Sr. Information Security Analyst at Promethean
Who is Promethean?
Collaborative discovery is at the heart of the learning experience. With more than two decades helping people learn and grow together, Promethean is a true partner for educators, innovators, and business leaders. Our award-winning interactive displays and lesson delivery solutions transform learning and workspaces into creative, connected environments to foster collective success.
At the heart of Promethean is a team of education strategists, designers, and technologists that is dedicated to inspiring engagement and empowering teachers and students around the world. Our goal is to make education technology commonplace in all learning environments, and we strive every day to develop intuitive solutions that speed learning, insights, and creativity.
The Promethean team spans the globe and our work impacts the lives of millions of teachers and students. We stand by our solutions and our employees, offering highly competitive benefits and compensation, as well as providing a work-life balance that lifts and sustains us as we navigate a new future.
We are #TeamPromethean. Join us.
Promethean’s IT team provides solutions to our worldwide workforce that enable them to do the important work of transforming students and teachers lives. We respond to needs, solve problems, provide answers, and continuously stay at the top of our game. We hire professionals who are exceptionally capable, and that is our promise to our clients.
About This Role…
The Senior Information Security Analyst focuses on the day-to-day operation of the information security infrastructure at Promethean, assisting with articulating technical security requirements, monitoring the effectiveness of existing information security framework, making recommendations for enhancements, and raising the level of security awareness. The Senior Analyst optimizes and manages security technologies to provide detective and preventative capabilities (vulnerability scanning, endpoint security, intrusion detection, data classification, data loss prevention, network forensics, network, and application security, IAM, RBAC, and event/incident management). This role provides primary operational support for security events and alerts as well as response support to users, advising users on alignment to security policies.
As a Sr. Information Security Analyst, You Will
• Perform day-to-day security operation functions, including incident triage, investigation, and response.
• Monitor the organization’s networks for security breaches and investigate when one occurs, using security monitoring and reporting tools (i.e. SIEM, EDR, IAM, and IDS).
• Perform security event correlation using information gathered from a variety of sources and conduct system forensics in response to security incidents.
• Use and maintain software and services to protect sensitive information.
• Participate in security audits documenting compliance with published policies and guidelines.
• Coordinate with Infrastructure and DevOps team and drive incident response and containment efforts.
• Develop incident playbooks.
• Track operational metrics related to alerts, incidents, and vulnerabilities.
• Analyze and respond to hardware and software vulnerabilities and security patching.
• Maintain relevant documentation including process flows and technical operational procedures.
• Research the latest information security threats and trends, to educate and refine relevant monitoring and processes. Recommend enhancements to the information security processes, technologies, and training materials.
• Understand, implement, and follow disaster recovery plans and incident response plans.
• Participate in various programs and initiatives supporting the further implementation of the company’s Information Security Policies and Standards. Contribute to developing security standards and best practices for the organization.
• Be an advocate for Information Security awareness within the company. Help staff to implement or learn about new security products and procedures.
• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent work experience.
• 5 years of experience as a Security Analyst or in a security operations, engineering, or forensics role.
• At least one or more of the following: (ISC)2 CISSP, SSCP, CCSP, or Associate; CompTIA Security+, CySA+; GIAC GSEC, GCLD, GSOC; ISACA CSX-P; Microsoft MC:SOAA, MC:CAE. All certifications must be maintained. Other IT-related certifications considered.
• Strong foundation in information technology and information security principles and standards, including NIST 800-53 Cybersecurity Framework, CIS Critical Security Controls, MITRE ATT&CK.
• Familiar with security audit standards including AICPA SOC 2, ISO 27001/27002, and with national and international data protection regulations such as CCPA and GDPR.
• Familiar with securing public cloud infrastructure in Microsoft Azure. Certification preferred.
• Familiar with the Microsoft Security product suite, including Microsoft Sentinel SIEM, Defender CASB and XDR; Azure Active Directory for I&AM protection; Microsoft 365 Defender for business data and endpoint protection. Certification preferred.
• Interpersonal and collaborative skills and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
• High level of personal integrity, and the ability to professionally handle confidential matters.
• High degree of initiative, dependability, and ability to work with little supervision or under the pressure of a high-profile incident.
• Detail oriented, monitoring many events and tools simultaneously.
• Natural passion for security and strong drive to see both projects and investigations to completion.
We take our work seriously because it has impact! We empower students worldwide to learn. We are driven to continuously innovate and develop educational technology that inspires students to unleash their potential. We believe in the power of education to change the world and come to work each day with our sleeves rolled up ready to make a difference! However, we also appreciate that life isn’t just about work. We are a small company with big rewards and understand that you also need time to unwind. Join a company where you can be your best self, work on challenging problems, and have some fun along the way; join Promethean.
Promethean is honored to be an equal opportunity workplace. We realize that by creating teams rich in diverse thoughts and experiences, our people, company and customers are free to thrive. We are committed to providing equal employment opportunities regardless of race, color, national origin, religion, creed, genetic information, sex (including pregnancy, sexual orientation or gender identity), age, marital status, disability, military or veteran status; or any other protected classifications or characteristics under applicable local laws. In addition, Promethean values privacy and the protection of personal information.
