our people, and that is what we have built, a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top tier services to our customers. In 2023, True Zero was recognized as a “Best Places to Work” in two categories ("Prosperous and Thriving" ($5MM - $50MM in gross revenue) and "Mid-Atlantic Region" (DC, DE, MD, NC, VA, WV)) and in 2022, was recognized as one of Inc. Magazine's Top 5000 Fastest Growing Companies. Job Summary: TZT is seeking a highly skilled and experienced Security Operations Center (SOC) Program Manager to join our team. As a SOC Program Manager, you will be responsible for overseeing the successful implementation and management of Security Operations Centers (SOCs) and Information Technologies (IT) projects. This is a critical role that requires a strong understanding of SOC operations, information security principles, and Splunk architectures (or alternate Splunk experience). As a TZT consultant, the candidate will receive access to the full knowledge base which is driven by the True Zero community as well as the technical backing of the entire PS team. True Zero encourages collaboration and growth through information sharing and knowledge workshops. The candidate will also have access to our internal Slack channel to stay connected with the team as well as the necessary tools to train, demo, test and grow their professional skills.SOC Manager Responsibilities Manage end-to-end program delivery for Security Operations Centers and Information Technologies projects. Define, manage, and monitor project scope, goals, deliverables, and projct status in collaboration with stakeholders Develop and maintain project plans, schedules, and budgets. Coordinate and collaborate with cross-functional teams to ensure project objectives and deliverables are met. Provide guidance and mentorship to project teams to drive successful project execution. Monitor project progress, identify risks and issues, and implement mitigation strategies. Facilitate effective communication between project stakeholders, including technical and non-technical audiences. Ensure adherence to project management best practices and industry standards. Conduct regular project status meetings and provideaccurate reporting to senior management. Manage SOC resources, establish SOC staffing/shift plans, identify/manage analyst tasks, provide status reporting and escalation to senior leadership SOC PM Requirements Bachelor's degree in Computer Science, Information Systems, or a related field (or equivalent experience). Proven experience (5+ years) in program management for Security Operations Centers and Information Technologies projects. Strong knowledge and understanding of SOC operations, information security principles, and best practices. Proficiency in Splunk architecture or alternate Splunk experience. Excellent project management skills, including the ability to prioritize tasks, manage resources, and meet deadlines. Solid understanding of project management methodologies and frameworks. Exceptional communication and interpersonal skills, with the ability to effectively engage with stakeholders at all levels. Strong analytical and problem-solving abilities. Project/program management and/or technical certifications, such as PMP, CISSP, or CISM are highly desirable. Proven experience in leading and managing complex cybersecurity projects. Familiarity with other security technologies and tools, such as SIEM, IDS/IPS, and vulnerability management. Experience in managing and mentoring project teams, ensuring high performance and accountability. Knowledge of regulatory compliance frameworks, such as GDPR, HIPAA, or PCI DSS. Ability to adapt to changing priorities and thrive in a fast-paced, dynamic environment. Strong leadership skills and the ability to influence and motivate team members. Attention to detail and a commitment to delivering high-quality results. U.S. Citizenship is required as this is in support of a Federal Customer. We're actively searching for talented security and technology practitioners who are ready to experience the True Zero difference. As a True Zero team member, you'll enjoy: - Competitive salary, paid twice per month- Best in class medical coverage- 100% of medical premiums covered by True Zero- Company wide new business incentive programs- Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)- 3 weeks of PTO starting + 11 Paid Holidays Annually- 401k Program with 100% company match on the first 4%- Monthly reimbursement of Cell Phone and Home Internet costs- Paternity/Maternity Leave- Investment in training and certifications to broaden and deepen your technical skills

Make a difference here. UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams. By creating continuously optimized identification, detection, and resilience from today's dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India. UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams. UltraViolet Cyber is seeking a technically proficient, process-driven Manager to lead our Shared Services team. This role oversees a group of Security Analysts responsible for maintaining the quality, integrity, and availability of client environments during incident handling and investigations. The Manager will develop operational strategies, implement innovative security technologies, and coordinate timely, effective responses to emerging threats and incidents. This role blends leadership and hands-on technical expertise to ensure we have a world class analyst and operations. What You'll Do: Lead day-to-day SOC operations including monitoring, detection, analysis, and incident response. Develop and maintain SOC policies, procedures, and playbooks aligned with frameworks MITRE Oversee deployment, tuning, and optimization of SIEM, SOAR, IDS/IPS, EDR, and threat intel platforms. Coordinate cross-functional incident response and lead post-incident reviews. Work with IT, legal, compliance, and business units to align with risk management goals. Monitor emerging threats and adjust defenses and strategies proactively. Recruit, mentor, and develop SOC staff, fostering continuous improvement. Prepare and present SOC performance, threat landscape, and