Due to these struggling times, we are offering 50% off to employers with the code: STAY50

Save Time On Your Cyber Security Job Hunt

100% Focused on Cybersecurity & IT Security Jobs

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Threat Intelligence Jobs

Teradata

Information Security Analyst

San Diego, CA
SOC / Threat Intel
FULL-TIME
Nov 6
Premier

Considering COVID-19, we are still hiring but conducting virtual interviews to keep our candidates and employees safe. Many roles will be temporarily remote or work from home to comply with current safety regulations. These roles will be required to be in the office once it is safe or restrictions are lifted. Read more on our response here: Teradata Response to COVID-19 

With all the investments made in analytics, it’s time to stop buying into partial solutions that overpromise and underdeliver. It’s time to invest in answers. Only Teradata leverages all of the data, all of the time, so that customers can analyze anything, deploy anywhere, and deliver analytics that matter most to them. And we do it at scale, on-premises, in the Cloud, or anywhere in between.

We call this Pervasive Data Intelligence. It’s the answer to the complexity, cost, and inadequacy of today’s analytics. And it's the way Teradata transforms how businesses work and people live through the power of data throughout the world. Join us and help create the era of Pervasive Data Intelligence.

The Information Security Analyst will be tasked not only with identifying and responding to potential threats, but also proactively hunting and eliminating them. The ideal candidate will have highly technical skills and should possess an understanding across a broad range of security technologies and will take a proactive approach to network intrusions. You should have several years of experience working within a SOC environment and should have hands-on experience in creating and executing cyber hunting missions. The candidate must be a world-class problem-solver with the ability to handle challenges under pressure. This is a global role with responsibility for Teradata security technologies for all business units.

The ideal candidate will have experience and a proven track record of finding and responding to threats found from various tools DLP, SIEM. Security Analytics, Behavior Analysis etc. As a key member of the security team, flexibility and a broad knowledge of security processes, along with strong communication and collaboration skills, will result in a successful candidate.

Key Areas of Responsibility

Direct hands-on expertise in the following areas of information security

  • Threat intelligence/threat hunting
  • SIEM
  • Fireeye, Sourcefire, Snort, Suricata, Kibana
  • Security Analytics
  • Network Security, network access control, network monitoring tools
  • Vulnerability identification, anti-virus, malware detection/analysis
  • Programming Tools Java, Ruby, C/C++, PHP, Perl, Python
  • DLP, encryption, email security, HIDS/NIDS
  • Develop, maintain and report on security operation metrics
  • Participate in the review and analysis of internal projects and external requirements that may have an impact on security
  • Be aware of the IT security requirements for the business and implement measures to satisfy those requirements in the most efficient manner
  • Keep abreast of emerging security technologies and make appropriate recommendations regarding their implementation

Qualifications

  • BS degree in related field preferred. Equivalent experience/certification acceptable.
  • 3+ years of demonstrated experience in information security roles
  • 2+ years managing security technologies
  • Industry certifications such as CISSP, CCSP, CEH, PMP, GCIH, GSEC
  • Extensive Experience in
    • IT security industry trends and direction
    • Network and internet security
    • Emerging technologies
    • IT standards, procedures, policy
    • Information security management
    • Information security technologies

 

  • Excellent analytical, troubleshooting & interpersonal skills
  • Strong verbal and written communication skills
  • Self-motivated and able to work independently
  • Effective communication skills to translate technical risks and exposures to a business perspective - formal reports and/or presentations
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Palo Alto Networks

Intern – Information Security

Santa Clara, CA
SOC / Threat Intel
FULL-TIME
Nov 5
Premier

Our Mission

At Palo Alto Networks® everything starts and ends with our mission: 

Being the cybersecurity partner of choice, protecting our digital way of life. 

We have the vision of a world where each day is safer and more secure than the one before. These aren’t easy goals to accomplish – but we’re not here for easy. We’re here for better. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are. 

Your Career

You will join an Information Security (InfoSec) team that will give you the opportunity to make a global impact. One that protects our way of life in the digital age by preventing successful cyberattacks. A team looking for engineers who are passionate about technology, have an interest in cyber security, and also want to make a positive difference in the world that we live in. The projects our interns are assigned will give real hands-on experience working on securing Palo Alto Networks. The Information Security team’s mission is to protect the company's brand integrity, confidentiality, infrastructure, and assets from internal and external threats. They enable business outcomes everywhere while securing the user, product, infrastructure and data, built on a foundation of threat detection and response.

