Cyber Security Analyst jobs in Yucaipa, CA

Sr. Information Security Engineer External Description: Alignment Healthcare is a data and technology driven healthcare company focused on partnering with health systems, health plans and provider groups to provide care delivery that is preventative, convenient, coordinated, and that results in improved clinical outcomes for seniors. We are experiencing rapid growth (backed by top private equity firms), and our team is looking for the best and brightest individuals. We love our customers and understanding them better makes it possible to provide the best clinical outcomes and care experience. Are you an Information Security Engineer with experience in automation, cloud technologies, and endpoint security? Would you like to work in an environment where your skills can be utilized effectively, and you have opportunities to make significant impact? If you are passionate about security and can reduce risk in practical ways that scale, we want to hear from you! Major Responsibilities Contributes to the daily operational aspects of the Information Security Team, primarily from a technical implementation perspective. Assists with break/fix of tools and automation that are owned by the Information Security Team. Works with internal and external customers on a variety of issues, from a simple security review of a mundane and routine ask, to a complex deep dive into a new feature implementation in O365, Azure, or AWS. Balances operational work (approximately 70% of the day) to help meet team SLAs, and project work (approximately 30% of the day) to meet assigned team deliverables. Contributes to the design, implementation, and documentation of new security tools. Collaborates with other internal information technology teams (networking, cloud, traditional architecture, developers, and data scientists) to support internal and external systems. Utilizes scripting and DevOps to provide automation and orchestration between: information security tools, such as the SIEM (Logstash, FortiSIEM, IBM QRadar, etc.); endpoint protection (Symantec, McAfee, Cylance, CrowdStrike Falcon, etc.); vulnerability scanners (Rapid7, Nessus, etc.); patch management (SCCM, Altiris, PDQ, etc.); other applications; OS' (Windows, MacOS, Linux, iOS, Android); cloud platforms (AWS, Azure); and IAM platforms (Active Directory, Okta, Auth0, PingIdentity, SAML, OIDC). Clearly documents designed automation and system relationships. Contributes and participates in the Information Security Team daily stand-ups and other meetings as necessary. Participates in regular reporting, maintaining accountability and transparency within the Information Security Team. Remains current on industry trends in cyber risk with industry standards (ISO 27001/2, NIST, CIS) and regulatory requirements (HIPAA, HITECH, HITRUST, etc.) Technical knowledge of common information security tools and systems: DLP, MAM/MDM, Firewall/VPN, endpoint protection, PKI, RBAC, IAM, etc. Demonstrated practical experience with one or more programming or scripting languages. (PowerShell, Python, C#, VB, VBA, Ruby, NodeJS, SQL, etc.) We're not picky, but you must be able to deliver practical automation! Demonstrated practical experience with one or more of the major cloud providers (AWS, Azure, GCP). Excellent oral and written communication skills, and an ability to present and discuss technical information in a way that establishes rapport and trust. Detail orientated, with an ability and desire to build to 100%, but being ok with building to 90% as tasked. An ability to be productive as an individual contributor with little supervision to meet agreed upon deliverables. Preferred Prior experience in the healthcare or a related HIPAA regulated industry. A working knowledge of the NIST CSF and/or CIS Critical Security Controls (CSC). A working knowledge of Git and GitHub. Previous experience contributing to projects using agile tools (Jira, Azure DevOps, Pivotal) and processes (Scrum, Kanban). One or more cloud security certifications. Education Bachelor's degree in Computer Science, Computer Engineering, or related technical discipline, and/or equivalent work experience. 3+ years' experience working in a technical, hands-on, information security role. One or more current security related certifications (e.g., CISSP, SANS GIAC, etc.) City: Orange State: California Location City: Orange Schedule: Full Time Location State: California Community / Marketing Title: Sr. Information Security Engineer Company Profile: Alignment Healthcare was founded with a mission to revolutionize health care with a serving heart culture. Through its unique integrated care delivery models, deep physician partnerships and use of proprietary technologies, Alignment is committed to transforming health care one person at a time. By becoming a part of the Alignment Healthcare team, you will provide members with the quality of care they truly need and deserve. We believe that great work comes from people who are inspired to be their best. We have built a team of talented and experienced people who are passionate about transforming the lives of the seniors we serve. In this fast-growing company, you will find ample room for growth and innovation alongside the Alignment community. EEO Employer Verbiage: On August 17, 2021, Alignment implemented a policy requiring all new hires to receive the COVID-19 vaccine. Proof of vaccination will be required as a condition of employment subject to applicable laws concerning exemptions/accommodations. This policy is part of Alignment's ongoing efforts to ensure the safety and well-being of our staff and community, and to support public health efforts. Alignment Healthcare, LLC is proud to practice Equal Employment Opportunity and Affirmative Action. We are looking for diversity in qualified candidates for employment: Minority/Female/Disable/Protected Veteran. If you require any reasonable accommodation under the Americans with Disabilities Act (ADA) in completing the online application, interviewing, completing any pre-employment testing or otherwise participating in the employee selection process, please contact ******************.

“I can succeed as a Technology Risk and Security Analyst at Capital Group.” The Technology Risk organization is responsible for the implementation of an effective Technology and Security risk management framework that partners with various lines of defense and stakeholders in the organization. The role is a strategic role within the Chief Information Security Officer (CISO) organization to drive the achievement of our strategic plan for risk management. This role presents significant intellectual and technical challenges with tremendous opportunity for business impact. Leveraging new and emerging technologies is key to Capital Group realizing its long-term strategic objectives and identifying the risks these new technologies present to Capital Group and finding ways to adequately eliminate or mitigate these risks will be both challenging and immensely rewarding. A key part of the role will be collaborating with other internal risk functions to support evaluations of the effectiveness of Capital's technology policy and controls infrastructure, as well as providing external auditors and regulatory examiners with the materials necessary to conduct their work. As a Technology Risk and Security Analyst, you will be responsible for contributing to the overall work efforts that identify, assess, track remediation efforts, and manage technology related risks across Capital Group. You will be a key member of the Technology Risk Team, and you will serve as an adviser to business areas on their security and technology risks. Responsibilities: Governance, Risk and Control Assessments Support oversight of the following risk and control capabilities: IT and security policies, standards, and procedures management Threat identification and risk assessment Metrics and reporting Testing and external assurance oversight Remediation management Support first and second line of defense risk functions and relevant governance committees and other stakeholders as appropriate to develop the technology risk management agenda. Support the design and implementation of best practices and technology risk management frameworks across the Information Technology Group (ITG). Help establish and contribute to the application of Technology risk policies, and governance processes to create lasting solutions for minimizing losses from failed internal processes, inadequate controls, and emerging risks. Assess' risks and drive actions to address the root causes that persistently lead to operational/technology risks losses by challenging both historical and proposed practices. Review control exception requests and ensure risk mitigation or acceptance strategies are appropriate with input from your manager. Provide advisory services to technology and business teams on technology risk and control matters pertaining to projects on firm initiatives and projects. Enable the creation of and distribution of actionable risk metrics and reports. Facilitate collaboration for risk analysis, remediation scoping and prioritization, reporting and engagement with stakeholders to enable oversight and effective risk decision making. Support the design and implement the collection and reporting of key risk and control metrics. Support the technology risk governance committee as well as other risk committees in the organization to establish a shared view of risk. Monitor for emerging risks; recommend and implement mitigation strategies to address those risks. “I am the person Capital Group is looking for.” You have a bachelor's degree in IT, risk and security management, computer science or related field. You have at least 5-7 years of technology risk and security management experience successfully identifying, assessing, and mitigating technology risks in a complex, fast paced environment. You have experience managing technology risk for infrastructure environments at an enterprise scale (e.g., Information Security, Cyber Security, Security Operations, Governance, etc.). You have experience supporting technology risk programs. You have expertise supporting the management of risks associated with agile software engineering practices, use of public cloud environments and big-data analytics. You've worked with internal risk and security teams, auditors, and regulatory examiners. You have superior analytical skills and demonstrated success identifying and solving ambiguous risk related problems. You have proven ability to balance risk mitigation proposals with business objectives and always do what is in the client's best interests. You have experience designing and implementing processes to identify, assess and test key technology and information security controls. You have the ability to operate with a limited level of direct supervision. You can exercise independence of judgement and autonomy. Southern California Base Salary Range: $108,135-$173,016 In addition to a highly competitive base salary, per plan guidelines, restrictions and vesting requirements, you also will be eligible for an individual annual performance bonus, plus Capital's annual profitability bonus plus a retirement plan where Capital contributes 15% of your eligible earnings. You can learn more about our compensation and benefits here. * Temporary positions in Canada and the United States are excluded from the above mentioned compensation and benefit plans. We are an equal opportunity employer, which means we comply with all federal, state and local laws that prohibit discrimination when making all decisions about employment. As equal opportunity employers, our policies prohibit unlawful discrimination on the basis of race, religion, color, national origin, ancestry, sex (including gender and gender identity), pregnancy, childbirth and related medical conditions, age, physical or mental disability, medical condition, genetic information, marital status, sexual orientation, citizenship status, AIDS/HIV status, political activities or affiliations, military or veteran status, status as a victim of domestic violence, assault or stalking or any other characteristic protected by federal, state or local law.

Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours. Galapagos Federal Systems LLC is looking for an enthusiastic, well-qualified individual to fill the Cyber Security Engineer (HBSS/ENS) position and to join our team of qualified, diverse individuals in NSWC Corona Division, Norco, CA 92860. As an Endpoint Security (ENS) and Host-Based Security System (HBSS) Engineer dedicated to the Corona Classified RDT&E Network (CCRN), you will play a pivotal role in ensuring the robust cybersecurity posture of our classified research, development, test, and evaluation network. In this senior-level position, you will be responsible for designing, implementing, and maintaining advanced endpoint security solutions, with a specific focus on McAfee's Endpoint Security and Host-Based Security System. Your role will involve configuring and optimizing security policies, conducting vulnerability assessments, and collaborating with cross-functional teams to respond to and mitigate security incidents. Additionally, you will contribute to the development and enforcement of security protocols, ensuring compliance with classified network standards and regulations. This position offers a unique opportunity to lead and shape the cybersecurity landscape within a classified research environment, leveraging your expertise in ENS and HBSS to safeguard. Skills / Experience Required Top Secret/Sensitive Compartmented Information 5-8 years of relevant work experience Lead the design, implementation, and maintenance of the Corona Classified RDT&E Network (CCRN), ensuring optimal performance, security, and availability Provide performance tuning to systems and troubleshoot HBSS components which span a large and complex environment Install updates to McAfee software as released and in compliance with STIG requirements Deploy, maintain, and tune McAfee clients to meet current and future standards Develop/create, deploy, and manage custom HBSS signatures Monitor HBSS for intrusions, failures and other issues, repair/re-engineer as needed Monitor HBSS software to ensure that the clients/servers are operational and reporting properly; test and provide software fixes as needed Monitor the health and performance of the systems Demonstrate an ability to listen and collaborate with audiences ranging from IT administrators to executive level stakeholders to help deliver solutions Excellent troubleshooting skills and ability to identify root causes of issues and provide solutions Strong interpersonal and presentation skills, both oral and written, with the ability to articulate and educate others about complex technology with business acumen Lead complex troubleshooting efforts and on-site/remote support Technical writing to produce written reports and document customer security infrastructures, recommendations, and best practices Provide recommendations and support the creation of policies and procedures including final configuration, tuning, and troubleshooting of McAfee products adapted to customer environment Required Qualifications Familiar with working in an environment with development, engineering, sustainment, and overall O&M activities for a secure government system Experience in Windows/Linux/OS-X operating systems Demonstrated experience (hands-on) with databases such as MSSQL, Oracle, MYSQL Hands-on experience with any or all products (not all inclusive): ePO, ENS, Application Control, Advanced Threat Detection/Prevention, DLP, IPS/IDS Education / Certifications Bachelor's degree - IT Cybersecurity IASAE II CASP+ CE CISSP (or Associate) CSSLP HBSS Administrator 201, 301, 501 ePO Certificate Benefits Medical, dental, vision, disability, and life insurance Flexible Spending Accounts 401(k) PTO Paid Paternal leave Tuition reimbursement Paid federal holidays Security Clearance Must be a U.S. Citizen. A high-level Department of Defense active security clearance is required. Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to government information. Physical Requirements Work may involve sitting or standing for extended periods of time and typing and reading from a computer screen. The candidate must have enough mobility, including bending, reaching, and kneeling, to complete daily duties in a prompt and efficient manner and that may include lifting to thirty pounds, as necessary. Company Summary Headquartered in Hawaii, Galapagos Federal Systems, LLC is an SBA Certified Native Hawaiian Organization 8(a) Small Business specializing in global information technology and offering professional solutions in IT Design & Installation, Cybersecurity Engineering & Support, Application Integration & Development, Software & Hardware Engineering, Network & Systems Management, Information Systems Security, and Business Management Services. Leveraging over 30 years of providing IT services to the federal & commercial market with projects found around the world, our team has innovative expertise in the development of a wide range of technological solutions. Galapagos Federal Systems, LLC is an equal opportunity employer. Our service commitment is simple - "Quality IT Solutions... On Time & On Budget." Company Employment Statement Galapagos Federal Systems, LLC reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing as positions, functions, and qualifications may vary depending on business needs. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Galapagos Federal Systems, LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth, or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics. Salary range $105,000 - $120,000

**Cognizant Technology Solutions** is looking for " **Cyber Security Cloud Testing** " to join in our team of IT professionals in a permanent role. If you meet our background requirements and skills and are looking for an opportunity with these skills and expertise, here is the ideal opportunity for you! **About Cognizant's QEA Practice:** We are the largest Quality Assurance Practice Globally servicing 800+ Clients. We bring the industry leading vision and expertise to help with Quality Engineering transformation journey for our reputed clients. We provide Next Gen QA offerings like System Modernization assurance, Business Process Assurance, Quality Engineering, Cloud Platform Assurance, Customer Experience Assurance and Robotic Test Automation. We have been ranked #1 for Market Impact by Everest Group for four times in a row and ranked #1 for completeness of vision, test advisory and Digital Business Assurance in Gartner Magic Quadrant! **Cyber Security Cloud Testing** **Location: Redlands, CA (Remote)** **Required Qualifications:** - Bachelor's in information systems, Computer Science, Business, or a related STEM degree - Understanding of cybersecurity - Professional experience including general IT/Business responsibilities, customer/third party interactions, Third Party Risk Management (TPRM), IT Security, contracts/legal, or similar - Proven experience providing exceptional customer service - Demonstrated experience developing or being a part of customer facing programs and/or cross functional business programs - Strong ability to coordinate with technology team members for follow-up of implemented controls and support the collection and validation of evidence as part of the risk remediation process - Experience influencing without authority, dealing with ambiguity, and balancing competing goals and objectives - Understand business/IT security and risk management controls to include experience with governance risk and compliance (GRC) tools or processes **Roles/Responsibilities:** - Collaborate with security subject matter experts (SMEs), legal teams, and global business development staff to enhance and maintain systems and processes for customer. - Manage incoming customer security requests (such as assessments, questionnaires, policy reviews, penetration tests, documentation, and contract term reviews), prioritize tasks, and recommend appropriate courses of action - Provide general administrative support for audits, including filing, data entry, tracking, and correspondence, while adhering to established processes and standards - Facilitate communication between business, technology, and information security teams to validate questionnaire responses and fulfil general requests related to controls defined by Clinet's standards and policies - Advise on security and privacy requirements, consulting with SMEs when necessary, and maintain a comprehensive security knowledge base - Serve as a point of contact for client and compliance audit inquiries, ensuring timely and accurate responses - Manage and maintain a standardized library of responses for customer questionnaires, ensuring accuracy and consistency - Collaborate with internal experts to update and refine responses as needed - Clear communication, strong collaboration, and finely tuned writing/editing skills **Recommended Qualifications** - Security + or equivalent security certification(s) - Experience in supporting the completion of security or compliance reviews, Third Party or Customer Questionnaires and familiarity with Policy/Standard reviews - Proficient with Salesforce, content management or Third-Party Questionnaires related software like (Loopio) - Familiarity with third party risk management platforms, such as CyberGRX - SANS or equivalent security certification(s) **Work Authorization:** Cognizant will only consider applicants for this position who are legally authorized to work in the United States without company sponsorship (H-1B, L-1B, L-1A, etc.) **Salary and Other Compensation:** Applications will be accepted until 7/16/2025 The annual salary for this position is between $64,734 - $102,500 depending on experience and other qualifications of the successful candidate. This position is also eligible for Cognizant's discretionary annual incentive program, based on performance and subject to the terms of Cognizant's applicable plans. **Benefits:** Cognizant offers the following benefits for this position, subject to applicable eligibility requirements: - Medical/Dental/Vision/Life Insurance - Paid holidays plus Paid Time Off - 401(k) plan and contributions - Long-term/Short-term Disability - Paid Parental Leave - Employee Stock Purchase Plan **Disclaimer:** The salary, other compensation, and benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law. \#LI-SS4 Cognizant is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