risk posture to internal and external stakeholders Define and track KPIs and metrics to measure the effectiveness of the team Use automation and scripting (e.g., Python, KQL, PowerShell) to enhance detection efficiency What You've Done: US Citizenship is Required 7+ years in cybersecurity with at least 2+ years in leading and mentoring teams Ability to communicate complex cybersecurity issues to both technical and non-technical stakeholders 3+ years of experience with dark web, OSINT tools Proficiency with SIEM, EDR, and cloud-native security tools (e.g., Sentinel, Splunk, Defender, Elastic, CrowdStrike). Hands-on experience scripting in Python, Bash, KQL, PowerShell, or similar languages. Ability to work with Linux, including command line for analysis of large datasets. Ability to communicate complex cybersecurity issues to both technical and non-technical stakeholders Excellent written and verbal communication skills, including the ability to brief executives on complex technical issues. Ability to work under pressure and manage multiple priorities in a fast-paced environment Preferred Education and Certifications: Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience). Industry certifications such as GCTI, GCFA, GCIA, GREM, or OSCP. What We Offer: 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment) Group Term Life, Short-Term Disability, Long-Term Disability Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness Participation in the Discretionary Time Off (DTO) Program 11 Paid Holidays Annually UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors. We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable. UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status. If you want to make an impact, UltraViolet Cyber is the place for you!

BlackCloak's mission is to protect corporate executives and high-profile individuals in their personal lives, mitigating risks to their families, companies, reputation, and finances. We defend our clients' digital lives from hackers, privacy leaks, and identity theft. If you are passionate about helping to protect others, then keep reading - this may be your next great opportunity. Ready to be on the front lines of cybersecurity? BlackCloak is looking for a sharp and proactive Security Analyst to join our team. In this role, you'll be the first responder, monitoring and triaging security alerts from a variety of sources and leading the charge on security incidents. You'll play a critical part in our continuous compliance program, help develop our threat detection capabilities, and analyze emerging threats. If you're passionate about protecting against cyber threats and thrive in a fast-paced environment, we want to hear from you.What You Will Do Monitor and triage security alerts from a variety of sources including SIEM (SecOps, Sentinel), EDR (SentinelOne, CrowdStrike) and cloud security platforms like Wiz, Orca. Serve as a primary responder for security incidents, executing the incident response lifecycle from initial detection and containment to eradication and recovery. Support development of threat detection library, including incorporating threat intelligence, tuning within security tools, and SOAR response actions. Maintain and draft SOP's and supporting documents for the Incident Response Plan and strategy Analyze phishing attempts, malware, and other cyber threats; partner with Security Engineering to devise additional security controls, administer email security, EDR, ZTNA, and other security tooling configurations to block emerging threats. Participate in a 24/7 on-call rotation to respond to critical security incidents. Support triage and response for compliance alerts and requests, enabling the continuous compliance program at BlackCloak using tools such as Vanta, Drata. Prepare and present detailed incident reports and security metrics to technical and leadership audiences. What You Need To Be Successful 4-6 years of direct experience in a Security Operations Center, incident response, threat intelligence, or similar cybersecurity role. Ability to navigate complex problems, stay cool under pressure, and be highly inquisitive. Hands-on experience with SIEM, SOAR, and other security platforms for log analysis, correlation, automated response, and maturation of detections/runbooks. Deep understanding and practical experience with Endpoint Detection and Response (EDR) tools and their investigative capabilities. Good knowledge of cloud security principles and services in AWS, Azure, or GCP, including experience with security tools like Wiz or Prisma Cloud. Solid understanding of network protocols, operating systems (Windows, Linux, mac OS), and common attack vectors (OWASP, MITRE) Familiarity with identity and access management concepts, including SAML, OAuth, and role-based access control (RBAC) Relevant industry certifications are highly desirable, such as GIAC (GCIH, GCFA), CISSP, or CompTIA Security+. Excellent problem-solving skills and the ability to communicate complex technical concepts to both technical and non-technical audiences. $100,000 - $130,000 a year About BlackCloakBlackCloak is an extremely fast-growing company in an entirely new product category. We have amazing product fit validated by industry awards and an impressive client base of Fortune 500 companies across all industries. BlackCloak offers a competitive salary, exceptional benefits, and a dynamic work environment. Below is a quick summary of BlackCloak's generous benefits package for full-time employees includes: - 100% Remote Company, within the USA - Comprehensive Medical, Dental, and Vision plans with a 100% employer-paid monthly premium option for employees & 50% employer-paid monthly premiums for dependents. - Health Savings Account with company contribution for eligible medical plans. - Flexible Vacation Plan - 10 Paid Company Holidays - 100% employer-paid Life, AD&D and Short- and Long-Term Disability Insurance - 401k with Traditional and Roth options, including employer match. - Company Equity - Paid Parental and Pregnancy Recovery Leave - Company and team off-sites and virtual events throughout the year - Home office stipend We are an equal opportunity employer. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, marital status, age, disability, national or ethnic origin, military service status, citizenship, or other protected characteristic. Learn More about UsWebsite: ********************* LinkedIn: /blackcloak Twitter: @BlackCloakCyberWhite Paper: ******************************************************************************************************* #liremote