Our top Technical Internship roles we hire for are :

  • Security Architect

  • DevOps Engineer 

  • Security Operations Center (SOC) Engineer

  • Red Team Engineer

  • Risk & Compliance Analyst

  • Vulnerability Engineer 

Your Impact

  • Collaborate and execute alongside experienced engineers and security professionals.

  • Help us disrupt the cybersecurity industry using the latest and greatest technologies.

  • Write code that meaningfully improves our products and services

  • Learn about the cybersecurity industry from the world's leading security experts.

Your Experience

  • Completing a BS/MS/PhD degree in Computer Science, Computer Engineering or other related STEM field

  • Strong programming skills

  • An understanding of the fundamentals of Computer Science & Computer Security

  • Exemplify strong initiative and ability to work independently with limited direction

  • Ability to work cross functionally with other engineers, researchers and Product Managers

  • Excellent communications skills

The Team

Our Information Security team is at the core of our products and connected directly to the mission of preventing cyberattacks. We are constantly innovating — challenging the way we, and the industry, think about cybersecurity. Our engineers don’t shy away from building products to solve the problems no one has pursued before. 

We define the industry instead of waiting for directions. We need individuals who feel comfortable in ambiguity, excited by the prospect of a challenge, and empowered by the unknown risks facing our everyday lives that are only enabled by a secure digital environment. 

Intern Program

Our global internship program trains the next-generation of cybersecurity talent across a range of specializations, from threat intelligence to information security, engineering, sales, and marketing. The program also features a combination of challenging projects with tangible impact, engaging social events, and networking opportunities. Interns and recent graduates can learn about the network security industry from leading thinkers, grow their professional networks, and be part of a career-defining experience.

The summer internship program features a combination of challenging projects with real impact, engaging social events, and networking opportunities:

  • 12-week program

  • Peers of elite students

  • One-on-one mentoring by industry leaders

  • Exposure to and support from Palo Alto Networks executives

  • Events that pique your intellectual curiosity and inspire new ideas

  • Opportunities to expand your knowledge and work in a fast-paced environment

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
St. Joseph’s Health

Information Security Analyst

Paterson, NJ
SOC / Threat Intel
FULL-TIME
Nov 1
Premier

Overview

St. Joseph’s Health is recognized for the expertise and compassion of its highly skilled and responsive staff. The combined efforts of the organization’s outstanding physicians, superb nurses, and dedicated clinical and professional staff have made us one of the most highly respected healthcare organizations in the state, the largest employer in Passaic County, and one of the nation’s “100 Best Places to Work in Health Care”.

Job Overview
Responsible for assessing security threats and risks involving the security and integrity of data within the St. Joseph Healthcare System. Responsible for the monitoring and analyzing of logs and alerts from a variety of technologies including networks, servers, workstations, firewalls, Intrusion detection and prevention systems (IDS/IPS) virtual private networks (VPNs), encryption, data loss prevention (DLP), and antivirus systems. Responsible for the creation of comprehensive security write-ups which articulate security issues, analysis and remediation techniques, troubleshooting and resolution of security issues.

Qualifications

Work requires the knowledge of theories, principles, and concepts acquired through completion of a Bachelor's degree in Computer Information Systems, Computer Science, MIS, Engineering or closely related field. A minimum of five years experience with desktop, server and/or network administration in a mixed computing environment required.  Two years  of direct information security experience preferred.  CompTIA Network+ Certification, CompTIA Security+ Certification and Microsoft MCP Certification preferred.  Understanding of Information Security concepts and business acumen. Strong working knowledge of Windows Server, Desktop, Active Directory and Exchange.  Experience using  security vulnerability assessment tools and techniques.  Experience of using Malware Remediation Tools.  Solid understanding of operating systems and platforms (Windows, iOS, Unix, Linux).  Experience with Directory Services and LDAP.  Knowledge of network infrastructures including firewalls, VPN's, Intrusion Detection Systems, vulnerability assessment strategies, web application and device security.  Knowledge of the security requirements for HIPAA, HITECH, ISO 27001/27002 and SOX regulations.  Requires analytical skills with the ability to exercise sound judgment, attention to detail and problem resolution.  Must possess strong customer service, communication, organizational & interpersonal skills.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
RiskIQ

Cyber Threat Intelligence Analyst

Remote
SOC / Threat Intel
FULL-TIME
Nov 1
Premier

RiskIQ is the leader in attack surface management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk and take action to protect the business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners and MassMutual Ventures.