Please contact email@example.com if you have an accessibility request at any point during the hiring process.
Information Security Analyst at VERITY CREDIT UNION GROUP
Headquarters – Seattle, WA
$67,602.00 – $99,415.00 Salary/year
We are hiring for an Information Security Analyst! At Verity we empower our member’s financial lives and create vibrant communities. Verity has been a local member-owned credit union since 1933. Verity means truth-and this guides our actions. Honesty may not be the easiest approach, but it is the right one. We are the only financial institution in the Pacific Northwest that is a part of the Global Alliance for Banking on Values (GABV). The salary shown shown represents the minimum and maximum range for this position. Pay is negotiable based on experience and/or any unique requirements of the position.
How you can make a difference
This position is responsible for the monitoring, administration and development of, and incident response for, IT Security and risk based monitoring systems including, but not limited to, online banking anomaly detection, IDS/IPS, Security Information & Event Management, data loss prevention (DLP), vulnerability management, environmental monitoring and user activity. Responsible to assist in the development, deployment, and maintenance of corporate information security strategy. In the event of an IT security incident or breach, responsible for acting as a leading member of the IT Security Incident Response Team.
We know it’s more than just a job.
Verity has always been committed to maintaining a positive work culture and making sure people come first. Some ways we help employees live their best lives:
• Benefits (Medical, dental and Vision) no vision or dental premiums for employee only coverage
• Paid time off, combined vacation and sick leave starts accruing immediately and is available to all employees who work 20+ hours per week.
• 11 paid holidays each year
• Up to 8 hours of paid volunteer time off each year
• $200 wellness subsidy for fitness-related activities
ESSENTIAL JOB FUNCTIONS
• Monitor for security breaches in partnership with 3rd party security partners
• Ensure the secure operation of computer systems, servers and network connections
• Oversee the development, implementation and maintenance of security policies, procedures and plans based on industry standard best practices.
• Monitor server logs, firewall logs, intrusion detection log and network traffic for unusual or suspicious activity.
• Investigate security issues until resolution
• Lead efforts with other technology associates to fully secure confidential information and systems
• Oversee regular penetration testing of all systems in order to identify system vulnerabilities
• Lead security configuration determinations and participate in implementation of upgrades and changes as necessary
• Proactively recommend solutions related to security issues and opportunities
• Work with internal and external auditors to prepare documentation for audits and exams, and work with IT management to address open audit and exam findings
• Serve as a technical and procedural resource for the team in all security related areas
• Assist with information security training in the department and across the organization
• Serve as an information security point of contact in disaster recovery procedures and other measures required in the event of a security breach.
• Organize and lead root cause analysis and response reviews for security issues as needed.
• Ensure documentation is updated following all security incidents.
QUALIFICATIONS AND REQUIREMENTS
• Minimum of 3 year’s industry related experience, and at least 1 year of direct information security monitoring and response experience
• Industry certifications a plus (CISSP)
• Strong verbal, written and interpersonal skills
• Detail oriented with solid presentation and communication skills
• Ability to work independently or as a team leader
• Ability to present a positive and professional image to all employees and members
• Experience with Palo Alto Firewall and Cisco ASA
• Experience with Vulnerability Scan applications such as Rapid 7 and or Taegis
• Familiarity with Threat intelligence sources
• Understanding of malware, network threats, attack vectors, incident response.
• Experience with MS365 and security tools such as MS Intune MDM and MS Defender Endpoint Portal
• General networking Knowledge
• Technical certifications relevant to the current architecture, or equivalent industry-related is a plus.
Verity Credit Union will reasonably accommodate the physical aspects of its position. The following are some physical considerations for this position:
• Ability to effectively and efficiently communicate with a diverse realm of membership, fellow employees and vendors
• Ability to sit or stand for long periods of time
• Ability to work on computers for a long period of time in an office environment
• Ability to lift PCs and other equipment
Washington is an At-Will Employment State
Your employment is “at will”, meaning you are free to resign at any time, for any reason, with or without notice. Verity Credit Union is also free to conclude the employment relationship with you at any time, for any reason, with or without notice.
No statement or promise by a credit union representative or board member may be interpreted as a change in the “at will” policy, nor would it constitute an employment or other contractual agreement.
For Remote Information Security Analyst roles, visit Remote Information Security Analyst Roles
Senior Security Engineer/Information Analyst at Shinola
Position: Senior Security Engineer / Information Analyst
Senior Information Security Analyst
Position Type: Full-Time
Detroit, MI or Seattle, WA / Remote
At Shinola, we make beautiful, enduring, handcrafted goods that are built to be lived in, worn out, and well loved. Our thoughtful craftsmanship, timeless design and spirited stories inspire our customers to live well, with confidence & joy—in a style that is uniquely their own! Because we are a growing and evolving company, each employee is a key stakeholder, making decisions every day that directly impact our overall vision and direction.