Company Overview: Our Client is a leading provider of cutting-edge cybersecurity solutions to protect businesses from evolving digital threats. They pride themselves on our innovative approach to safeguarding sensitive data, networks, and systems. Their team of experts provides comprehensive cybersecurity solutions that empower organizations to navigate the complex digital landscape with confidence. Position Summary: As a Virtual SDR, BDR at our Client, you will play a pivotal role in driving the success of our cybersecurity solutions across the United States. As one of the first 20 employees, you will play a vital role in shaping the direction of our company and driving growth. Their recent seed round raised an unbelievable $11M at a $36M valuation, and the founders' last venture resulted in a big exit with the sale of the company to Microsoft. They operate in the IT Security space and are 100% virtual. In this dynamic and customer-facing role, you will leverage your technical expertise and sales acumen to provide strategic guidance and support to our clients throughout the sales process. This position offers a unique blend of technical knowledge, sales skills, and the opportunity for nationwide travel. We Are Looking For: As a mid-level Business Development Rep. (BDR SDR) you'll be at the tip of the spear, responsible for researching and qualifying top of funnel leads while being the first to connect with our potential customers. You'll research and build contact lists, make outbound cold calls/emails to those who fit our Ideal Customer Profile (ICP) and will then partner with AEs to get customers onboarded. This position will spend roughly 80% of the time on the phone or email prospecting for new clients. This position is a great way for individuals to gain in-depth sales experience with a rapidly growing SaaS security company looking to win the category! What You'll Do: Generate high volume quality MQLs through various direct sales efforts such as calls, emails, events, webinars, and other channels generated by Marketing. Make daily outbound calls/emails to prospects who have demonstrated interest. Follow up on all calls and emails until meetings are booked or you've been able to move the prospect through the funnel. Record all activities and properly manage lead stage/flow in our Salesforce CRM. Achieve or exceed monthly quotas of meetings, demos, and qualified leads worked with AEs. Schedule product demos on AE's calendar. Discern buyer intent and partner with AEs to get the right customers onboarded. Work closely with Marketing, Product, and CS/CX to clearly communicate critical top-of-funnel feedback and suggestions that help optimize segmentation, content, & features. What You'll Need: Must have BDR/SDR experience in the SaaS or similar software space Great speaking self-awareness and ability to read prospect signals and adjust accordingly to move the prospect down the funnel. Must have a clear, easy-to-understand phone voice and a professional Zoom presence with the ability to engage and empathize over the phone. Hands-on experience with multiple sales prospecting techniques like cold calling, cold emailing, video conference selling, and social outreach is a must. Knowledge of sales & marketing constructs, the evergreen funnel, and playbooks are important. Must be a great listener with an ability to address objections graciously and frame the next steps clearly. Good writers and creative thinkers needed - Must be able to craft well-written (great grammar and spelling), compelling emails, and responses that lead prospects down the funnel. Verifiable track record of success and goal attainment in a frontline sales-oriented role Deep knowledge of software and social networks (especially LinkedIn, Facebook, and Twitter) is important. Track record of (over)achieving sales quotas. Must have a strong, self-motivated drive, passion, and desire to deliver results. Experience in a fast-growing startup environment is a big plus. What We Offer: Contract to Hire, Strong Salary plus comm after 90 days Full Benes PreIPO equity Be part of an exciting high-growth SaaS organization An impactful role with lots of growth potential A lot of freedom to apply your creative and strategic skills A work-hard, play-hard environment 100% virtual Virtual Cyber Security SDR, BDR, Contract to Hire

at Tevora Fairfax, VA or Irvine, CA If you haven't heard of Tevora, it's because we've done our job! Tevora is a tight-knit community of professionals with a shared passion for our craft. Every day, we combine in-depth knowledge of cybersecurity, technology, and compliance to help create more secure digital environments. To Tevorans, every problem is a puzzle in need of solving. We strongly believe that if we put smart, driven people in a room together, they will accomplish great things. We maintain a supportive culture that celebrates continuous learning, diverse perspectives, and sharing the wins. That's why we have our eyes on you. What's the role? Tevora's Strategic Services team is seeking a skilled and motivated consultant to join our team, specializing in privacy, risk management, and data governance. In this role, you will lead and support clients through impactful engagements, helping them navigate complex challenges and build scalable, future-ready programs. A successful candidate for this role would have a strong ability to connect the dots between business objectives and technical requirements, providing tailored recommendations that drive meaningful results for our clients. A day in the life could include Client Engagements and Program Development:Lead and support various client engagements, including Enterprise Risk Assessments, Privacy Impact Assessments, and Risk/Privacy/Data Governance Program Buildouts.Collaborate with clients to design and implement data governance frameworks, policies, and workflows aligned with their business goals.Facilitate workshops and stakeholder discussions to develop tailored privacy and data governance solutions.Work closely with cross-functional client teams (IT, Security, Privacy) to understand key processes and dependencies. Risk and Privacy Expertise:Leading comprehensive risk assessments to identify, evaluate, and prioritize risks across business-critical areas, including operational, IT, security, and compliance risks.Developing actionable recommendations to mitigate identified risks.Designing and implementing enterprise-wide risk management frameworks aligning with best practices such as NIST RMF and ISO 31000.Assess clients' data governance maturity and recommend strategies for improvement and scalability.Identify and analyze privacy-related gaps or risks, advising clients on remediation strategies and best practices in cybersecurity and compliance.Conduct data mapping exercises (manual or tool-based) to support privacy and governance objectives. Collaboration & Leadership:Work closely with internal project management team to provide project status updates and key client-related communications Provide mentorship and guidance to junior team members, fostering growth and expertise within the team.Contribute to team initiatives and evolving best practices to continually improve service delivery Necessary skills and qualifications:Bachelor's degree in information security or related discipline Excellent written and verbal skills Hold current standing with at least 1 industry-relevant certification such as CDPSE, CISM, CRISC, CIPM, CIPPProven experience in building programs for Risk Management, Privacy, and Data GovernanceIn-depth understanding of regulations/frameworks, including but not limited to CCPA/CPRA, GDPR, NIST CSF, NIST Privacy, NIST RMF, PCI, ISO, HIPAAStrong technical skills and understanding of industry-relevant tools Ability to coordinate and manage multiple priorities in a fast-paced environment, working both independently and collaborativelyA high degree of motivation and work ethic, to meet defined internal and external timelines Ability to travel up to 10% for client-related or internal-related activities as needed Bonus Points:At least 2 years' experience in a client-facing role (e.g., consulting or external auditor) Experience presenting findings to executive stakeholders or boards Experience operating industry-relevant tools (e.g., GRC platforms, and other privacy and risk management solutions) We've got you covered!Comprehensive benefits including: Medical, Dental, Vision & Basic Life InsurancePaid Vacations, Sick Time, & Holidays 401 (k) with discretionary company match Vibrant work culture Additional requirements:Eligibility to work in the United States. $105,000 - $115,000 a year DOEBonus Eligible EEOC Statement Tevora is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, disability status, or other applicable legally protected characteristics.

Responsibilities: + Develop and implement comprehensive information security plans to safeguard the security of company data and assets, including on-premise and cloud environments. + Thoroughly analyze the company's business processes and data characteristics, and combine industry best practices and frameworks such as NIST Cybersecurity Framework (CSF) to create customized security plans, ensuring the confidentiality, integrity, and availability of information assets in various scenarios. + Create security policies and ensure that the company's operations are in strict compliance with industry standards (e.g., ISO 27001, NIST, GDPR) and regulatory requirements. + Continuously monitor industry trends and regulatory changes, and adjust security policies in a timely manner to provide a solid security and compliance framework for the company's business operations. + Maintain and enhance security measures for systems, networks , and public cloud platforms (e.g., AWS, Azure, GCP) to prevent potential threats. + Utilize advanced technical means and tools to conduct real - time monitoring and risk early warning of systems, networks, and cloud environments, promptly detect and block various attack behaviors, and ensure the stable and secure operation of IT infrastructure. + Monitor security events in real - time, respond promptly to emergencies, and effectively mitigate risks. + Build an efficient security monitoring platform, use intelligent analysis technology to promptly capture abnormal behaviors, activate emergency response plans, and minimize the impact of security incidents. + Develop and deliver security training programs to enhance employees' security awareness and encourage their adherence to best practices. + Design targeted training courses according to the needs of different positions and use diverse training methods to ensure that employees have a deep understanding of and implement security requirements. + Oversee user access controls, regularly review permissions, and ensure secure identity management. + Implement a strict access control mechanism, Conduct regular audits of user permissions, and use reliable identity management systems to prevent unauthorized access and ensure the security of company resources. + Conduct comprehensive risk assessments, identify vulnerabilities, and implement effective mitigation strategies. + Use scientific risk assessment methods and frameworks such as NIST CSF to evaluate potential threats and vulnerabilities, formulate corresponding mitigation measures based on the assessment results, and continuously improve the company's security defense capabilities. Requirements Minimum Requirements: + Bachelor's degree in Information Security, Computer Science, or a related field + Minimum of 5 years of experience in information security, with a strong background in security event analysis, incident response, vulnerability management, and risk assessment + Hands-on experience with public cloud security (e.g., AWS, Azure, GCP), including cloud-native security tools and best practices. + Familiarity with security regulatory compliance standards and frameworks such as NIST CSF, ISO 27001, and CIS. + Knowledge of network security principles, intrusion detection/prevention systems (IDS/IPS), firewalls, and endpoint protection. + Understanding these aspects is essential for ensuring the company's security compliance and building a robust security defense system. + Strong analytical and problem - solving skills, with the ability to quickly identify and mitigate security threats. Preferred Requirements: + Relevant security certifications such as CISSP, CISM, CEH Technology Doesn't Change the World, People Do. Robert Half is the world's first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles. Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app (https://www.roberthalf.com/us/en/mobile-app) and get 1-tap apply, notifications of AI-matched jobs, and much more. All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information. © 2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking "Apply Now," you're agreeing to Robert Half's Terms of Use (https://www.roberthalf.com/us/en/terms) .