We are looking for a Senior Cyber Intelligence Analyst to join our i3 team. This position can be based at our office in Lenexa, KS or remotely. 

The Role
The Incident Investigations and Intelligence (i3) Program within RiskIQ is built to oversee managed services of the External Threats Product workspaces for clients and the Executive Guardian product workspaces for clients. Executive Guardian is designed to protect C-Suite and high net worth individuals from physical threats, exposures of Personally Identifiable Information (PII), and instances of social media account impersonation thereby safeguarding the individual, their reputation, family, and by extension, the company. External Threats protects clients from phishing attacks, domain infringement, mobile app impersonation, social & brand impersonation, and data leakage. The i3 Cyber Intelligence Analyst (SCIA) The i3 Cyber Threat Intelligence Analyst is a mid-level analytic role that will capitalize on an existing technical skillset to build and maintain complex technical logic to identify online threats to customers, manage client threat events, and take the appropriate action to suppress harmful content on the internet in order to protect our customers, their people, and their assets. i3 Cyber Threat Intelligence Analysts will also perform threat attribution research for the purposes of providing customers with finished and actionable intelligence products relevant to the safety and security of their assets and operations. The i3 Cyber Threat Intelligence Analyst is technically proficient, proactive, and is business-minded using both available open source and proprietary data sets to confidently support attribution of virtual threat actors with their actions.

Responsibilities

  • Configuration of technical details in the RiskIQ platform to identify sensitive data on the web for customers, including proprietary data and Personally Identifiable Information (PII)
  • Manage client workspaces to identify and mitigate threats such as phishing, domain infringement, brand infringement, social media impersonations, and mobile app fraudulent activity
  • Effectively conduct cyber investigations around events surfaced in the RiskIQ platform looking for relevant threat actor infrastructure, IOCs, and TTPS
  • Work with i3 colleagues and leadership to design solutions to improve collection within the External Threats and Executive Guardian platforms to improve the client experience
  • Respond to requests for customer support and escalate to Engineering as appropriate
  • Review and appropriately escalate detections based on the urgency of the discovered data/threat
  • Stand up Proofs-of-Concept (POC) workspaces and orchestrate effective and value-driven POCs for customers and prospective customers in support of sales opportunities
  • Monitor the RiskIQ platform and alert/support senior staff to conduct security/threat investigations into threat actors and their activities world-wide, using industry tools and proprietary information
  • Assist in the production of threat analysis for dissemination to consumers on the safety and security of customers, assets and operations, including impact assessment​ ​and mitigation recommendations
  • Identify opportunities to predict and prevent future security issues and/or incidents
  • Collaborate with client security teams digitally, via phone, or at times, in person to constantly improve analytic standards, workflows, and success metrics and develop/improve analytic products as appropriate
  • Collaborate with RiskIQ Legal and Engineering teams to ensure appropriate mitigation of identified risks
  • Work with sensitive and confidential information and maintain highest standards of data protection to ensure client confidentiality
  • Support the production of finished threat analysis for dissemination to consumers on the safety and security of customers, assets and operations, including impact assessment and mitigation recommendations
  • Effectively engage consultatively with customers to design workflows, provide training, and update and brief teams on performance, metrics, and workspace events/intelligence
  • Collaborate with senior i3 team members to constantly improve analytic standards,
  • workflows, and success metrics and develop/improve analytic products as appropriate

Requirements

  • Bachelor's degree required
  • Experience researching and collecting intelligence from within social media, deep web forums, and the dark web
  • Technical proficiency with open source intelligence (OSINT) research tools; familiarity with Regex, JavaScript, SQL, and Python a strong plus
  • Familiarity with Threat Models such as ​MITRE ATT&CK® ​, Diamond Model and Cyber Kill Chain®; Incident Response Investigations experience highly desired
  • Technical skill familiarization in network communications (TCP/IP, OSI Model), malware analysis(communication/installation/behavior) and computer network defense operations
  • Previous experience with anti-phishing and online fraud identification and remediation
  • Strong written and verbal communication skills
  • Ability to effectively interface with and lead communication with customers; previous cybersecurity consulting experience a strong plus
  • Experience managing multiple projects, and the ability to flex quickly as required evolving corporate priorities
  • Ability to work independently and with minimal supervision
  • Basic understanding of investigative analysis, and communicating findings to consumers
  • Approximately 10-25% global travel required
  • Ability to obtain a US Top Secret security clearance
 
 

Why work at RiskIQ?

