Fetching information
Preparing content
Collaborate with cloud security and DevSecOps teams to integrate encryption and key management into CI/CD pipelines and Infrastructure as Code (IaC) deployments.. Stay ahead of advancements in cryptographic algorithms, quantum computing risks, and emerging IoT security frameworks.. Drive innovation in encryption automation, integrating key management with DevSecOps, and Infrastructure as Code (IaC).. Hands-on Experience with key management systems (HashiCorp Vault, ASW KMS, Azure Key Vault, OCI KMS).. Experience with Kubernetes, Terraform, Ansible, Chef, and CI/CD automation.
The mission of the penetration testing team is to protect Fidelity's assets and our customers' livelihoods from the threat of exploitation by malicious adversaries.. Preferred: OSCP, GWAPT, GXPN, GPEN, LPT, CEH, CISSP or other industry security certifications.. Demonstrated experience with common penetration testing and vulnerability assessment tools such as nmap, Wireshark, Nessus, NeXpose, BackTrack, Metasploit, AppScan, WebInspect, Burp Suite Professional, Acunetix, Arachni, w3af, NTOSpider. The Penetration Testing team forms part of Security Assessment group within Enterprise Cybersecurity (ECS).. Please be advised that Fidelity's business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirementrelated financial activities and the rules and regulations of numerous selfregulatory organizations, including FINRA, among others.
This role will require expertise in cybersecurity risk management, incident response, and cloud security architectures, as well as strong leadership abilities to mentor and guide teams in advancing organizational security capabilities.. RMF Compliance & ATO Processes: Oversee RMF compliance efforts and manage ATO processes for both classified and unclassified systems, ensuring security posture meets federal, DoD, and national security requirements.. Security Architecture Integration: Support the integration of cloud security architectures, vulnerability assessments, and mitigation strategies to enhance system security and resilience.. Extensive experience in integrating enterprise-wide security solutions, including cloud security architectures and vulnerability assessments.. Proven proficiency in leading incident response operations, developing IT security frameworks, and aligning them with DoD, SCI/SAP/JWICS standards.
We are seeking an experienced Information Security Compliance Manager with a background in professional services or law firm environments to lead compliance initiatives and oversee security audits.. Supervise the Cyber Security Compliance Analyst , guiding risk assessments, vulnerability management, security process audits, and compliance reporting.. Hands-on experience with cybersecurity tools, security logging, risk analysis, vulnerability management, and governance frameworks.. Exceptional ability to analyze risks, anticipate obstacles, and develop strategic security solutions.. Security certification preferred (CISSP, CISM, CRISC, or equivalent).
Director, Senior Cloud Security Architect. KPMG is currently seeking a Director, Senior Cloud Security Architect to join our Global Information Solution Group which is part of KPMG International.. + Minimum ten years of recent experience such as security architecture, threat modelling experience, identity management and authentication, software development, cryptography, penetration testing, cloud security, mobile security, and network security. + Certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Azure Cybersecurity Expert, or equivalent are highly desirable. + In-depth understanding of cloud security principles, best practices, and industry frameworks such as Cloud Security Alliance (CSA), Center for Internet Security (CIS), National Institute of Standards and Technology (NIST), and International Organization for Standardization (ISO)
Stays abreast of competitive landscape and emerging technologies to best position Comcast Business Services in the marketplace.. Develops sales territory, including cultivation of local partnerships and organizational affiliations.. Demonstrates some knowledge of Network Design, MAN technologies & designs including DSx, OC-x, WDM, Ethernet, Internet Technologies, Functionality & Services, Voice Network Technologies (including VoIP), Data Networking Technologies, Functionality & Services (LAN, MAN, WAN, VPN), Networking Protocols (with an emphasis on Layers 1,2, & 3), Customer Premise Equipment (voice & data), Business Continuity/Disaster Recovery concepts and E-rate Contracting Processes and Procedures.. Product Positioning; Direct Selling; Prospecting; Business Sales; Lead Generation; Cold Calling. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus.
Network Engineer (Hybrid) Clearance Requirement: Active Secret Clearance or higher. Maintain day-to-day network operations and perform disaster recovery and data backup procedures as needed.. 6+ years of experience with Juniper and Palo Alto firewalls.. Basic scripting experience (e.g., Python, Ansible, TCL, Bash).. Juniper or Palo Alto certifications.