Sr. Security Operations Engineer - (250000BF) Description Who We Are Through our service brands Hyundai Motor Finance, Genesis Finance, and Kia Finance, Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai, Genesis, and Kia customers and dealerships. We provide vehicle financing, leasing, subscription, and insurance solutions to over 2 million consumers and businesses. Embodying our commitment to grow, innovate, and diversify, we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a values-driven company dedicated to supporting both internal and external communities through volunteering, philanthropy, and the empowerment of our Employee Resource Groups. Together, we strive to be the leader in financing freedom of movement. We Take Care of Our People Along with competitive pay, as an employee of HCA, you are eligible for the following benefits: · Medical, Dental and Vision plans that include no-cost and low-cost plan options · Immediate 401(k) matching and vesting · Vehicle purchase and lease discounts plus monthly vehicle allowances · Paid Volunteer Time Off with company donation to a charity of your choice · Tuition reimbursement What to Expect The Sr. Security Operations Engineer is responsible for monitoring, detecting, analyzing, and responding to cyber threats within the organization's Security Operations Center (SOC), with a focus on securing financial systems and data. This role will collaborate with vulnerability management, intelligence threat analysis, and penetration tester specialists to enhance the organization's security posture. Reporting to the Senior Manager of Security Operations, this role will manage security tools, lead incident response, perform penetration testing, and collaborate with cross-functional teams to mitigate risks. This role integrates with Identity and Access Management (IAM), Data Loss Prevention (DLP), and other cybersecurity functions, ensuring compliance with financial regulations (e.g., PCI DSS, GDPR, SOX, FFIEC). What You Will Do 1. Security Monitoring and Threat Detection: · SOC Operations: Monitor and analyze security events in real-time using SIEM platforms (e.g., Splunk, etc.) to detect and respond to threats targeting financial systems, such as ransomware, phishing, or account takeover. · Threat Intelligence Analysis: Leverage threat intelligence platforms to analyze emerging financial-specific threats, correlate intelligence with internal data, and develop actionable insights to enhance detection and prevention strategies. · Alert Triage: Investigate and triage security alerts, correlating data from endpoints, networks, and cloud environments to identify true positives and escalate critical incidents. · Behavioral Analysis: Utilize user and entity behavior analytics (UEBA) to detect anomalies, such as insider threats or compromised accounts, in financial applications 2. Incident Response and Remediation: · Incident Handling: Lead and support incident response activities, including containment, eradication, and recovery, for security incidents like data breaches, malware infections, or API exploits. · Forensic Analysis: Perform forensic investigations to determine the root cause of incidents, and document findings for audits and legal purposes. · Playbook Development: Create and maintain incident response playbooks tailored to financial threats, ensuring rapid and consistent response processes. · Post-Incident Review: Conduct post-Incident reviews to identify lessons learned, recommend improvements, and update security controls to prevent recurrence. 3. Security Tool Management and Optimization: · Tool Administration: Manage and configure security tools, including SIEM, EDR (e.g., CrowdStrike), IDS/IPS (e.g., Palo Alto), firewalls, and vulnerability scanners, to ensure optimal performance and coverage. · Rule Tuning: Develop and tune detection rules, signatures, and alerts to reduce false positives and improve detection accuracy in financial environments. · Automation: Implement automation scripts (e.g., Python, PowerShell, Bash) and SOAR platforms (e.g., Splunk SOAR, Palo Alto Cortex XSOAR) to streamline tasks like alert enrichment, incident triage, or vulnerability scans. · Cloud Security Monitoring: Monitor and secure cloud environments (e.g., AWS, Azure, Google Cloud, Oracle Cloud) using native security tools and third-party integrations, protecting financial data and workloads. 4. Integration with IAM and DLP: · IAM Support: Collaborate with the IAM team to monitor and respond to access-related incidents, such as unauthorized access or privilege escalation, integrating with tools like SailPoint, or CyberArk. · DLP Monitoring: Work with the DLP team to investigate data loss incidents, leveraging DLP tools (e.g., Symantec DLP, Microsoft Purview) to detect and prevent unauthorized data exfiltration. · Zero-Trust Enforcement: Support zero-trust initiatives by monitoring access patterns and enforcing least privilege principles in financial applications and systems. 5. Intelligence Threat Analysis: · Threat Research: Perform in-depth analysis of threat intelligence feeds, dark web sources, and industry reports to identify threats relevant to financial services, such as zero-day exploits or targeted campaigns. · Threat Hunting: Conduct proactive threat hunting to uncover hidden or undetected threats in financial systems, using SIEM, EDR, and network traffic analysis tools. · Intelligence Integration: Develop and refine detection rules, indicators of compromise (IOCs), and threat signatures based on intelligence analysis to improve SOC effectiveness. · Threat Briefings: Deliver regular threat intelligence briefings to SOC team, leadership, and stakeholders, translating complex threat data into actionable recommendations. 6. Penetration Testing Deliverables: · Penetration Testing: Plan and execute penetration tests on financial systems, applications, and networks to identify exploitable vulnerabilities, simulating real-world attacks (e.g., privilege escalation, data exfiltration). · Test Scoping and Execution: Define penetration testing scope, methodologies, and rules of engagement, while ensuring compliance with financial regulations. · Deliverable Production: Produce detailed penetration testing reports, including findings, exploit paths, risk ratings, and remediation recommendations, tailored for technical and executive audiences. · Remediation Validation: Collaborate with IT and development teams to validate remediation of identified vulnerabilities, retesting to confirm fixes and reduce risk exposure. 7. Collaboration and Training: · Cross-Functional Collaboration: Partner with IT Infrastructure and IT Application Teams, DevOps, IAM, DLP, and Application Security teams to integrate security operations with broader cybersecurity initiatives, such as cloud migrations or fintech development. · Threat Hunting and Penetration Testing Coordination: Collaborate with threat intelligence and penetration testing teams to align hunting and testing efforts with SOC priorities. · Training and Mentoring: Mentor junior SOC analysts and engineers, providing guidance on threat detection, incident response, vulnerability management, and penetration testing. · Security Awareness: Contribute to security awareness programs, educating employees on financial-specific threats like phishing, social engineering, or unpatched vulnerabilities. · Vulnerability Management: Collaborate with Vulnerability Management team to conduct regular vulnerability scans across networks, systems, and applications to identify weaknesses, such as unpatched software or misconfigurations and support the patching management and/or adequate remediation plan. 8. Documentation and Reporting: · Incident Documentation: Document security incidents, investigations, and remediation actions in detail to support audits, compliance, and lessons learned. · Vulnerability and Penetration Test Reports: Produce comprehensive reports on vulnerability scans and penetration tests, including risk assessments, remediation plans, and validation results. · Metrics and Reporting: Develop and report on SOC metrics (e.g., Mean Time to Detect, Mean Time to Respond, vulnerability remediation rates, penetration test coverage) to demonstrate operational effectiveness. · Runbooks and Procedures: Maintain and update SOC runbooks, standard operating procedures (SOPs), and knowledge bases for incident response, vulnerability management, and penetration testing. Qualifications What You Will Bring · Minimum 8 years progressive experience in cybersecurity with proven knowledge in a security operation or SOC role focused on threat detection, incident response, vulnerability management, or penetration testing. · 2+ years of experience in financial services, with a strong understanding of financial threats (e.g., fraud, data breaches) and regulations (e.g., PCI DSS, Korean SOX, GDPR). · Hands-on experience managing SIEM, EDR, IDS/IPS, vulnerability scanners (e.g., Rapid7), and penetration testing tools. · Proven track record of responding to security incidents, conducting vulnerability management, analyzing threat intelligence, and delivering penetration testing outcomes. · Experience integrating with IAM (e.g., SailPoint, CyberArk) and DLP (e.g., Symantec DLP, Microsoft Purview) systems. · Bachelor's degree in Computer Science, Cybersecurity, Software Engineering, Information Technology or a related field. Master's degree preferred. · At least one of the following: CISSP, GCIH, GCIA, CEH, OSCP, or equivalent. Certifications in vulnerability management (e.g., GIAC GMON) or penetration testing (e.g., GPEN, GWAPT) are a plus. · Knowledge of security frameworks such as NIST, ISO 27001, and COBIT. Technical Skills: · Technical expert with deep experience in security operations, vulnerability management, threat analysis, penetration testing, and financial services. · Expertise in SIEM platforms (e.g., Splunk), EDR tools (e.g., CrowdStrike), and vulnerability scanners (e.g., Rapid7). · Proficiency in penetration testing tools and methodologies (e.g., PTES, OSSTMM). · Strong knowledge of threat intelligence analysis, incident response processes, and forensic analysis. · Experience with automation and scripting (e.g., Python, PowerShell, Bash) for security operations, vulnerability management, and penetration testing tasks. · Familiarity with IAM and DLP systems for monitoring and incident response. · Knowledge of financial systems (e.g., core banking platforms, payment gateways) and their security requirements. Soft Skills: · Strong analytical skills to investigate incidents, assess vulnerabilities, and analyze threats. · Excellent communication skills to document findings, produce reports, and collaborate with cross-functional teams. · Ability to work under pressure in a fast-paced, high-stakes environment. Preferred: · Experience with AI-driven security tools (e.g., ReliaQuest GreyMatter, etc.) for threat detection and response. · Familiarity with SOAR platforms (e.g., Splunk SOAR, Palo Alto Cortex XSOAR) for incident response automation. · Knowledge of financial fraud prevention techniques (e.g., transaction monitoring, anti-money laundering). · Experience working with MSSPs for SOC operations support. · Understanding of emerging threats, such as supply chain attacks, cloud-native exploits, or advanced persistent threats (APTs). Work Environment Employees in this class are subject to extended periods of sitting, standing and walking, vision to monitor and moderate noise levels. Work is performed in an office environment. The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location, and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range. California Privacy Notice This notice only applies to our applicants who reside in the State of California. The latest version of our Privacy Policy can be found here. This Privacy Policy provides you with notice, at or before the point of collection, about the categories of personal information to be collected from you, the purposes for which your personal information is collected or used, and whether that information is sold or shared, so that you can exercise meaningful control over our use of your personal information. We are providing this notice to comply with the California Consumer Privacy Act of 2018, as amended as amended by the California Privacy Rights Act of 2020 (“CCPA”). If you have any questions about CCPA regarding California residents or HCA team members, please contact the Privacy Team at Privacy2@hcs.com. Primary Location: United States-California-IrvineWork Locations: Headquarters 1 3161 Michelson Dr. Ste 1900 Irvine 92612Job: IT ApplicationJob Type: RegularOvertime Status: ExemptSchedule: Full-time Minimum Salary: $120,500.00Maximum Salary: $186,800.00Job Posting: May 16, 2025