  • Fascinating work - Welcome to the dark underbelly of the Internet. RiskIQ’s ability to help organizations map and monitor their attack surface, detect internet-scale threats, and investigate adversaries led to skyrocketing adoption by security teams around the world. It is the golden age of internet crime, and we are at the forefront of defensive efforts to stem the tide. Internet security is a global growth industry, and the knowledge you acquire here will be a marketable skill for decades to come.
  • We’re a company on the forefront of a burgeoning industry - RiskIQ experienced explosive growth in 2018, including a 362.5 percent increase in net new product sales due to the steady adoption of attack surface management across the world. We also experienced a 365 percent increase in registration for RiskIQ community, our freemium entry-level product, showing the increasing role of security outside the firewall to the growth of businesses.
  • Top Leadership - Our CEO is a renowned cybersecurity veteran known for his expertise. Our leadership group is poised and experienced with a track record in technology and cybersecurity.
  • Unbounded opportunity - We’re growing! At RiskIQ, you’ll be provided with as much responsibility as you can handle—new career development opportunities constantly arise given our rate of growth.
  • Flexibility - You’ll have a large workload, but also the freedom to accomplish it on your own terms.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
See More Threat Intelligence Jobs
Governance Risk & Compliance Jobs
Optiv

Cyber Security Compliance Analyst

Denver, CO
Risk & Compliance
FULL-TIME
Nov 6
Premier

Company Description

At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest growing companies in a truly essential industry.

In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients, and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.

Job Description

Optiv is the leading security solutions integrator creating confidence for a more connected world. Optiv’s corporate security team is tasked with protecting company resources and client data in a dynamic industry with expanding threats. To meet the challenging needs of Optiv’s growing business, the corporate security team is expanding their information security governance and compliance program. The security compliance analyst will report directly to the Director of Governance and Compliance. This position is responsible for assisting with the collection and analysis of key performance metrics, conducting internal audits and assessments, assisting with third-party assessments and internal risk management reviews to help ensure the confidentiality, integrity, and availability of Optiv data and systems.  The security compliance analyst must possess strong analytical skills, research capabilities, and an attention to detail to ensure Optiv can efficiently and effectively handle its compliance requirements. This position is highly business-facing, with frequent collaboration and interaction with all Optiv business units.

PRIMARY DUTIES AND RESPONSIBILITIES

  • Participate in all phases of internal and external assessments and audits.
  • Respond to client third-party assessment requests to facilitate business transactions and maintain strategic business relationships.
  • Positively interact with multiple internal Optiv business units to develop standardized assessment responses for external clients.
  • Perform compliance assessments to determine if business systems are aligned with regulatory requirements, industry standards, best practices and all corporate information security policy, procedures, and standards.
  • Actively review, test, analyze and report on the effectiveness and state of all required controls.
  • Monitor and report on the status of compliance activities and remediation efforts escalating potentially risky situations as needed.
  • Provide recommendations to improve the effectiveness and efficiency of our risk-based audit program to ensure that it is repeatable, sustainable and cost effective.
  • Establish ongoing relationships with business managers and key functional stakeholders.
  • Stay informed of new compliance regulations, assist in the assessment of the impact to the organization, and collaborate to ensure compliance.
  • Share experience, knowledge, and ideas with management and co-workers to maintain a kind and respectful team-based environment.
  • Promote a corporate culture that is committed to Governance, Risk, and Compliance and information security best practices.

SUPERVISORY RESPONSIBILITIES

Will not have direct reports

Qualifications

Education and Experience

  • An undergraduate degree preferably in IT or STEM discipline.
  • Proficient working with a variety of technology platforms (Microsoft, Apple) and common business applications such as MS Office, Teams, Zoom and so forth.
  • Excellent interpersonal, verbal and written communication, presentation, and problem-solving skills.
  • Passionate about security, client satisfaction and process improvement.
  • Ability to balance being flexible and collaborative with following the rules.
  • Able to work with minimal supervision, take initiative and follow through on assignments.
  • Capable of working multiple tasks of varying priorities while maintaining tight deadlines.