Own the IT roadmap at One Door Inc., ensuring employees have a seamless experience with Google Workspaces, Slack, Zoom, Okta SSO, and a responsive help desk so our distributed team can stay productive and connected.. Lead the evolution of CI/CD pipelines, Infrastructure-as-Code (IaC) (e.g., Terraform, CloudFormation), and automated monitoring/alerting (NewRelic, Cloudwatch, PagerDuty) to ensure rapid, reliable deployments.. Develop and own One Doors InfoSec strategy, governance model, and multi-year roadmapbalancing cutting-edge AI capabilities with strong data protection.. Define security architecture, conduct regular risk assessments, and oversee vulnerability management (e.g., container scanning, pen testing) and incident response drills.. Hands-on expertise with CI/CD tools (GitHub Actions, or GitLab CI), container orchestration (Kubernetes/EKS), and Infrastructure-as-Code frameworks (Terraform, CloudFormation).
We represent companies at every stage of development, from entrepreneurial start-ups to multibillion-dollar global corporations, as well as the venture firms, private equity firms, and investment banks that finance and advise them.. This position under the direction of the Director of Security Engineering and Operations, is responsible for managing the Firms information security systems and processes, assuring enforcement of security policies, managing the information security threat lifecycle, analyzing and responding to security events escalated by the Security Operations Center (SOC) and coordinating actions to limit risks identified through our automated systems.. Manage the Firms security technology including but not limited to: anti-virus, vulnerability scanning, intrusion detection, content filtering, and insider threat systems. One or more of the following certifications required: GIAC, CISSP, CISM, CEH, CIPP. Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls
Serve as SME for Palo Alto Networks firewalls, Prisma Access, and Panorama.. Integrate security into CI/CD pipelines and infrastructure provisioning via Terraform, Ansible, or Python.. Deep expertise in Palo Alto Networks products and Cisco security platforms.. Scripting/automation proficiency (Python, Bash, PowerShell, or IaC tools).. Background in segmentation frameworks (e.g., SCADA/ICS, OT security), or data loss prevention (DLP).
Implement, and maintain Data Loss Prevention (DLP) solutions to safeguard sensitive data from unauthorized disclosure, loss, or leakage. Collaborate with multi-functional teams, including IT, Legal, and Compliance, to ensure DLP strategies align with regulatory requirements and industry standards. Stay ahead with the latest trends and developments in DLP technologies, data protection regulations, and industry standard processes. Deep technical knowledge and hands-on experience with leading DLP platforms such as Microsoft Purview, Microsoft Defender, Symantec DLP, McAfee DLP, or Forcepoint DLP. Proficient in configuring DLP policies, rules, and alerts to implement data protection policies and prevent data loss
Resilience : Incident Response, Business Continuity, and Disaster Recovery planning; tabletop exercise design and facilitation. Third Party Risk Management : TPRM program assessments; TPRM program designs (processes, tooling); vendor risk assessments. Regulatory Compliance : Regulatory mapping and horizon scanning; compliance readiness and remediation activities; exam and reporting support. Expertise on systems pre- and post-implementation reviews, third-party risk management, systems development life cycle controls assessment, data analytics, disaster recovery planning, regulatory compliance, and IT project risk management, with a focus on building resilient, secure IT environments aligned with regulatory and operational standards. Professional certification (CISA, CISM, CISSP, CIPT, CIPP, CIPM)
This role provides technical expertise in multiple areas of cybersecurity to include Cloud Security and Endpoint Security.. Experience in Threat Intelligence/Hunting using KQL.. Solid Microsoft Azure experience, including M365.. Solid understanding of system and network security technologies and related concepts, e.g. boundary protection, network segmentation, firewalls, endpoint security, threat hunting and data protection.. Azure GCC-H exposure is desired.