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU. If you'd like to build the world's best AI cloud, join us. *Note: This position requires presence in our San Francisco or San Jose office location 4 days per week; Lambda's designated work from home day is currently Tuesday. What You'll Do Validate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives Manage IT Risk Register including risk identification, tracking, and prioritization. Assist with and drive remediation of control deficiencies and gaps Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.) Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting Assist with the Customer Trust program which may include managing customer assessments, and security questionnaires Assist control owners with root cause analysis and track risk management action plan progress. Create risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings Assist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements You Have a minimum of 8 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements Have experience managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks Have experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations Possess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives Nice to Have Experience in the machine learning or computer hardware industry Experience with Security by Design and/or Privacy by Design principles Experience with standard cyber controls frameworks, including CIS Top18, NIST Cyber Security Framework (CSF), NIST 800.53, NIST 800.171, CMMC, Cybersecurity Maturity Model Certification (CMMC), ISO 27001 and 27701, and SOX ITGC control frameworks. Broad knowledge of IT infrastructure and architecture of computer systems as well as exposure to a variety of platforms such as operating systems, networks, databases, and ERP systems Familiarity with using third-party tools such as Audit Board, Whistic, RSA Archer, ServiceNow for third-party risk management Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Experience in the AI infrastructure, machine learning and/or computer hardware industry Salary Range Information The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description. About Lambda Founded in 2012, with 500+ employees, and growing fast Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG Our values are publicly available: ************************* We offer generous cash & equity compensation Health, dental, and vision coverage for you and your dependents Wellness and commuter stipends for select roles 401k Plan with 2% company match (USA employees) Flexible paid time off plan that we all actually use A Final Note: You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills. Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU. If you'd like to build the world's best AI cloud, join us. * Note: This position requires presence in our San Francisco or San Jose office location 4 days per week; Lambda's designated work from home day is currently Tuesday. What You'll Do * Validate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives * Manage IT Risk Register including risk identification, tracking, and prioritization. * Assist with and drive remediation of control deficiencies and gaps * Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.) * Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting * Assist with the Customer Trust program which may include managing customer assessments, and security questionnaires * Assist control owners with root cause analysis and track risk management action plan progress. * Create risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings Assist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements You * Have a minimum of 8 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements * Have experience managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks * Have experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations * Possess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives Nice to Have * Experience in the machine learning or computer hardware industry * Experience with Security by Design and/or Privacy by Design principles * Experience with standard cyber controls frameworks, including CIS Top18, NIST Cyber Security Framework (CSF), NIST 800.53, NIST 800.171, CMMC, Cybersecurity Maturity Model Certification (CMMC), ISO 27001 and 27701, and SOX ITGC control frameworks. * Broad knowledge of IT infrastructure and architecture of computer systems as well as exposure to a variety of platforms such as operating systems, networks, databases, and ERP systems * Familiarity with using third-party tools such as Audit Board, Whistic, RSA Archer, ServiceNow for third-party risk management * Certified Information Systems Auditor (CISA) * Certified Information Security Manager (CISM) * Certified Information Systems Security Professional (CISSP) * Certified in Risk and Information Systems Control (CRISC) * Experience in the AI infrastructure, machine learning and/or computer hardware industry Salary Range Information The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description. About Lambda * Founded in 2012, with 500+ employees, and growing fast * Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove * We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG * Our values are publicly available: ************************* * We offer generous cash & equity compensation * Health, dental, and vision coverage for you and your dependents * Wellness and commuter stipends for select roles * 401k Plan with 2% company match (USA employees) * Flexible paid time off plan that we all actually use A Final Note: You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills. Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.

