Sr. Cybersecurity Engineer at PitchBook Data
At PitchBook we work to provide global professionals with comprehensive data on the entire venture capital, private equity and M&A landscape so they can discover and execute opportunities with confidence. We credit our success and rapid growth to our cutting-edge products, customer-centered attitude and ability to embrace and drive change.
In just over a decade, PitchBook has reached over 2,100 global employees with offices worldwide, and we’re not slowing down Consistently recognized as a Best Place to Work, our culture is at the heart of our success and is driven by excellence, inclusion and fun. At PitchBook we’re committed to fostering an open and collaborative work environment.
About the Role:
As the Senior Cybersecurity Engineer in PitchBook’s engineering division, you will oversee the execution and management of security and technical delivery for PitchBook’s suite of products and data platforms in support of key business objectives. You and your cybersecurity engineering team will work with product engineers, management and over a thousand global employees to protect PitchBook data assets and information systems from the growing global threat landscape while providing cyber risk management for PitchBook’s mission and customers.
This role will be key to developing and overseeing application security standards and requirements development. Your ability to collaborate with colleagues, provide leadership in a matrix-style structure and level up junior engineers will be critical to your success. You will solicit feedback, engage others with empathy and help create a culture of belonging, teamwork and purpose.
Primary Job Responsibilities:
• As a strong hands-on person in the team, you will write code to perform security automation and tool development to enhance the security of PitchBook infrastructure
• Always be identifying newer and more secure ways to access and protect assets
• Analyze and secure computing clusters such as Kubernetes and ECS
• Provide technical and security expertise throughout incident response (including log analysis, memory and disk forensics, reverse engineering, network containment and threat eradication)
• Design and develop controls on all aspects of the security lifecycle – protect, detect, contain, respond and recover; talk about the usefulness of those controls with various teams
• Select and manage application security solutions, such as Web Application Firewalls (WAF), security scanners and security incident and event management (SIEM) tools
• Integrate application security testing and controls into different phases of teams’ development lifecycles
• Provide security expertise and consulting to partner teams in product functions and across the enterprise as needed
• Collaborate and partner with the IT, DevOps, Engineering and Test teams to ensure the successful completion of our roadmaps and initiatives
Skills and Qualifications:
• 5 to 7 years of experience in Information Security or 3 to 5 years of experience in related technology functions, such as infrastructure/cloud engineering or software development
• Experience in docker containers and Kubernetes security such as pod-security policy, network security policy
• Experience in developing infrastructure-as-a-code using Terraform, CloudFormation, CI/CD, Gitlab
• Experience in working with various AWS logs such VPC Flowlog, S3, ELB, CloudFront and outputs WAF, network firewalls, IDS/IPS. etc.
• Experience in one or more programming languages (Python, , Java) and shell scripting
• Experience in patch management, container scanning and vulnerability scanning in the cloud
• Experience in memory analysis, forensic and network analysis tools such as Wireshark, BurpSuite, TCPDump and Scapy
• Collaborative communication skills, written and verbal. You can effectively read the situation and adjust your communication style to the audience
If you are ready to start the conversation about how you might contribute to all the happenings at PitchBook, submit your resume today PitchBook appreciates and respects diversity, and as such, we are an equal opportunity employer.