A leading global investment firm is looking to hire a Senior Security Administrator/Engineer to join their growing InfoSec team and help drive strategic and technical security initiatives across the enterprise.. Hybrid in Boston | Reports to CIO/CISO. Administer and enhance SIEM, IDS/IPS, IAM, EDR, and Zero Trust infrastructure. Own vulnerability management, forensic analysis, and endpoint security. Deep experience with SIEM, identity platforms, cloud security, and endpoint tools
Design and implement systems including CCTV, access control, intrusion detection, and biometrics. Lead zoning layouts, mantrap flows, visitor access, and badging protocols. Ensure high resiliency with dual-path communications, UPS backups, and penetration testing programs. Security ecosystems like Genetec, LenelS2, Honeywell, or Avigilon.. Remote-first culture with access to WeWork spaces
SecureW2 is a fast-growing provider of cloud-based network security solutions, helping organizations seamlessly deploy certificate-based authentication, PKI, and identity security. We are looking for a high-impact Customer Success Manager (CSM) who thrives in a growth-stage environment, where agility, adaptability, and a proactive approach are key to success. The ideal candidate is a technical, business-savvy, and revenue-oriented CSM who is comfortable wearing multiple hats, including acting as a trusted technical advisor, expansion advocate, and executive-level relationship manager. 4+ years of experience in Customer Success Management within cybersecurity, identity and access management (IAM), endpoint and network security, cloud security, IT and security operations, or related technology sectors. Experience in network security, identity management or PKI.
Join to apply for the Litigation Associate (Privacy and Cybersecurity) role at Mintz. Our pretrial, discovery, trial and appellate efforts are designed to solve clients' problems through a collaborative, results-driven approach.. Applicants should have a comprehensive complex litigation skill set and experience in risk assessment, forensic and government investigations, crisis communications and response, and state and federal regulatory enforcement actions.. Responsibilities will include analysis of complex regulatory matters and investigations, advising clients on crisis management and cybersecurity incident response, brief and motion drafting, legal research, running document production, deposition prep, expert discovery and trial practice.. Graduated with a JD or LLM from an ABaccredited law school
Also, should have knowledge of 3rd Party security assessments and applicability of SOC1 and SOC2 reports and concepts of vendor risk management.. Application Security - Experience with the design of security controls for multi-tier business solutions including the design of application-level access and entitlement management, data tenancy and isolation, encryption, and logging.. Cloud Security –Technical understanding of virtualization, cloud infrastructure, and public cloud offerings and experience designing security configuration and controls within cloud-based solutions in Microsoft Azure Google GCP, Amazon AWS and other vendors.. Infrastructure Security – Experience with the integration of common infrastructure security technologies and solutions into business solution architectures including the integration of identity & access management, intrusion detection and prevention, security monitoring, and data encryption solutions.. Cloud security certifications such as AZ-300 Azure Architect Technologies, CISSP or security related certifications.
The Global Information and AI Security Director provides internal BCG technical consulting around information security architecture and security design measures for new projects, ventures and systems.. The Global Information and AI Security Director works with teams inside BCG to secure the building and maintenance of complex computing environments to train, deploy, and operate Artificial Intelligence/ML systems by determining security requirements; planning, implementing and testing security systems; participate in AI/ML/LLM projects as the Security Subject Matter Expert; preparing security standards, policies and procedures; and mentoring team members.. Expert understanding of the Secure Software Development Lifecycle (SSDLC), including secure architecture, threat modeling frameworks (e.g., MAESTRO, PASTA, STRIDE), penetration testing, secure coding practices, vulnerability management, and incident response.. Familiarity with data warehouse and data lake environments such as Databricks, Azure Fabric, or Snowflake, including security best practices in managing and securing large-scale data ecosystems.. Communications Data Analyst - Relocate to Saudi Arabia, Permanent Expat Family Relocation Package Boston, MA $79,538.68-$118,661.11 4 weeks ago
Join to apply for the Litigation Associate (Privacy and Cybersecurity) role at Mintz. Our pretrial, discovery, trial and appellate efforts are designed to solve clients' problems through a collaborative, results-driven approach.. Applicants should have a comprehensive complex litigation skill set and experience in risk assessment, forensic and government investigations, crisis communications and response, and state and federal regulatory enforcement actions.. Responsibilities will include analysis of complex regulatory matters and investigations, advising clients on crisis management and cybersecurity incident response, brief and motion drafting, legal research, running document production, deposition prep, expert discovery and trial practice.. Graduated with a JD or LLM from an ABaccredited law school