At Shinola, you’ll have the opportunity to make a significant contribution t of what we believe will become an iconic American brand.
The Senior Information Security Analyst will plan, implement, upgrade, and monitor security protocols for the protection of the organization’s computer networks and information. This position works closely with our infrastructure and applications teams daily to fulfill the organization’s IT security needs. Our IT department has a growing security practice which in this role you will help to form and mature through setting policy and determining best practices.
• Collaborates with users to discuss computer data access needs, to identify security
threats and violations, and to identify and recommend needed programming or process
• Sets and enforces policy for the organization’s data encryption, firewalls, and other
security tools and applications to conceal and protect transfers of confidential digital
• Develops and implements plans to safeguard digital data from accidental or
unauthorized modification, destruction, or disclosure; adheres to emergency data
• Reviews violations of security procedures; provides training to ensure violations do not
• Manages the organizations security awareness training program.
• Monitors and restricts access to sensitive, confidential, or other high-security data.
• Modifies security files and applications as able and necessary to provide specialized
access, allow new software to be installed or integrated, or correct errors.
• Performs risk assessments, audits, and tests to ensure proper functioning of data
processing activities and security measures.
• Safeguards system security and improves overall server and network efficiency by
training users and promoting security awareness.
• Determines when to update virus protection systems by monitoring current reports of
computer viruses; facilitates or performs needed updates.
• Analyze IT requirements and provide objective advice on the use of IT security
• Demonstrated problem-solving and analytical skills.
• Proficient, or able to gain proficiency with, a broad array of security software applications and tools.
• Thorough understanding of computer-related security systems including firewalls, encryption, and IDPS concepts.
• Experienced with penetration testing and techniques.
• Ability to identify and mitigate network vulnerabilities.
• Advanced knowledge of operating system internals and security mechanisms.
• Experience analyzing attacker techniques that leverage email and cloud-service tactics.
• Excellent verbal and written communication skills.
• Organized with attention to detail.
Education & Experience
• Bachelor’s degree in Computer Science, Programming, or a related field required
• At least three years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing.
Sampling of Total Rewards Program:
• Compensation type:
• Compensation: Compensation can be negotiated based on previous experience & qualifications.
• Bonus eligibility:
• Employee hiring referral bonus
• Paid Time-off:
• 10 Corporate Holidays
• 15 Vacation days (accrued)
• 2 Volunteer days
• Medical, dental & vision – to view our full package!
• 401k with company match
• Employee assistance program
• Pet Insurance
• Merchandise discounts
• Complimentary employee watch
• HR Phone Screening- 30 minutes via Microsoft Teams (camera off)
• Technical Interview with Hiring Manger – 1 hour via Microsoft Teams (camera on)
• Take home assignment- 30minutes
-2 hours of work
• note: select positions may not require a case study assignment
• Final Interview with Panel- 1 hour via Microsoft Teams (camera on)
• The general hiring process can be found above, however Shinola reserves the right to change the process as needed.
At Shinola, we’re committed to growing and empowering an inclusive community within our company and industry. This is why we hire and cultivate diverse teams of the best and brightest from all backgrounds, experiences, and perspectives across our organization. Research shows that oftentimes women and other minority groups only apply to open roles if they meet 100% of the listed criteria.
Shinola encourages everyone to apply for our available positions, even if they don’t necessarily check every box on the job description.
This job description is not designed to…
For Remote Senior Security Engineer/Information Analyst roles, visit Remote Senior Security Engineer/Information Analyst Roles
Cloud Security Analyst II at Rover.com
Who we are:
Want to make an impact? Join our pack and come work (and play!) with us.
We believe everyone deserves the unconditional love of a pet—and at Rover, our mission is to make it easier to experience that love. Founded in 2011, the Rover app and website connect dog and cat parents with loving pet sitters and dog walkers in neighborhoods across the US, Canada, and Europe. We empower our community of trusted pet sitters and dog walkers to run their own pet care businesses on Rover with the tools and security of a global company to back them.
Headquartered in Seattle, Washington, we work closely with our teams in Barcelona, London, San Antonio, Spokane and remote locations. We’ve got a reputation for being a great place to work, having been named among the 100 Best Companies to Work For in Seattle Business Magazine and Washington’s Best Workplaces in the Puget Sound Business Journal. We’re an agile, fast-growing company, and our leadership comes from some of the world’s most respected tech companies.
At Rover, our furry coworkers are just as important as our human ones—and we wouldn’t have it any other way. Along with making the joys of pet parenthood more accessible, we’re committed to fostering a diverse, inclusive, and welcoming community of pet people—and that starts with our employees.
Who we’re looking for:
An innovative Information Security Analyst to augment our Information Security team. Your primary responsibilities will include continuously assessing our systems and applications for security fitness, suggesting improvements to better protect the company assets as well as the financial and personal information of our customers, and effecting impacts on our cybersecurity plans, procedures as well as processes. You will have a chance to work with quality and dedicated technical and non-technical professionals that make Rover.com the world’s leading platform for pet caring services.