Taxwell helps everyday Americans get every tax advantage they deserve by finding credits and deductions they never even knew existed. Our tax preparation software offers easy guidance and ensures your maximum tax refund. We strive to build a team of like-minded experts in both tax and technology who align with our brand purpose, are advocates for our customers and have a fresh, non-traditional approach to the tax industry. The Sr. Security Ops Analyst/Incident Response role is a part of the Taxwell IRM team. IRM SecOps provides cyber security monitoring, reporting, and response along with detection capabilities and threat hunting. Duties include, but are not limited to: Receive incident escalations from monitoring team and assist with real-time advanced analysis, response, and reporting. Mentor and assist in training analysts to aid in their skills development and analytical capabilities. Proactively hunt for threats and enacting identification, containment, and eradication measures while supporting recovery efforts. Point person for coordination with appropriate parties during a security incident - client, management, legal, security, operations, etc. Create thorough reports and documentation of all incidents and procedures, presenting findings to team and leadership on a routine basis Supports detection capabilities and refines process through alert validation. Performs threat hunting and proactive incident response. Completes follow-through to ensure quality forensic materials are captured, preserved and documented along with details and timelines of events and recommendations to avoid future occurrences. Assist in the general maintenance and improvement of processes and/or playbooks. Conduct research regarding the latest methods, tools, and trends in digital forensics analysis. Conduct analysis using logs, previous alerts, etc. to identify trends to identify and prevent potential incidents. Ingest data from multiple sources and aggregate client metrics. Basic Qualifications Bachelor's degree or equivalent combination of CISSP certification and prior experience Five or more years of experience in information systems security. Good communication skills to interact with clients, team members, management, and support personnel. Good analytical and problem-solving skills. Ability to work independently and as part of a team, be highly self-motivated. Experience with cloud environments, such as Microsoft Azure and Amazon. Web Services; Container services and Kubernetes; Azure Monitor and/or Sentinel; Experience with AD and Entra ID; Mimecast and Microsoft Purview; Microsoft OpenAI Services; AWS technologies such as EC2, ECS, Lambdas, LightSail, and VMware Cloud. Ability to script in PowerShell, Python. Preferred Qualifications Previous expertise in consulting or finance, tax background desirable Preferred experience with EDR solutions such as Defender XDR and CrowdStrike Falcon. Experience in Data Visualization (example: PowerBI). Preferred experience with Splunk and osquery. GIAC GCFA and/or GCFR certification. Work Environment Requires being on-call during off hours. May require occasional weekend work. Location is Remote. #LI-DNI At Taxwell, we believe our work benefits from the diverse perspectives of our employees. As such, Taxwell welcomes and celebrates diversity and inclusion and is committed to equal opportunity employment. At Taxwell, you can expect a supportive, open, and inclusive atmosphere and a team that values your contributions. Taxwell is committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants without regard to race, color, religion, sex, national origin, age, d isability, marital status, sexual orientation, gender identity, veteran status, and any other status protected under applicable law. Taxwell considers information gathered in the hiring process, including information on this application, confidential, and only shares it on a need-to-know basis or as required by law. If you need assistance or accommodation due to a disability, you may contact us at ************** or by calling ************ extension 6049 to speak with a member of the HR Talent Acquisition team.