For Remote Sr. Cybersecurity Engineer roles, visit Remote Sr. Cybersecurity Engineer Roles
Software/Cyber Engineer – Entry level at Northrop Grumman
A career in Software or Cyber Engineering at Northrop Grumman will touch virtually everything we do. From equipment that protects our men and women in uniform, to satellites that predict climate change, engineers are huge contributors to our mission. Software/Cyber Engineering positions involve full life-cycle product development on architectures ranging from distributed networks of workstations and PCs to custom-designed, real-time embedded systems. Applications include real-time control, target class/detect/tracking, data acquisition and analysis, signal processing, networks communications/security, intelligence data cross correlation, image processing, reverse engineering, artificial intelligence, database management and GUI development. Northrop Grumman offers a variety of challenging roles for qualified candidates with Bachelors, Masters or PhD degrees in multiple Software oriented disciplines. These opportunities can be for rotational programs (Future Technical Leaders or Professional Development Program) or direct placement roles. Wondering what you could be doing with your degree at Northrop Grumman? Here are just a few examples: As a software engineer , you could find yourself in a role as an Embedded Software Developer, Systems Administrator, Database Analyst, Applications Developer, Java Developer, Software Developer, Test &Evaluation Engineer, General Research Analyst, Simulation Engineer, Software Engineer or a Product Development Engineer. As a cyber-engineer , you could find yourself on the front lines of our nation’s critical information and systems in a role a Cyber Incident Analyst Responder, Cyber Intelligence Analyst, Cyber Software Engineer or Cyber Forensics Specialist. Our recruiters are looking forward to working with you to fulfill your career goals by identifying the best opportunity for you. To assist us in making sure you are considered for the best possible fit, please be sure to complete all questions in the profile including location preference, skills and areas of interest. Northrop Grumman larger facilities include but are not limited to: Baltimore, MD; Chandler, AZ; Huntsville, AL, Northern VA; Melbourne, FL; Northridge, CA; Ogden, UT; Oklahoma City, OK; Palmdale, CA; Plymouth, MN; Redondo Beach, CA; Rocket Center, WV; Rolling Meadows, IL; Roy, UT San Diego, CA Performance standards that a candidate must have to be successful in these positions include: Leadership and teamwork capabilities Interpersonal communication skills Extracurricular activities (campus organizations, clubs, student organizations, community service) Ability to effectively articulate technical challenges and solutions Exceptional written and oral communication skills Prospect Qualifications: A prospect, regardless of age and hiring source must meet all of the below criteria: Enrolled in or having received an undergraduate or graduate degree from an accredited college/university majoring in a science, technology, engineering, or related degree Possess an overall cumulative GPA of 3.0/4.0 or higher Be eligible to obtain a U.S. Government security clearance (U.S. citizenship is a pre requisite) Preferred Qualifications: Overall GPA of 3.25/4.0 or higher Prior internship or research experience in related field Proficiency in Microsoft office suite
For Remote Software/Cyber Engineer – Entry level roles, visit Remote Software/Cyber Engineer – Entry level Roles
Security Analyst, Anti Scraping Investigation at Meta Inc
Meta is looking for an investigator to join the EDM Enforcement team to lead, innovate, and take on the full range of scraping threats to the Meta family of apps. The position will be responsible for conducting end-to-end investigations on a large scope of actors seeking unauthorized access to user data, and working with a wide range of stakeholders across the company to drive the evolution of Meta’s data policy, products, and enforcement options to identify, neutralize, and deter scraping on the platform. The role requires the candidate to have technical and OSINT experience, exposure to the adversarial space, and experience working with cross functional partners. The ideal candidate will work diligently on their own, empower their teammates, efficiently share knowledge, and translate technical and OSINT findings into actionable enforcement options. A mix of technical, leadership, business acumen coupled with polished communication and a strong desire to learn are key to success in this position.
Security Analyst, Anti Scraping Investigation Responsibilities:
• Investigate complex cases using a variety of methodologies (on and off platform) to understand how abuse is occurring and attribute the person(s) responsible. Identify enforcement strategies to mitigate harm both in the current case and from similar forward-looking abuse. Document findings in detailed, concise, and comprehensive reports.
• Engage cross-functionally with other analytic and investigative teams within the company to develop best practices for conducting investigations, training, and tracking and reporting on investigation trends to the team and supporting legal and technical enforcement actions against bad actors.
• Manage multiple investigations at once while effectively prioritizing time.
• Assist in the development of the long-term strategy in investigations to improve tactics, discoverability of threats, and enhance efficiencies.
• Proactively look for currently undetected abuse by leveraging internal data, open-source intelligence, and third party private intelligence.
• Drive and lead exploration of the scraping ecosystem, understand the scraping enabled business models, and the most significant risks and harms of scraping to users.
• 5+ years of investigative experience conducting technical and non-technical investigations of online threats and abuse.
• 2+ years experience writing complex SQL queries to drive analysis and insights.
• 2+ years experience conducting OSINT and attribution investigations.
• Experience with, and exposure to, Linux/Unix environment, PHP, Python, Java, or other programming/scripting languages, TCP/IP protocol stack, and a variety of operating systems.
• Experience applying data analytics to security risk analysis and investigations.
• Experience drafting investigative reports, documenting evidence and technical findings, for a range of technical and nontechnical audiences. Experience and demonstrated experience working with cross-functional teams.
• Experience leading and empowering teammates.
Facebook is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.Facebook is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at .