In addition, you will be growth oriented in the cybersecurity domain and make measurable efforts to stay ahead of the curve in terms of emerging security threats, standards, and technologies.
• Assess systems and applications to identify, prioritize and potentially quantify the impact of areas of security concerns in both corporate SaaS information systems and our AWS-hosted cloud applications
• Work cross functionally to prepare documentation and evidence for various audits and legislation, (SOX, PCI, GDPR, CCPA)
• Evaluate existing security plans, processes and procedures, and propose further enhancements
• Develop analyses and reports on historical and potential security breaches and the extent of the damage caused by these breaches
• Research the latest in security trends to keep up to date with the subject and use the latest technology to protect our information
• Make recommendations to managers and senior leaders about security advancements to best protect the company’s systems
• Promote security and security methodologies among Roverines to elevate community security awareness
• BS in computer science, information systems, information security, or related field; or equivalent work experiences
• 3+ years of experience with information security in cloud computing and web applications
• Demonstrated ability working with AWS or other cloud platform technologies
• Good communication skills with proven successes in collaboration and teamwork.
• Demonstrated understanding of and experience with security-related technologies, systems and tools
Your Bonus Skills:
• Experience in threat modeling and vulnerability assessments and scoring systems
• Practical experiences in IAM role and policy development, and their efficacy evaluations
• Security certifications (CompTIA Security+, CEH, CISA, CGEIT, CRISC, etc.)
Benefits of Working at Rover.com
• Competitive compensation.
• 401k Match.
• Company Equity.
• Flexible PTO.
• Competitive benefits package, including medical, dental, and vision insurance.
• Commuter benefits.
• Bring your dog to work (and unlimited puppy time).
• Pet benefits, including $1000 toward adopting your first dog or cat.
• Stocked fridges, coffee, soda, and lots of treats (for humans and dogs) and free catered lunches semi-monthly.
• Regular team activities, including happy hours, snow tubing, game nights, and more (currently performed virtually due to Covid19).
Due to COVID-19, Rover Employees are not required to be in office until mid 2022 at the earliest with a flexible work from home policy.
Rover is an equal opportunity employer committed to promoting a diverse, inclusive and inventive environment with the best employees. We’re driven by seeing our people succeed and grow, and we work to ensure everyone contributes to their fullest potential. We consider all qualified applicants without regard to age, race, color, ancestry, national origin, religion, disability, protected veteran status, sex, gender identity or expression, sexual orientation, or any other protected status in accordance with applicable laws, regulations and ordinances.
We are committed to work with you to look for reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
For Remote Cloud Security Analyst II roles, visit Remote Cloud Security Analyst II Roles
Senior Security Engineer at Finicity
We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
Senior Security Engineer–
The Global Open Banking Security Operations team works with the business to drive a strong control environment by providing a framework for business and process owners to identify, capture, measure, monitor, report and manage operational risks as identified by financial partners and customers. We partner with business and process owners to increase their awareness and understanding of business risks, driving process improvement rather than mere risk avoidance. We do this by effecting 3rd party validated SOC2, type 2, PCI DSS and 3rd party risk assessments fielded by Financial partners.
Mastercard is seeking a Senior Security Operations in the Utah office; reporting to the SVP of Security/Open Banking. This role will operationalize and enable the mitigation of risks well in advance of any 3rd party audit, field incoming requests for SOC2, PCI and FI audits as well as manage a small team of Security Operations Analysts in effecting day-to-day operations.
This role will require the lead to operate at a strategic and tactical level. Ideal candidate will have strong operational risk management experience and proven success in building, implementing, and monitoring operational security issues management frameworks across a global and evolving environment.
Operationalize enterprise issue management framework across the organization to enable continuous improvement
Develop and execute communication, training and workshop strategies to operationalize the issue management framework
Facilitate triage workshops or working session to address critical – high rated issues, at the enterprise level with an emphasis on Vulnerability Management.
Implement and execute ongoing operational issue identification, root cause analysis and assessment procedures, as assigned
Partner with key 2nd line Corporate Functions (i.e. ERM, Risk Liaisons, Internal Audit, , Compliance, SOX, etc.) to ensure appropriate issues are identified, mitigated, communicated, and reported
Advise stakeholders (across three lines of defense) on best approach(s) to remediate issues
Support customer audits and regulatory examinations, where needed
Monitor the implementation of action plans designed to reduce operational risks
Develop, implement, maintain, and prepare accurate issue reporting for management awareness and escalation
Aggregate issues and assess themes to identify company-wide operational trends and facilitate appropriate escalation
All About You:
Strong leader and strategic thinker
Experience in Security/Risk management frameworks gained through operations, business advisory and or audit roles preferred
Ability to develop and implement strategy to meet corporate objectives and provide insights to executive management
Experience risk manager with extensive program management experience
Broad exposure to business risks across Security, IT, finance and other business environments is essential
Consultive mindset and reputation for being a strong business partner
Ability to effectively interact and influence people at all levels
Global work experience and capacity to manage tasks across multiple regions, cultures, and time zones
Excellent oral, written and presentation skills
Change management practitionerCOVID-19 Considerations
In many locations, we’ve implemented a virtual hiring process and continue to interview candidates by video or phone. In addition, in our NYC offices, as required by law, only individuals who have been fully vaccinated against COVID-19 will be permitted inside Mastercard offices unless a reasonable accommodation has been approved in advance.