Momenti is a dynamic and immersive content company that revolutionizestraditional media by bringing visceral experiences to all forms of content. Wespecialize in interactive video that breaks the 4th wall, creating deeperconnections and emotions with our audience. Join us in transforming the waypeople engage with content and bring moments to life. Momenti is at theforefront of the content revolution, and we want you to be part of it. Job Summary:We are seeking a talented and experienced Security Engineer to join Momentias our first security hire and report directly to our Engineering Director. In thisrole, you will be responsible for ensuring the security and integrity of oursystems, applications, and data. You will work closely with cross-functionalteams to identify potential vulnerabilities, develop and implement securitymeasures, and provide ongoing support to maintain a secure environment. Thisis a unique opportunity to make a significant impact and shape the securitylandscape at Momenti. Key Responsibilities:• Develop and implement effective security strategies, policies, and proceduresto protect Momenti's systems, applications, and data.• Conduct regular security assessments, vulnerability testing, and risk analysisto identify and address potential security weaknesses.• Collaborate with software engineers and other stakeholders to design andimplement secure coding practices and ensure secure applicationdevelopment.• Monitor and respond to security incidents, including investigating andresolving security breaches, intrusions, and unauthorized access attempts.• Stay up-to-date with the latest security technologies, trends, and bestpractices, and provide recommendations for enhancements to our securityposture.• Educate and train employees on security awareness and best practices topromote a culture of security throughout the organization.Preferred Qualifications:• Solid experience in a security engineering or related role, with a focus onapplication and system security.• Strong understanding of web application security, network security principles,and secure coding practices.• Familiarity with security frameworks such as OWASP, NIST, and CISbenchmarks.• Knowledge of cloud security principles and experience securing cloud-basedenvironments (e.g., GCP, AWS, Azure).• Experience with security assessment tools and techniques, such asvulnerability scanners, penetration testing, and log analysis.Basic Qualifications:• Proven experience in implementing and managing security controls in aproduction environment.• Familiarity with compliance standards and regulations (e.g., GDPR, HIPAA,PCI DSS).• Strong problem-solving and analytical skills, with the ability to assess risksand develop effective mitigation strategies.• Excellent communication and collaboration skills, with the ability to workeffectively in cross-functional teams. $90,000 - $180,000 a year Salary & Benefits:• Full-time position with a competitive salary ranging from $90,000 to$180,00 per year, based on experience and qualifications.• Comprehensive benefits package, including paid time off, holidays, andhealth, dental, and vision insurance.• Opportunity to be part of a dynamic and innovative startup environment,working with cutting-edge technologies and shaping the future of contentengagement. Note: We only consider primary candidates. Please, no agencies, placementfirms, or recruiters.

Bowhead seeks an ISSO to join our team supporting NSWC Corona - Corona Division. The ISSO will work directly with the Navy Qualified Validator and site Information Systems Security Manager (ISSM) to analyze complex and unique technical support assignments and collaborate with other cyber security engineers, system administrators, and program analysts within a scaled agile environment. The ISSO will work directly to support and manage all eMASS packages in the NSWC Corona portfolio. This position is 100% onsite. **Responsibilities** - Support all RMF packages for the NSWC Corona - Corona Division. - Support site Information Systems Security Manager (ISSM) in compliance reviews of systems. - The ISSO may be called on to author, review and critique perspective artifacts and required RMF documentation - Work with ISSM to support all cybersecurity actions for division. - Contribute to the development of cybersecurity policies and procedures. - Responsible for reviewing and assessing cybersecurity risks. - Responsible for the management of Risk Management Framework (RMF) best practices to attain/ maintain continuous Authority-to-Operate (ATO) capability. - Ensure the cybersecurity posture of assigned systems. - Research National Institute of Standards and Technology (NIST), DoD and Navy Guidance on Cybersecurity and related topics in response to requests for data or information related to cybersecurity topics, posture, impacts, or issues and reviews. - Review architectures and designs for cybersecurity compliance and provide recommendations. - Ability to perform and troubleshoot security measures including analysis, periodic testing, evaluation, verification, accreditation, and review of information system installations at appropriate classification levels. - Review results in a cybersecurity impact assessment report when required. - Compile, review, and manage system POA&Ms. - Other duties as assigned. **Qualifications** - Bachelor of Science degree in Information Systems, Engineering, Computer Science, or Business or similar field (MS preferred) - Minimum of seven (7+) years of experience to include the following: - Nessus/ACAS Scanner Experience o ACAS dashboard, setup, ability to run scans, ability to troubleshoot scanner and scanner results - NIST/STIG Experience o Experience with STIG Viewer/validation/analyzing and compiling results into a POA&M - RMF Experience o Experience with eMASS, Artifacts, Test Plans, Control Assessments, and compiling tools to process and collate test results - Security + (IAT Level II Certified) SECURITY CLEARANCE REQUIREMENTS: Must currently hold a security clearance at the minimum Secret level. Physical Demands: - Must be able to lift up to 25 pounds - Must be able to stand and walk for prolonged amounts of time - Must be able to twist, bend and squat periodically \#LI-MN1 Applicants may be subject to a pre-employment drug & alcohol screening and/or random drug screen, and must follow UIC's Non-DOT Drug & Alcohol Testing Program requirements. If the position requires, an applicant must pass a pre-employment criminal background history check. All post-secondary education listed on the applicant's resume/application may be subject to verification. Where driving may be required or where a rental car must be obtained for business travel purposes, applicants must have a valid driver license for this position and will be subject to verification. In addition, the applicant must pass an in-house, online, driving course to be authorized to drive for company purposes. UIC is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics EOE/D/V. In furtherance, pursuant to The Alaska Native Claims Settlement Act 43 U.S.C. Sec. 1601 et seq., and federal contractual requirements, UIC and its subsidiaries may legally grant certain preference in employment opportunities to UIC Shareholders and their Descendants, based on the provisions contained within The Alaska Native Claims Settlement Act. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities. All candidates must apply online at ****************** and submit a completed application for all positions they wish to be considered. Once the employment application has been completed and submitted, any changes to the application after submission may not be reviewed. Please contact a UIC HR Recruiter if you have made a significant change to your application. In accordance with the Americans with Disabilities Act of 1990 (ADA), persons unable to complete an online application should contact UIC Human Resources for assistance (******************************************** The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c) UIC Government Services (UICGS / Bowhead) provides innovative business solutions to federal and commercial customers in the areas of engineering, maintenance services, information technology, program support, logistics/base support, and procurement. Collectively, the fast-growing Bowhead Family of Companies offers a breadth of services which are performed with a focus on quality results. Headquartered in Springfield, VA, we are a fast-growing, multi-million-dollar company recognized as a top Alaska Native Corporation providing services across the Department of Defense and many federal agencies. Bowhead offers competitive benefits including medical, dental, vision, life insurance, accidental death and dismemberment, short/long-term disability, and 401(k) retirement plans as well as a paid time off programs for eligible full-time employees. Eligible part-time employees are able to participate in the 401(k) retirement plans and state or contract required paid time off programs. **Join our Talent Community!** Join our Talent Community (************************************************************************ to receive updates on new opportunities and future events. **ID** _2025-23312_ **Category** _Information Technology_ **Location : Location** _US-CA-Corona_ **Min** _USD $120,000.00/Yr._ **Max** _USD $135,000.00/Yr._ **Minimum Clearance Required** _Secret_ **Travel Requirement** _Less than 10%_

Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape. Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality. Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward. Job Description ESSENTIAL DUTIES AND RESPONSIBILITIES: Development of various cryptography-based security features such as data encryption, Secure Boot, and Device Attestation. Integrate these security protocols and features into the SSD data and control flows to ensure a robust and secure system. Additionally, investigate and resolve any security protocol compatibility issues that may arise. Investigating failures, documenting bug reports, and providing valuable assistance to product teams in identifying and resolving issues. Debugging, optimizing, and validating the Firmware on SoC platforms, as well as bringing up of FPGA and ASIC. Contribute to the Security Development Lifecycle of the Firmware by supporting its development at different stages, including design, threat analysis, implementation, validation, vulnerability testing, certification, and audit. Qualifications REQUIRED: To qualify for this position, an ideal candidate would have/be. A degree in Computer Science, Electrical/Computer Engineering, Software Engineering, or a related field. 3+ years of experience in embedded programming, with proficiency in C/C++ and one or more of the following: Python, Rust, Go. Strong understanding of microcontroller architectures and debugging of hardware/firmware issues. Experience in firmware code review, CI/CD test and validation methodology, as well as static and dynamic code analysis. Familiarity with the Agile software development process life cycle is also desired. Proficiency in failure analysis in debugging an embedded firmware application, using JTAG/debuggers such as Lauterbach. An engineer who can take ownership of given features and manage them from start to finish. Being self-motivated and driven is essential for this role. Good communication skills and be able to work effectively with cross-functional teams. What Sets You Apart Detailed knowledge of RISC-V Instruction Set Architectures (ISA) Technical expertise in applied cryptography and firmware/hardware security, including knowledge of data encryption, trusted execution environment, secure boot, and device attestation. Knowledge of storage controller architectures and security protocols, such as TCG Opal/Ruby/Pyrite, IEEE 1667, SPDM, and IDE. Develop firmware on SoC platforms, run simulation or bringing up FPGA and ASIC. Familiarity with writing code in Github repository and it's CI/CD testing framework. Additional Information Sandisk is committed to providing equal opportunities to all applicants and employees and will not discriminate against any applicant or employee based on their race, color, ancestry, religion (including religious dress and grooming standards), sex (including pregnancy, childbirth or related medical conditions, breastfeeding or related medical conditions), gender (including a person's gender identity, gender expression, and gender-related appearance and behavior, whether or not stereotypically associated with the person's assigned sex at birth), age, national origin, sexual orientation, medical condition, marital status (including domestic partnership status), physical disability, mental disability, medical condition, genetic information, protected medical and family care leave, Civil Air Patrol status, military and veteran status, or other legally protected characteristics. We also prohibit harassment of any individual on any of the characteristics listed above. Our non-discrimination policy applies to all aspects of employment. We comply with the laws and regulations set forth in the "Know Your Rights: Workplace Discrimination is Illegal” poster. Our pay transparency policy is available here. Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution. Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at [email protected] to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying. Based on our experience, we anticipate that the application deadline will be 08/19/2025 (3 months from posting), although we reserve the right to close the application process sooner if we hire an applicant for this position before the application deadline. If we are not able to hire someone from this role before the application deadline, we will update this posting with a new anticipated application deadline. #LI-RT1 Compensation & Benefits Details An employee's pay position within the salary range may be based on several factors including but not limited to (1) relevant education; qualifications; certifications; and experience; (2) skills, ability, knowledge of the job; (3) performance, contribution and results; (4) geographic location; (5) shift; (6) internal and external equity; and (7) business and organizational needs. The salary range is what we believe to be the range of possible compensation for this role at the time of this posting. We may ultimately pay more or less than the posted range and this range is only applicable for jobs to be performed in California, Colorado, New York or remote jobs that can be performed in California, Colorado and New York. This range may be modified in the future. You will be eligible to participate in Sandisk's Short-Term Incentive (STI) Plan, which provides incentive awards based on Company and individual performance. Depending on your role and your performance, you may be eligible to participate in our annual Long-Term Incentive (LTI) program, which consists of restricted stock units (RSUs) or cash equivalents, pursuant to the terms of the LTI plan. Please note that not all roles are eligible to participate in the LTI program, and not all roles are eligible for equity under the LTI plan. RSU awards are also available to eligible new hires, subject to Sandisk's Standard Terms and Conditions for Restricted Stock Unit Awards. We offer a comprehensive package of benefits including paid vacation time; paid sick leave; medical/dental/vision insurance; life, accident and disability insurance; tax-advantaged flexible spending and health savings accounts; employee assistance program; other voluntary benefit programs such as supplemental life and AD&D, legal plan, pet insurance, critical illness, accident and hospital indemnity; tuition reimbursement; transit; the Applause Program, employee stock purchase plan, and the Sandisk's Savings 401(k) Plan. Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company's sole discretion, consistent with the law.

Job Details Corporate Headquarters - Ontario, CA Full Time Bachelor's $100000.00 - $120000.00 Salary Up to 25% Information Technology New-Indy Containerboard (NICB) is seeking a Senior IT Security Analyst, with a keen focus on optimization of the overall cybersecurity posture in NICB's IT & OT landscape. The Sr. IT Security Analyst will work with enterprise security initiatives by collaborating on policies, architectures, and training processes. This role will oversee the selection, deployment and sustainability of security solutions, conduct vulnerability assessments, and lead incident response efforts to protect NICB's IT & OT digital assets. The Senior IT Security Analyst will work closely with Infrastructure and Network teams, external security advisors, and NICB's IT & OT Sr. Leadership to implement cutting-edge security strategies and assure effectiveness of NICB's cybersecurity posture. What You'll Do: Strategy & Planning Implement and maintain enterprise security architecture. Lead security awareness training programs. Develop, enforce, and maintain security policies, baselines, and procedures. Oversee Business Continuity and Disaster Recovery Plans. Acquisition & Deployment Assess and integrate new security solutions, ensuring compliance with enterprise policies. Manage deployment of security enhancements, ensuring proper configuration. Stay informed about emerging threats and mitigation techniques. Operational Management Conduct advanced threat analysis and risk assessments. Identify, assess, and remediate vulnerabilities in systems and applications. Lead penetration testing and security audits. Ensure strict enforcement of security policies across the organization. Act as the primary liaison for security-related incidents, leading investigations. Collaborate with key business leaders and all business units to align security strategies with business goals. #LI-EA1 What You'll Need: Knowledge, Skills, and Experience Bachelor's degree in Computer Science, Engineering, or related field (Master's preferred). 7+ years of experience in IT security, enterprise architecture, and risk management. Advanced certifications preferred (CISSP, CISM, GIAC, or equivalent). Expertise in Splunk, DarkTrace, SentinelOne, FortiSIEM, Fortigate, Cylance. Strong experience with ISO-27000, NIST Framework, penetration testing, and cloud security. Deep knowledge of Windows, Mac OS, and enterprise networking. Organizational skills, attention to detail, follow up, documentation preparation and maintenance skills, and customer service orientation are crucial for success in this role. Exceptional interpersonal skills, with a focus on rapport-building, listening, and questioning. Exceptional written and oral communication skills. Experience within or supporting 24x7 manufacturing environments. Strong leadership and project management skills. Ability to conduct research into a wide range of computing issues as required. Ability to absorb and retain information quickly. Ability to present ideas in a user-friendly language. Highly self-motivated and directed. Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a high-pressure environment. Experience working in a team-oriented, collaborative environment. Knowledge of applicable data privacy practices and laws. Reliable and available to work a flexible schedule including nights and weekends. What You Need to Know: Work Conditions 40-hour on-site work week. Emergency call-in availability for 24-hour production environment. Dexterity of hands and fingers to operate a computer keyboard, mouse, power tools, and other computer components. Be able to lift 40 lbs. unassisted. Physically able to participate in sessions, presentations, and meetings. This position is in Ontario, California Some travel may be required for the purpose of offsite software and system integration efforts. Pay Transparency: The starting annual salary for this position ranges from $100,000 to $120,000 annually. New-Indy provides a variety of benefits to employees, including medical, dental and vision insurance coverage, life and disability insurance, retirement savings plan, paid holidays, and paid time off (PTO). Please note that the compensation information is a good faith estimate for this position and assumes a rate based on location and experience.