For Remote Security Analyst, Anti Scraping Investigation roles, visit Remote Security Analyst, Anti Scraping Investigation Roles
Cloud Audit Analyst – Opportunity for Working Remotely at VMware
Why will you enjoy this new opportunity?
You will have exposure to a fast-paced, dynamic environment of VMware leveraging your audit expertise in collaboration with a global team to deliver an innovative risk assurance and advisory services to a broad stakeholder group.
This is a great opportunity for auditors that are seeking to build experience in the enterprise software, cloud and SaaS industry and to bring meaningful impact to the business through risk insights to management.
Our global team has scope across compliance, operations, and cloud services, enabling members of our team to have broad perspective across VMware.
As you join VMware, you will help grow a company that makes meaningful and significant technology solutions and is committed to being a “force for good” in technology. Our mission is to become the trusted foundation for accelerating innovation in an unpredictable world. VMware software is essential for making the applications and devices your family and friends use every day a reality which means your work is essential for transforming everywhere.
Success in the Role: What are the performance outcomes over the first 6-12 months you will work toward completing?
• Gain an understanding of the Cloud Assurance team and our internal audit processes, what we do, why we do it and how we measure it all
• Ability to independently lead and/or support multiple internal audits and projects across various business units
• Determine technical and business impact of identified security and control issues and provide remediation guidance when needed The Work: What type of work will you be doing? What assignments, requirements, or skills will you be performing on a regular basis?
• Perform security compliance assessments for VMware SAAS offerings.
• Build and maintain reporting dashboards and metrics to communicate progress
• Developing value-added recommendations to improve internal IT controls and operating efficiency
• Collaborate with other compliance functions including the SOX and GRC teams
• Proven project management skills with the ability to manage multiple concurrent projects.
• Ability to quickly adapt and learn, and desire to expand knowledge
• Relevant experience in IT Audit, IT Security, IT Compliance, Information Risk or Cybersecurity
• Familiarity with compliance frameworks and security standards such as ISO 27001, SOC 2, PCI DSS, NIST
• Functional knowledge of commonly used cloud service providers, including AWS, Azure and/or GCP
• Strong communication skills with the ability to interface with both technical experts and senior level management.
• CCSP, CISSP, CISA, AWS/Azure Security or similar certifications desired What is the leadership like for this role? What is the structure and culture of the team like?
You will be joining the InfoSec Assurance team that collaborates and operates with transparency from analysts to VP level that is aligned with the goal of supporting our leaders achieve goals with risk-informed decisions.
Where is this role located?
Flexible: Ideally this role is based out of VMwares Palo Alto office. We are open to candidates working fully remote within the US, allowing you the flexibility to work from the location you feel most productive and comfortable.
What are the benefits and perks of working at VMware?
You and your loved ones will be supported with a competitive and comprehensive benefits package. Below are some highlights, or you can view the complete benefits package by visiting .
• Employee Stock Purchase Plan
• Medical Coverage, Retirement, and Parental Leave Plans for All Family Types
• Generous Time Off Programs
• 40 hours of paid time to volunteer in your community
• Rethink’s Neurodiversity program to support parents raising children with learning or behavior challenges, or developmental disabilities
• Financial contributions to your ongoing development (conference participation, trainings, course work, etc.)
• Wellness reimbursement and online fitness and wellbeing classes This job may require the candidate to travel and/or work from a facility that requires full vaccination prior to entry.
Category : Engineering and Technology
Subcategory: Technology Compliance
Experience: Manager and Professional
Full Time/Part Time: Full Time
Posted Date: 2022-08-23
VMware Company Overview: At VMware, we believe that software has the power to unlock new opportunities for people and our planet. We look beyond the barriers of compromise to engineer new ways to make technologies work together seamlessly. Our cloud, mobility, and security software form a flexible, consistent digital foundation for securely delivering the apps, services and experiences that are transforming business innovation around the globe. At the core of what we do are our people who deeply value execution, passion, integrity, customers, and community. Shape whats possible today at .
Equal Employment Opportunity Statement: VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. Vmware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.
Web Reference : AJF/433681386-764
Posted Date : Thu, 15 Sep 2022
To apply for this position you will complete an application form on another website provided by or on behalf of VMware. Please note IT Jobs for ColU Fans is not responsible for the application process on any external website.
For Remote Cloud Audit Analyst – Opportunity for Working Remotely roles, visit Remote Cloud Audit Analyst – Opportunity for Working Remotely Roles