In the US, Mastercard is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
• Abide by Mastercard’s security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
For Remote Senior Security Engineer roles, visit Remote Senior Security Engineer Roles
Intern – Information Security (SPRING) at Acxiom
An IT Security Analyst develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. This associate researches attempted or successful efforts to compromise systems security and designs countermeasures. In addition, you will maintain hardware and software utilized for data creation, collection and analysis. Your work may be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. INTERNSHIP DETAILS: This internship opportunity will begin January 9, 2023 Our intention is to have interns work on-site in Conway, Arkansas if possible. However, your internship could be a hybrid method or fully remote. 20-25/week during the semester, and 40 hours/week work dedication during summer and breaks Anticipated graduation date between August 2023- December 2024 Applicants for this internship position with Acxiom in the U.S. must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States and with Acxiom (i.e., H1-B visa, F-1 visa (CPT/OPT), TN visa or any other non-immigrant status) WHAT YOU WILL DO: Review activities (concerning new security hardware and software infrastructure components or enhancements to existing solutions): research, analysis, selection, planning, and engineering. Learn and gain exposure to methodologies to implement new and emerging security hardware and software infrastructure, perform product customization for multiple configurations, developed implementation and verification procedures to ensure successful enterprise-wide security systems hardware/software Learn infrastructure analysis, and evaluation on resource requirements necessary to maintain and/or expand service levels or tune for optimum performance Learn how critical incidents involving multiple enterprise services and components are resolved Review and provide feedback on changes for purposes of incident avoidance Learn how to analyze problems and solution alternatives. Recommend the best alternatives and implement upon approval. WHAT YOU WILL NEED: Currently pursuing a degree in Information Technology, Computer Science, Cybersecurity or Management Information Systems Good analytical and problem-solving skills with attention to detail Timely, effective communication using multiple channels; excellent written and verbal communication skills WHAT YOU WILL SET YOU APART. Basic system development concepts, algorithms, and malware analysis Knowledge of network device functions, such as routers, switches, etc Basic knowledge of possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc and possible abnormal activities, such as worms, Trojans, viruses, etc. Foundational knowledge of security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration. WHO ARE WE SEEKING? Top Talent & High Performers: We hire the brightest in the industry Innovative Collaborators: We drive operational improvements to promote efficiency and improve performance. Future Leaders: We develop our people and promote from within. Game Changers: We empower people to challenge the status quo and explore new possibilities. Emotional Intelligence: We cultivate greatness both within ourselves and with others. Hardworking Employees: We look for initiative to conquer complex challenges. We believe in building an awesome workplace where associates feel highly motivated and want to engage every single day. It’s important to Acxiom that we invest in our culture and promote a healthy work-life balance. Acxiom has a fast paced, high-performance culture where we empower our people to do innovative, cutting-edge work. You will always be guided to do what is right. Acxiom is an affirmative action and equal opportunity employer (AA/EOE/W/M/Vet/Disabled) and does not discriminate in recruiting, hiring, training, promotion or other employment of associates or the awarding of subcontracts because of a person’s race, color, sex, age, religion, national origin, protected veteran, disability, sexual orientation, gender identity, genetics or other protected status.
For Remote Intern – Information Security (SPRING) roles, visit Remote Intern – Information Security (SPRING) Roles
Information Security Consultant Intern at Experian
Company Description Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for . In addition, for the last five years we’ve been named in the 100 “World’s Most Innovative Companies” by Forbes Magazine . Job Description Experian’s Summer Internship Program is a unique opportunity for students across the country to gain hands-on work experience in our innovative global company. Our interns work alongside Experian employees to tackle meaningful projects and gain valuable skills in their chosen field. During our summer internship program, interns will have access to the latest technologies and challenging work. As a summer intern, you’ll learn about our exciting financial inclusion products and programs, experience philanthropic events that make us a force for good, and network across our global business units. Get ready to discover the unexpected as a part of our uniquelyexperian summer internship program. The Information Security Consultant Intern will Serve as a adjunct to business units as they engage the Global Security Office for guidance with respect to new projects, risks and requests. Responsibilities include: Support ongoing/new project security assessments Respond to ad-hoc queries outside of project engagements (e.g., provide guidance based on policy); engage other internal teams (IT/InfoSec) as needed Review tickets related to specific BU requests that require information security risk management input Support the issue management review and approvals process Qualifications Currently enrolled in a minimum of a Bachelor’s degree program in Computer Science, Cyber Security, Information Security or related degree; Be returning to school in the Fall of 2023 to complete degree program; Ability, drive and motivation to research and provide the right guidance and find possible solutions; Ability to push back where the risk outweighs the benefits; Curiosity to ask questions and challenge status quo; Excellent verbal and written communication skills; Problem Solving & Analysis; Process driven, and has eye for detail, automation and efficiency to improve programs/processes; Good collaboration, relationship and interpersonal skills. Additional Information All your information will be kept confidential according to EEO guidelines. Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and and it reflects what we believe. See our DEI work in action If you live in Colorado, Connecticut or New York City, please contact us here for the salary range of this position (include this Job Title in your email). In addition to a competitive base salary and variable pay opportunity, Experian offers a comprehensive benefits package including health, life and disability insurance, generous paid time off including parental and family care leave, an employee stock purchase plan and a 401(k) plan with a company match. Experian Careers – Creating a better tomorrow together
For Remote Information Security Consultant Intern roles, visit Remote Information Security Consultant Intern Roles
Senior Product Security Analyst/Laboratory Focal at Boeing
Senior Product Security Analyst / Laboratory Focal Company:
The Boeing Company Job Posted:2022-09-19-07:00
USA – Seattle, WA
Boeing Commercial Airlines is seeking a Senior Product Security Analyst / Laboratory Focal to join our established team in Seattle, WA. The ideal candidates will have knowledge of cyber security concepts and techniques including network architecture, embedded systems security, cyber physical systems astructure.