The Company: VeSync is a portfolio company with brands that cover different categories of health & wellness products. We wouldn't be surprised if you have one of our Levoit air purifiers in your living room or a COSORI air fryer whipping up healthy and delicious meals for you every night. We're a young and energetic company, we've had tremendous success, and we are constantly growing our team. As we garner more industry attention - just check out our accomplishments and awards by CES Innovation, iF Design, IGA, and Red Dot - we also need driven and talented people to join our team. That brings us to you, and what you'll be joining. Our teams are smart and diligent and take ownership of their work - they're confident in their work but know how to collaborate with open ears and a spirit of learning. If you're down-to-earth, approachable, and easy to strike up a conversation with, this may be a great fit for you. Check out our brands: levoit.com | cosori.com | etekcity.com The Opportunity: As an Information Security Analyst, this role is vital in protecting the organization's IT infrastructure and ensuring the confidentiality, integrity, and availability of systems and data. The position plays a key part in maintaining a secure and resilient digital environment, safeguarding sensitive information, ensuring compliance with regulatory standards, and proactively addressing potential risks. This role directly supports the organization's ability to defend against emerging cyber threats, respond swiftly to incidents, and uphold the trust of customers and stakeholders. Through collaboration with cross-functional teams, the Information Security Analyst helps develop and implement comprehensive security strategies, drives ongoing improvements in the organization's security posture, and ensures alignment with industry best practices. What you will do at VeSync: Information Security Planning • Develop and implement comprehensive information security plans to safeguard the security of company data and assets, including on-premise and cloud environments. • Thoroughly analyze the company's business processes and data characteristics, and combine industry best practices and frameworks such as NIST Cybersecurity Framework (CSF)to create customized security plans, ensuring the confidentiality, integrity, and availability of information assets in various scenarios. Policy Development and Compliance • Create security policies and ensure that the company's operations are in strict compliance with industry standards (e.g., ISO 27001, NIST, GDPR) and regulatory requirements. • Continuously monitor industry trends and regulatory changes, and adjust security policies in a timely manner to provide a solid security and compliance framework for the company's business operations. System, Network and Cloud Security • Maintain and enhance security measures for systems, networks , and public cloud platforms (e.g., AWS, Azure, GCP) to prevent potential threats. • Utilize advanced technical means and tools to conduct real - time monitoring and risk early warning of systems, networks, and cloud environments, promptly detect and block various attack behaviors, and ensure the stable and secure operation of IT infrastructure. Security Monitoring and Incident Response • Monitor security events in real - time, respond promptly to emergencies, and effectively mitigate risks. • Build an efficient security monitoring platform, use intelligent analysis technology to promptly capture abnormal behaviors, activate emergency response plans, and minimize the impact of security incidents. Security Awareness and Training • Develop and deliver security training programs to enhance employees' security awareness and encourage their adherence to best practices. • Design targeted training courses according to the needs of different positions and use diverse training methods to ensure that employees have a deep understanding of and implement security requirements. Access Control and Identity Management • Oversee user access controls, regularly review permissions, and ensure secure identity management. • Implement a strict access control mechanism, Conduct regular audits of user permissions, and use reliable identity management systems to prevent unauthorized access and ensure the security of company resources. Risk Assessment and Management • Conduct comprehensive risk assessments, identify vulnerabilities, and implement effective mitigation strategies. • Use scientific risk assessment methods and frameworks such as NIST CSF to evaluate potential threats and vulnerabilities, formulate corresponding mitigation measures based on the assessment results, and continuously improve the company's security defense capabilities. What you bring to the role: • Bachelor's degree in Information Security, Computer Science, or a related field. • 5+ years of experience in information security, with a strong background in security event analysis, incident response, vulnerability management, and risk assessment. • Hands-on experience with public cloud security (e.g., AWS, Azure, GCP), including cloud-native security tools and best practices. • Familiarity with security regulatory compliance standards and frameworks such as NIST CSF, ISO 27001, and CIS. • Knowledge of network security principles, intrusion detection/prevention systems (IDS/IPS), firewalls, and endpoint protection. • Understanding these aspects is essential for ensuring the company's security compliance and building a robust security defense system. • Strong analytical and problem - solving skills, with the ability to quickly identify and mitigate security threats. • Relevant security certifications such as CISSP, CISM, CEH are a plus. Location: This is an on-site, office-based role in Tustin, CA. Salary: Starting at $110,000 annually Perks and Benefits: • Company covers 100% for Medical/Dental/Vision insurances for employee AND spouse + dependents! • 401K with 4% employer match (eligible after 90 days of employment) and immediate 100% vesting • Generous PTO policy + paid holidays • Life Insurance • Voluntary Life Insurance • Disability Insurance • Critical Illness Coverage • Accident Insurance • Healthcare FSA • Dependent Care FSA • Travel Assistance Program • Employee Assistance Program (EAP) • Fully stocked kitchen

Applied Medical is a new generation medical device company with a proven business model and commitment to innovation fueled by rapid business growth and expansion. Our company has been developing and manufacturing advanced surgical technologies for over 35 years and has earned a strong reputation for excellence in the healthcare field. Our unique business model, combined with our dedication to delivering the highest quality products, enables team members to contribute in a larger capacity than is possible in typical positions. Position Description Are you passionate about cybersecurity? Join Applied Medical as a Network Security Analyst and be at the forefront of protecting our digital infrastructure. As part of our Corporate Applications team, you'll be working onsite at our global headquarters monitoring, analyzing, and responding to network security events, ensuring the confidentiality, integrity, and availability of our systems and data to align with the business goals. The ideal candidate has a strong technical background in networking and cybersecurity, with hands-on experience in threat detection, incident response, and security technologies. Key Responsibilities * Threat Detection: Monitor and analyze network traffic using SIEM, IDS/IPS, and other security tools. Develop and optimize detection rules and alerts to enhance threat visibility. * Incident Investigation: Conduct thorough investigations of security incidents and alerts to determine root cause and impact. Participate in incident response efforts and forensic investigations to contain and remediate threats. Main detailed documentation of incidents, response actions, and risk assessments to support post-incident reviews and compliance requirements. * Network and Infrastructure Security: Collaborate with IT and Security Operations to implement, configure, and maintain critical network security infrastructure, including firewalls, virtual private networks (VPNs), and intrusion prevention systems. Maintain and improve network segmentation, access control policies, and secure network architecture. Perform vulnerability assessments and support the development and execution of remediation plans. Stay informed about emerging threats, vulnerabilities, and advancements in security technologies. * Governance and Compliance: Assist in the development, implementation and ongoing maintenance of network security policies, standards, and procedures. Contribute to organizational efforts by aligning security practices with applicable regulatory frameworks and best practices. Position Requirements This position requires the following skills and attributes: * Associate's degree or above in Information Security, Computer Science, or a related field, or equivalent experience. * 3 - 5 years of experience of relevant work experience. * Experience with enterprise-grade security technologies. * Experience in performing packet-level analysis. * Experience with segmentation strategies. * Experience turning IDS/IPS to reduce false positives. * Ability to think in a proactive and innovative approach to solve security challenges. * Strong, effective communication skills both written and verbal. * Excellent analytical skills with a proven ability to solve complex problems. * Ability to multitask and plan all aspects of a project or process from inception to completion. * Familiarity with cybersecurity tools and technologies. * Proficiency in Microsoft Office programs. Preferred The following skills and attributes are preferred: * Strong understanding of networking protocols (TCP/IP, DNS, DHCP, etc.) and OSI model. * Experience with firewalls, IDS/IPS, VPNs, proxies, and other network security tools. * Knowledge of common attack vectors and mitigation techniques. If you are excited about making a significant impact and contribute to a dynamic team, we encourage you to apply and embark on an exciting journey of excellence at Applied Medical. Our unique business model empowers our team members to have a substantial impact, unlike conventional roles. Benefits Benefits: * Competitive compensation range: $80000 - $110000/year (California). * Comprehensive benefits package. * Training and mentorship opportunities. * On-campus wellness activities. * Education reimbursement program. * 401(k) program with discretionary employer match. * Generous vacation accrual and paid holiday schedule. Please note that the compensation range may be based on factors such as relevant education, qualifications, experience. The compensation range may be adjusted in the future, and special discretionary bonus or incentive compensation plans may apply. Our total reward package reflects our commitment to team member growth and well-being, as we invest in your development and offer a range of benefits designed to enhance your career and life. Equal Opportunity Employer Applied Medical is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (including pregnancy, childbirth, breastfeeding and related medical conditions), or sexual orientation, or any other basis protected by federal, state or local laws in the locations where Applied Medical operates.

Job Title: Security Engineer Employment Type: Full-Time (Only USC/GC candidates) The client is looking for a Security Engineer with expertise in firewall security, cloud security, and DevSecOps to join our team! If you have a passion for cybersecurity, risk assessment, and compliance, this is a great opportunity to work on cutting-edge security solutions. Key Responsibilities: Implement and manage security controls in Azure cloud environments. Review and enhance Palo Alto Firewall security rules and policies. Conduct vulnerability assessments and penetration testing to identify risks. Manage security monitoring tools for real-time threat detection and response. Ensure compliance with industry standards (SOX, PCI) and support security audits. Collaborate with DevOps & IT teams to integrate security best practices. Develop and maintain incident response plans and security awareness programs. Required Skills & Qualifications: 3+ years of experience in information security or IT. Strong knowledge of firewall security, cloud security, and DevSecOps. Experience with security tools such as: Palo Alto Firewall Crowdstrike EDR, IDP, Filevantage ArcticWolf, Delinea, Checkpoint Harmony, Automox Bachelor's degree in Computer Science, IT, or a related field (preferred).

This position is responsible for ensuring that the Bank's Security operations and preventive controls are managed and maintained in accordance with established Information Security policies, standards and procedures, published regulations and industry best practices. Primarily responsible for the constant review of vendor security controls in comparison with policies and industry frameworks, risk assessments, determination of control gaps and their remediation. ESSENTIAL FUNCTIONS * Performs vendor security risk assessments to determine inherent risk on proposed projects and assesses vendor security controls to determine residual risk. * Evaluates the potential exposure to application security risks and threats based on industry security frameworks and recommends appropriate mitigation. * Periodically assesses the information security controls design and execution applied by vendors for completeness and efficacy. * Assesses vendor security practices including Information Security governance, Identity and access control, Incident monitoring and response, Vulnerability assessment and Penetration tests, Network Security and Endpoint Security, among others. * Acts as liaison with Third Party Risk Management, Information Technology and business department Relationship Managers related to vendor risk assessments. * Remediate audit and regulatory findings and recommendations related to Information Security and Vendor Risk Management. * Participates in the implementation of Endpoint and Network Security solutions and monitors their correct usage. * Supports the execution of Penetration tests, contacts the appropriate parties and arranges the information and resources needed. * Supports the review of security baselines and ensures their implementation in network devices and endpoints. * Supports the review of vulnerability management metrics and proposes improvements to the control process. QUALIFICATIONS Education: * College degree in Information Technology or Information Security or equivalent. * Security+, SSCP, CISSP, CISM or similar information security certifications preferred. Experience: * Minimum 3 years of experience in Information Security Risk, Information Security Operations or Security Auditing. * Proven experience on third-party risk management and vendor security assessments. * Proven experience operating and/or implementing SIEM, EDR/XDR, NAC, IDS/IPS, WAF, IAM, FW, AD, EntraID and AVs. * Experience in securing and implementing policies for Cloud Technologies (M365, Azure, AWS) and the Microsoft (E5) technology stack including Microsoft Defender, Microsoft Intune or similar preferred. * Experience working with Vendor Risk Management (VRM) applications preferred. * Working knowledge of other security practices in the Endpoint Security, Network Security, Security Operations and Security Governance areas required. Skills/Ability: * Proven ability to initiate and manage projects. * Excellent communication and problem-solving skills. * Strong inter-personal communication and collaboration skills. * Self-starter, highly motivated, and able to work with general supervision. OTHER DETAILS $29.33 - $42.07 / hour Pay determined based on job-related knowledge, skills, experience, and location. This position may be eligible for a discretionary bonus.