Desired Qualifications:

  • A cybersecurity degree or graduate degree.
  • An additional 1-3 years of related work experience.
  • Any cybersecurity related certification such as A+, CISSP, CISA, SANS-GSEC or so forth.
  • Good understanding of security governance, compliance, and risk management principles.
  • Possesses and demonstrates a strong understanding of controls assessment techniques.
  • Solid business acumen and judgment to evaluate issues/problems of high complexity.
  • Able to function independently and perform routine task such as:
    • Facilitate meetings, organize conference calls, deliver presentations and so forth
  • Familiarity with common standards, frameworks and regulations such as:
    • NIST, ISO, COBIT, SIG, CCM, SOC-2, FAIR, HITRUST, PCI, GDPR.
  • Ability to travel (minimal travel anticipated).

#LI-CP1

Additional Information

Why you'll love it here:

If you are seeking a culture that supports growth, fosters success and moves the industry forward, find your place at Optiv! As a market-leading provider of cyber security solutions, Optiv has the most comprehensive ecosystem of security products and partners to deliver unparalleled services. Our rich and successful history with our clients is based on trust, serving more than 12,000 clients of varying sizes and industries, including commercial, government and education. We have the proven expertise to plan, build, and run successful security programs across Risk Management, Cyber Digital Transformation, Threat Management, Security Operations ? Managed Services and Identity and Data Management. Optiv remains committed to championing Diversity, Equality and Inclusion within our organization and throughout the industry.

With Optiv you can expect:

• Work/life balance. We offer "Recharge", a flexible, time-off program that encourages eligible employees to take the time they need to recharge

• Professional training resources, including tuition reimbursement

• Creative problem-solving and the ability to tackle unique, complex projects

• Volunteer Opportunities. "Optiv Chips In" encourages employees to volunteer and engage with their teams and communities.

• The ability and technology necessary to productively work remote/from home (where applicable).

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
JPMorgan Chase

Cyber Risk Associate

Plano, TX
Risk & Compliance
FULL-TIME
Nov 2
Premier

Technology & Cybersecurity Operational Risk Management – Cybersecurity Engineer - Associate

 

The Cybersecurity Engineer within Operational Risk Management is responsible for the identification, monitoring, testing, and governance of cybersecurity processes and controls risks inherent in JPMorgan Chase technology environment. This position will be highly engaged with the firm-wide Cybersecurity team who provides high quality security solutions to detect and monitor for threats and vulnerabilities and manage security incidents to keep ahead of threats. 

 

We are looking for a multi-disciplined forward-looking technologist with diverse backgrounds and experiences including in areas such as cybersecurity, big data,  compliance and oversight, cloud security, cryptography, rights management, networking technologies (e.g Cisco, Bluecoat, Juniper), and data security architectures. Knowledge of emerging technical trends and cyber threats will be required.

 

The successful candidate will use experience and leadership skills to give guidance and best practice advice across the Cybersecurity discipline.  He/she will lead significant event reviews, risk assessments, and perform monitoring of cybersecurity controls. Written and verbal communication of results of risk assessments will be provided by the Cybersecurity Engineer to management, executive directors, managing directors and stakeholders.  The role requires a strong self-starter who can understand program objectives, understand mitigating cybersecurity controls using a logical to independently assess the control environment.  

 

Key responsibilities include:

·         Perform deep inspection of specific technologies in targeted processes or firm-wide evaluation.

·         Keep abreast of current cyber trends, vulnerabilities, and emerging technologies.

·         Engage with cyber teams to gain full understanding of cybersecurity and control environment.

·         Perform significant event reviews.

·         Independently assess technology risk management and controls across the bank 

·         Understand third party risks as related to specific technology area of expertise.

·         Risk assessment of the impact of threats and vulnerabilities on JPMC technology portfolio. 

·         Coordination and key participation in the development of the evolving risk position of new technology.  For each of the technology areas in focus, this person will be charged with escalating and tracking the individual risk items. 