The successful candidate will have considerable laboratory experience and be able to demonstrate some technical skills and capabilities in the support of testing Ethernet enabled systems onboard aircraft and associated ground systems.
Liaison between centralized Cyber Security Team and BT&E Lab management/leads and ITResponsible for cyber security of local network.
Responsible to identify budget for lab maintenance and improvements and support budget approvals coordination.
Researches, designs, develops operates and maintains support services for existing and new lab infrastructure and tools/applications. Applications include both 3rd party software and internally developed applications and Participates in architecture reviews to ensure that solutions comply with standards and uses approved technologies. Applies developed subject matter knowledge to solve common and complex business issues within established guidelines and recommends appropriate alternatives.
Works on problems/projects of diverse complexity and scope.
Exercises independent judgment within generally defined policies and practices to identify and select a solution.
Ability to handle most unique situations. May seek advice in order to make decisions on complex technical issues.
Strong configuration management understanding (software, hardware, backup solutions, etc.)Proven experience in of routers, switches, and firewalls.
Experience as a Linux, Windows, Network and VMware administrator
Knowledge of airplane avionics systems.
Assist engineers to conduct vulnerability assessments and penetration testing.
Assist in conducting automated scanning and manual testing.
Familiarity with common ports, protocols, and services such as SSL, SSH, TCP/IP, UDP, DNS, NFS, LDAP, HTTP.
Knowledge of public key infrastructure, certificates, and public/ private key pairs, hashes, and checksums.
Ability to analyze and correlate events in Linux audit logs, security logs, syslogs, and application logs.
This position must meet Export Control compliance requirements, therefore a “US Person” as defined by 22 C.F.R. § 120.15 is required. “US Person” includes US Citizen, lawful permanent.
Employer will not sponsor applicants for employment visa status.
Qualifications (Required Skills/Experience):
Technical Bachelor’s, Master’s or a PhD degree (A technical degree is defined as any four-year degree, or greater, in a mathematics, scientific or information technology field of study)9+ years of work-related experience in a laboratory environment including experience in the configuration and component management of virtual environment.
2+ years of experience working in Linux environments
Qualifications (Desired Skills/Experience): Experience and/or coursework in cybersecurity, security network architecture, embedded systems security, security testing and evaluation, network design, cyber physical systems astructure.
Possess any of these certifications: CISSP, Security+, CEH, CCNA, UNIX/LINUX System Administration, GIAC GPEN or GWAPTEducation/
Education /experience typically acquired through advanced education (e.g. Bachelor) and typically 10 s’ related work experience or an equivalent combination of education and experience (e.g. Master+8 years’ related work experience, 14 years’ related work experience, etc.)Relocation:
This position offers relocation based on candidate eligibility.
Employee Referral Program:
This job is eligible for the Employee Referral Program Drug Free Workplace:
Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria are met as outlined in our policies.
Shift: This position is for 1st shift
At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities. The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.
The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective…
For Remote Senior Product Security Analyst/Laboratory Focal roles, visit Remote Senior Product Security Analyst/Laboratory Focal Roles
Associate Cybersecurity Analyst at CareRev
is bringing the future of work to Healthcare! CareRevs mission is to build a sustainable future for healthcare professionals. CareRev is a modern marketplace platform offering professionals the freedom to choose how and when they work, tools and training to develop their careers, and personalized growth opportunities.
We are growing our Security Team at CareRev! As a key member of the security team, you will collaborate across the organization, streamlining the risk management processes while building awareness and understanding of risk mitigation within the organization. You will build trust with cross-divisional stakeholders as part of the procurement and vendor security assessment process, and also work within the security team to streamline procedures.