Join our growing team of cloud software engineers and help us expand our ArcGIS Online SaaS services. We are looking for a professional with customer identity and access management experience to help us further enhance and secure Esri's customer account systems, with support from all levels of leadership. You will work closely with both our Product Development and Information Systems and Technology divisions to make a real difference for millions of users worldwide. Responsibilities Design, build, and enhance customer facing authentication solutions for Esri's commercial software products Design, develop, deploy, and maintain high quality features for our customer account system Provide expert guidance on developing a secure, user-friendly customer experience Architect innovative solutions to meet diverse business requirements Align customer login processes with business processes and identify required governance and policy needs, specifically in the areas of identity administration, provisioning, access governance, privileged access management, certification, and multifactor authentication Present proposals and our ongoing efforts to all levels of leadership, representing multiple business groups and technologies Requirements 8+ years of experience as a software developer, including experience with cloud computing platforms and services (MicroService Architectures, Docker Containers) and work with AWS 5+ years of industry experience coding in Java Demonstrated experience in technical leadership Experience architecting and designing large, web-based authentication systems Deep understanding of authentication and authorization standards (SAML, OAuth, OIDC) Good understanding of API design and Java design patterns Fundamental understanding of web services, including REST and SOAP Comfortable in a distributed team environment Advanced understanding of Linux Strong knowledge of Git Bachelor's in Computer Science, or Information Systems, or related STEM field Recommended Qualifications Hands-on experience implementing SAML IDP specifications Knowledge of and familiarity with Java build systems, such as Maven Understanding of Spring-based architectures Experience with Java profiling tools Working experience with Linux containers (Docker/Rkt) and container orchestration systems, such as Kubernetes and Nomad Knowledge of Go/Python/Ruby Understanding of SQL and/or NoSQL Familiarity with DevOps tools, such as Terraform, Packer, Consul, Vault, Prometheus, Nagios, Jenkins, Puppet, Chef #LI-TM1 #LI-Hybrid Total Rewards Esri's competitive total rewards strategy includes industry-leading health and welfare benefits: medical, dental, vision, basic and supplemental life insurance for employees (and their families), 401(k) and profit-sharing programs, minimum accrual of 80 hours of vacation leave, twelve paid holidays throughout the calendar year, and opportunities for personal and professional growth. Base salary is one component of our total rewards strategy. Compensation decisions and the base range for this role take into account many factors including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. A reasonable estimate of the base salary range is$116,480—$176,800 USD The Company At Esri, diversity is more than just a word on a map. When employees of different experiences, perspectives, backgrounds, and cultures come together, we are more innovative and ultimately a better place to work. We believe in having a diverse workforce that is unified under our mission of creating positive global change. We understand that diversity, equity, and inclusion is not a destination but an ongoing process. We are committed to the continuation of learning, growing, and changing our workplace so every employee can contribute to their life's best work. Our commitment to these principles extends to the global communities we serve by creating positive change with GIS technology. For more information on Esri's Racial Equity and Social Justice initiatives, please visit our website here. If you don't meet all of the preferred qualifications for this position, we encourage you to still apply! Esri is an equal opportunity employer (EOE) and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. If you need reasonable accommodation for any part of the employment process, please email ******************* and let us know the nature of your request and your contact information. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this e-mail address. Esri Privacy Esri takes our responsibility to protect your privacy seriously. We are committed to respecting your privacy by providing transparency in how we acquire and use your information, giving you control of your information and preferences, and holding ourselves to the highest national and international standards, including CCPA and GDPR compliance.

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able To Obtain: Top Secret SCI + Polygraph Suitability: Public Trust/Other Required: None Job Family: Physical Security Skills: Job Qualifications: Information Assurance, Physical Security, Security Clearances Certifications: Network+ CE - CompTIA Experience: 5 + years of related experience US Citizenship Required: Yes Job Description: Physical Security/Information Assurance Specialist Riverside, CA TS/SCI Security Clearance Is Required Apply your expertise to advance the mission and optimize our business strategy as a Physical Security/Information Assurance Specialist (PS/IA Specialist) at GDIT. Here, you'll support solving some of our clients' biggest challenges and help us grow the business. At GDIT, people are our differentiator. As a PS/IA Specialist you will help ensure today is safe and tomorrow is smarter. This position provides physical security (PS) and information assurance (IA) support for collateral, SCI and SAP systems in accordance with JSIG and other DoD and national guidance for facilities with internal networks and guest systems. HOW A PHYSICAL SECURITY OFFICER SENIOR WILL MAKE AN IMPACT Responsible to the Chief of Security for ensuring compliance with DCID and JSIG physical security and IA requirements and maintaining accreditation documentation. Conduct or manage physical and technical security (TEMPEST/TSCM) actions and procedures. Conduct preconstruction reviews and makes recommendations for compliance with guidance for construction, expansion and modifications of facilities. Assist the Information Assurance Manager with implementation of the information assurance program. Author, review and maintain Certification and Accreditation documentation. Assist with enforcement of personnel security controls for visitors and un-cleared personnel requiring entry to the facility. Enforce physical security controls of electronic devices and prohibited items; conduct entry/exit inspections. Identify IA and physical security vulnerabilities and ensure JAFAN 6/9 compliance. Conduct periodic IA & PS self-inspections and implement corrective actions. Review, track and conduct IA new user and refresher training. Implement local media control policies and procedures. What You'll Need To Succeed: Read Carefully please: This role requires someone that has experience in both Physical Security AND IT Assurance. Perhaps someone that has performed physical security while in early career and then transitioned to IT Security performing ISSO type of duties. Experience 5-7 years related experience Education Bachelor's degree in a related area or equivalent experience (4 years) Certifications IAT Level I - within 6 months of hire Security Clearance: TS/SCI Willingness to submit to a CI polygraph Gdit Is Your Place: 401K with company match Comprehensive health and wellness packages Internal mobility team dedicated to helping you own your career Professional growth opportunities including paid education and certifications Cutting-edge technology you can learn from Rest and recharge with extra paid vacation and holidays #GDIT #AirforceSAPopportunities #armajobs The likely salary range for this position is $81,345 - $110,055. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: 10-25% Telecommuting Options: Onsite Work Location: USA CA Riverside Additional Work Locations: Total Rewards At GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation's most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

As someone enthusiastic about securing a wide variety of applications, you are looking for an opportunity to learn about Application Security and contribute to an innovative and technology-oriented environment. As an Application Security Engineer at Esri, you will work with our team to secure Esri's intellectual property, networks, and sensitive data against a variety of complex threats, with support from all levels of leadership. We collaborate closely with the application development, DevSecOps, and information security departments to design security into our applications up front, perform application layer security testing, and assist developers with vulnerability remediation. We welcome you to join Esri, where you can make a real difference every day! Responsibilities Create, deploy, maintain and troubleshoot Web Application Firewall (WAF) policies for existing and new web applications Monitor and analyze activity logs to detect malicious internet traffic and indicators of compromise as well as to reduce false positive blocks Review WAF usage and define means to improve and mature protection policies Collaborate closely with application developers to analyze findings and implement required remediations or countermeasures Help assess and calculate application risks, communicate your findings to stakeholders of varying technical skill levels Assist leadership with organization of ongoing work across the team, policy and documentation creation, and preparation of relevant metrics on findings and remediation activity for leadership Interpret web protocol information to determine source, intent, and risk of threats Provide operational support, troubleshoot and quickly resolve problems Create and maintain technical documentation regarding the WAF including network diagrams, policies and operational procedures for managing the infrastructure Requirements 2+ years of relevant, full-time experience Thorough understanding of HTTP, TLS, DNS Knowledge of common web vulnerabilities, including those outlined in the OWASP Top 10, and how to mitigate them Familiarity with cloud infrastructure, network routing and basic infrastructure components Moderate understanding of JavaScript and its role in modern web applications Demonstrated ability to independently learn and adapt to new technologies Strong organizational skills and a detail-oriented approach Strong verbal and written communication and collaboration skills Bachelor's in Computer Science or related STEM field Recommended Qualifications Hands-on experience using web application firewall solutions such as offerings from Akamai, AWS, F5, or Fortinet Experience using Splunk to analyze logs and detect malicious activity Proficiency in scripting languages such as JavaScript, Python, Bash, or PowerShell for automation Experience using APIs for automation, integration, or data analysis Familiarity with Git Understanding of common encoding and encryption schemes, and algorithms #LI-TM1 #LI-Hybrid