·         Work with appropriate technology areas to identify potentially elevated risk concentrations globally and perform assessments of the corresponding inherent risks and mitigating controls. Recommend any adjustments required to meet JPMC policy, regulatory requirements, and industry best practices. 

·         Develop and perform ongoing analysis of Operational Risk loss, near miss and external events to inform RCSA results, technology assessments and scenario analysis.  Investigate Operational Risk events meeting selection criteria; assist LOB OROs in determining the appropriate consideration of technology risk management and risk events.

·         Participate in key portfolio governance forums.

·         Provide feedback and coordination with the application risk assessment process.

·         Identify risk measures and thresholds for monitoring key risk cybersecurity controls.

·         BS/BA degree in computer science or equivalent experience.

·         2+ years or more proven experience in technology development, engineering or technical architecture with financial services experience

·         Working knowledge and interest of current and emerging technologies

·         Knowledge of Cybersecurity organization practices, operations, risk management processes, principles, architectural requirements, engineering and threats and vulnerabilities, including incident response methodologies

·         Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals

·         Demonstrated verbal and written communication skills and excellent analytical skills

·         Ability to understand complex technical systems and the business processes they support and synthesize the corresponding risks and controls and recommend adjustments if required.

·         Track record of collaboration and relationship building

·         Proven ability to anticipate and identify risks and effective mitigants

·         Excellent analytical and problem-solving skills, inquisitive nature and comfort challenging current practices

·         Proven track record of taking ideas forward without supervision and challenging others, where appropriate

·         Adept at developing relationships with senior business executives with a reputation for partnering across organization lines to mitigate risks

·         Highly disciplined, able to work with limited supervision and make independent decisions

·         Strong organizational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results

·         High level of professionalism, self-motivation, and sense of urgency

About Us

JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.

Equal Opportunity Employer/Disability/Veterans

About the Team

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.
 
Risk Management helps the firm understand, manage and anticipate risks in a constantly changing environment. The work covers areas such as evaluating country-specific risk, understanding regulatory changes and determining credit worthiness. Risk Management provides independent oversight and maintains an effective control environment.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
See More Governance Risk & Compliance Jobs

Network Security Jobs

TD Bank

Network Security Specialist

Mount Laurel, NJ
Network Security
FULL-TIME
Nov 6
Premier

TD Description

About TD Bank, America's Most Convenient Bank

TD Bank, America's Most Convenient Bank, is one of the 10 largest banks in the U.S., providing more than 8 million customers with a full range of retail, small business and commercial banking products and services at approximately 1,300 convenient locations throughout the Northeast, Mid-Atlantic, Metro D.C., the Carolinas and Florida. In addition, TD Bank and its subsidiaries offer customized private banking and wealth management services through TD Wealth®, and vehicle financing and dealer commercial services through TD Auto Finance. TD Bank is headquartered in Cherry Hill, N.J. To learn more, visit www.tdbank.com. Find TD Bank on Facebook at www.facebook.com/TDBank and on Twitter at www.twitter.com/TDBank_US.

TD Bank, America's Most Convenient Bank, is a member of TD Bank Group and a subsidiary of The Toronto-Dominion Bank of Toronto, Canada, a top 10 financial services company in North America. The Toronto-Dominion Bank trades on the New York and Toronto stock exchanges under the ticker symbol "TD". To learn more, visit www.td.com.

 

Department Overview

 

Building a World-Class Technology Team at TD

We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open

 

Job Description

PLEASE REFER TO THE QUALIFICATIONS SECTION FOR SPECIFIC ROLE REQUIREMENTS

About This Role

We are looking for someone to develop and implement Technology Controls and Information Security related policies, programs and tools. You will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect TD. You may also participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.

Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here are the essential job functions of this position:

  • Guide partners on a broad range of specific Technology Controls and Information Security programs, policies, standards and incidents.
  • Conduct risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas.
  • Lead or contribute to the completion of risk and control design assessments for an assigned business application, business portfolio, and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy.
  • Contribute to the definition, development, and oversight of a global security management strategy and framework.
  • Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against TDBG’s business.
  • Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
  • Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
  • Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
  • Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
  • Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise .
Other duties as assigned • Driving Requirements: • Travel Requirements:

 

Job Requirements

PLEASE REFER TO THE QUALIFICATIONS SECTION FOR SPECIFIC ROLE REQUIREMENTS

What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. Here are the minimum requirements for this position:

  • University Degree.
  • Information Security Certification / Accreditation an asset.
  • 7+ years of relevant experience.
  • Expert knowledge of IT security and risk disciplines and practices.
  • Advanced knowledge of of organization, technology controls, security and risk issues.
  • Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
  • Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors.
  • Must be eligible for employment under regulatory standards applicable to the position.