You will also work with the broader engineering team to lead, create, and document scalable processes for risk assessment as well as decision making. Additionally, supporting CareRevs own internal and external security documentation will be a focus. You will be an instrumental contributor and leader in building a scalable security program for our growing organization, continuing to consider the people, processes, and procedures for security and systems. Depending on the skills and interest of the successful candidate, this role has the opportunity to learn and develop additional cybersecurity skills sets as we continue building our security team and strategy.
What youll do:
• Lead/create and maintain security process documentation (e.g. documenting organizational standards for risk decision making)
• Review and maintain security policy documents in preparation for annual audits
• Assess the security posture of 3rd parties as a part of the onboarding process for new tools and services (organization-wide) with a view on technology and security risk
• Management of internal vulnerability assessment work and remediation
• Communicate efficiently about risk review results to concerning businesses and key partners as per plan
• Continuously iterate on improvement opportunities to optimize GRC processes across the organization and relevant stakeholders to maximize efficiency and scalability
• Execute ad-hoc projects as needed (were working as a team for each one of us to grow and develop our skills in areas of interest and company need)
• Operate DAST/SAST applications
• Operate/analyze monitoring tools/alerts
• Maintain security tools such as (firewalls, security scanners, etc.)
Required skills and experience:
• Exceptional communication skills (written and verbal) – can you communicate a technical topic to a non-technical audience? Can you write efficient technical process/procedure documents?
• Experience maintaining/creating security policies and documents
• Critical problem solver, detailed oriented, and highly motivated self-starter with a passion for constant learning & improvement
• Experience in 3rd party management, audit, oversight, internal controls, operational risk management and mitigation
• Independent judgment with strong analytical and risk assessment skills
• Proven track record of building effective working relationships with internal and external business partners and senior leaders
• A bias for action and ability to work efficiently with minimal oversight/direction and collaborate effectively in cross functional projects
• Curiosity – do you enjoy learning new skills and tools?
Preferred skills and experience (nice-to-haves, not need-to-haves) :
• Security or IT experience within the healthcare industry
• Cloud platform and/or container proficiency(e.g. AWS, Heroku, Kubernetes)
• Policy writing experience
• Comfort with ticketing/issue tracking/project management systems (e.g. JIRA, Trello, Shortcut)
• Familiarity with DAST/SAST tool implementation
• Experience managing security vulnerabilities through remediation
• Experience implementing security in CI/CD pipeline
• Project management skills and the ability to work both independently and within a team
• Demonstrated success in introducing process improvements and automation for security / operational risk management teams
• Interest in other aspects/bodies of cybersecurity work (e.g. vulnerability management, cloud security, monitoring, employee education)
• Software development/programming background
Reasons to Consider Us:
• 100 remote company
• Comprehensive medical, dental, and vision benefits
• Short term disability 100 covered by CareRev
• Life insurance covered by CareRev
• Paid parental leave
• Generous paid holidays & unlimited PTO
• 401K and company match
• Office equipment stipend
• Learning reimbursement program
• Prolonged periods of sitting and/or standing at a desk
• Prolonged periods of working on a computer
• Repeating motions that may include the wrists, hands and/or fingers
• Ability to lift up to 15 pounds of work equipment
• Ability to set up home office to include desk and chair
is committed to the full inclusion of all qualified individuals. In keeping with our commitment, we will take the steps to assure that people with disabilities are provided reasonable accommodations. Accordingly, if reasonable accommodation is required to fully participate in the job application or interview process, to perform the essential functions of the position, and/or to receive all other benefits and privileges of employment, please discuss with your Recruiter.
We are an equal opportunity employer and will not discriminate against any employee or applicant for employment in an unlawful manner. We celebrate diversity and are committed to creating an inclusive environment for all individuals. CareRev treats all employees and job applicants based on merit, qualifications, and competence without regard to any qualified individuals sex, race, color, religion, national origin, ancestry, gender (including pregnancy, breastfeeding, or related medical condition), sexual orientation, gender identity, gender expression, age, physical or mental disability, medical condition, genetic characteristic or information, marital status, military, and veteran status, or any other characteristic protected by state or federal law. CareRev also considers qualified applicants with criminal histories consistent with applicable local, state, and federal law.
If you are an applicant in California, Colorado, Washington State or New York City and have compensation questions, please contact us directly at firstname.lastname@example.org.
Include in the email request: your Full Name, Job Name, and the City and State in which you reside. Please allow 48 business hours for a response. All other applicants: PLEASE NOTE, this email is not for candidates to apply to jobs directly. Resumes sent via this email address are not in our Applicant Tracking System, and therefore can not be included in our recruiting process. Please Apply following the steps below.
For Remote Associate Cybersecurity Analyst roles, visit Remote Associate Cybersecurity Analyst Roles
Senior Security Engineer at TaskRabbit
Taskrabbit will never use text or chat applications to conduct interviews. We have a thoughtful and interactive interview process that includes an initial recruiter phone screen and several video-based interviews with our hiring teams.
Communications will always be conducted by domain names.
• Taskrabbit is a remote-first company with employees distributed across the USA
• Builtin’s “Best Places To Work”, 5 lists including: Austin Best Midsize Companies to Work For & SF Best Places to Work
• DataBird journal’s “Best Places” Best Companies for Diversity, #1 2019 and 2020
• DataBird journal’s ” Best Places” Best Companies for Women, #4 2019 and #1 2020
About the Job
We’re problem-solvers and self-starters, working at a fast pace to design solutions with our customers and users in mind. Here, you’ll work across teams to dig deep into impactful projects that are changing the way people get their tasks done and enjoy opportunities to advance your career in a diverse, inclusive environment.
Taskrabbit is looking for an experienced Senior Security Engineer to help lead the next phase of Taskrabbit’s growth. As a Senior Security Engineer you will implement security tooling, triage and resolve security incidents, develop and implement security processes and policies. As a security engineer, you will help ensure that that sensitive data is kept confidential. You will make sure we have the right software and hardware in place, document and report security threats, as well as to take measures to prevent these threats from being carried out.
Join us in transforming lives, one task at a time.
You will be:
• Developing, executing and tracking the performance of security measures to protect information and network infrastructure and computer systems.
• Design computer security strategy and engineer comprehensive cybersecurity architecture.
• Identify, define and document system security requirements and recommend solutions to management.
• Configure, troubleshoot and maintain security infrastructure software and hardware.
• Install software that monitors systems and networks for security breaches and intrusions.
• Monitor systems for irregular behavior and set up preventive measures.
• Plan, develop, implement and update the company’s information security strategy.
• Educate and train staff on information system security best practices.
• Handle security incidents and resolve them efficiently
• Develop and maintain, track and measure vendor reviews
• Assist in yearly pen tests, audits and work with service team to address these matters
You should have:
• At least 5+ years of experience in Security Space.
• Experience with build automation and configuration Security tools (e.g. Bridgecrew, Crowdstrike, Bugcrowd,)
• Software development background is a plus
• Strong knowledge of the Amazon Web Services (AWS) ecosystem and other core AWS technologies, GuardDuty, Control Tower, ElasticSearch Service, RDS, WAF, CloudFront, etc.
• You have worked with common infrastructure tools like Terraform
• Experience supporting 24×7, high availability internet application environments that include web, application, and database servers and load balancing systems.
• AWS Certification a plus
• Excellent written and communication skills
Taskrabbit is a marketplace platform that conveniently connects people with Taskers to handle everyday home to-do’s, such as furniture assembly, handyman work, moving help, and much more. Acquired by IKEA Group – the world’s largest furniture retailer – in 2017
At Taskrabbit, we want to make your neighborhood a little more familiar. Whether it’s a handyman (or woman), a housecleaner, moving help or delivery person, we’re imagining a world where everyone will have a go-to team to make everyday life easier. As a company we celebrate innovation, inclusion and hard work.
As a pioneer of the sharing economy, Taskrabbit was founded on the premise of neighbors helping neighbors. Since then, our network has grown to eight countries and 75+ cities, yet our core mission of creating a better everyday life for everyday people has remained the same.
Together with IKEA, we’re creating more opportunities for people to earn a consistent, meaningful income on their own terms by building lasting relationships with clients in communities around the world.
We are a group of mission-minded people. Our culture is collaborative, pragmatic, and fast-paced. We’re looking for talented, entrepreneurially-minded and data-driven people who also have a passion for helping people do what they love – and have a ton of fun while they’re at it.
You’ll love working here because:
• Taskrabbit is a remote first company. We recognize that talented people live all over the world.
• Collaboration hub offices in San Francisco, Austin and London
• The People. You will be surrounded by some of the most talented, supportive, smart, and kind leaders and teams — people you can be proud to work with
• Senior Leadership Team 75% women
• Director Level 86% Diverse
• The Values.
• Care Deeply. We take time to be present and partner with our team and communities.
• Level Up. We navigate through ambiguity and go the extra mile.
• Be A Better Neighbor. We build a diverse and sustainable community and encourage all voices.
• Lead The Future Together. We value entrepreneurship and are inspire by action.
• The diverse culture. We believe that we make better decisions when our workforce reflects the diversity of the communities in which we operate. Women make up more than half of our team and leadership, and we strive to recruit and retain employees from all over the world.
• The perks: Taskrabbit offers comprehensive medical, dental, vision 100% covered for employees, 401k plan with company matching, generous and flexible vacation and holiday time off, commuter benefits, learning and development opportunities, career development trainings, monthly Taskrabbit product stipends, IKEA discounts, weekly meditations, and a dog-friendly office
Equal Opportunity Employer
Taskrabbit is an equal opportunity employer and values diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, ancestry, citizenship, gender, gender identity, sexual orientation, age, marital status, military/veteran status, or disability status. Taskrabbit is committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities.
Taskrabbit will consider for employment all qualified applicants with criminal histories in a manner consistent with applicable law.
For Remote Senior Security Engineer roles, visit Remote Senior Security Engineer Roles