 

Qualifications

Preferred Qualifications - Here are the preferred qualifications for this role:

• Define, develop, implement, manage and govern standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency and effectiveness
• Provide subject matter expertise over network security risk assessment, secure network design and risk/threat/vulnerability management capabilities and functions across People, Process and Technology
• Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities
• Review and analyze large, complex, and comprehensive private and public cloud projects to assess network security risk, ensure compliance with standards, and suggest changes
• Conduct detailed assessments to prioritize program remediation or improvement for various network related technologies
• Build and maintain appropriate relationships with internal and external parties to ensure awareness and understanding of potential or impending threats, and measures to counter these threats
• Contribute to the review of internal processes & activities and assist in identifying potential opportunities for improvement
• Identify and recommend opportunities to enhance productivity, effectiveness and operational efficiency
• Assess / identify key issues and escalate to appropriate levels and relevant stakeholders where required
• Able to work well with others, and in particular be able to influence and change behaviors and build consensus
• Participate in the investigation of Information Security Incidents and development of remediation/prevention mechanisms
• Work with project teams to understand and accommodate application architecture and the applications specific requirements for private and public cloud networking
• Work with security team to understand and accommodate network security requirements for application
• Establish requirements and drive implementation of network security governance and reporting for private and public cloud environments.

Job Requirements :
• 5 to 7 years of experience in an information technology role focused on network infrastructure security preferably within the financial services industry or a consulting company
• Strong technical knowledge and understanding of various software-defined and physical network platforms including, firewalls, IDS/IPS, routers, switches, WAN technologies, MPLS, load balancing and wireless Networks
• Experience and understanding of public cloud networking and network security controls, particularly on Azure
• Experience defining network security standards and processes such as firewall rules request/approval process, B2B communication standards, logging and monitoring standards, device hardening standards for large organizations preferably in the financial services industry
• Resourceful and able to work independently with minimum supervision under the direction of the Senior Manager – Network Security
• Information Security certification or accreditation would be an asset
• Strong research, analytical and problem-solving abilities
• Effective written and verbal communication skills
• Have experience with micro segmentation and network automation in a hybrid public and private cloud environment
• Knowledgeable of cloud and hybrid-cloud implementations including IaaS, PaaS and SaaS

Education:
• University degree in Information Technology, Computer Science, Computer Engineering or equivalent work experience
• Certifications: CISSP, CCSP, Microsoft MCSE Azure – 400 or 500

 

 

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Lowe's

Network Security Engineer

Mooresville, NC
Network Security
FULL-TIME
Nov 1
Premier

Job Summary:
The primary purpose of this role is to support the design, implementation and ongoing operations of information security tools and services. This includes translating business and technical requirements into robust enterprise security software solutions that ensure information assets are adequately protected with acceptable levels of control. This also includes monitoring, testing, and evaluating security assessments of systems and taking steps to help design and implement remediation solutions.
 
 
To be successful, the individual in this role must have knowledge of security practices and tools related to identity and access management along with enterprise digital certificate management systems. This role helps establish and maintain programs that enable the business to operate efficiently and remain in compliance with regulatory and industry best practices.
 
 
Key Responsibilities:
• Supports the implementation and maintenance of assigned information security solutions to ensure successful deployment and operation; develops and documents detailed standards (e.g., guidelines, processes, procedures)
• Assists the Information Security team in monitoring security systems, reviewing logs, and managing information security systems
• Participates in regular security vulnerability assessments
• Performs internal and external penetration validation testing to ensure that computer systems are up to date relative to all operating systems, patches, and virus protection software
• Collaborates with other technology teams including Engineering to design and implement remediation solutions
• Provides assistance during information security incidents as part of an Incident Response Team
• Performs security tests against third-party products
• Remains aware of technological trends and developments in the area of information security
• Solves difficult technical problems; solutions are testable, maintainable, and efficient
• Provides support in the event of escalated security issues for enterprise systems; helps diagnose, troubleshoot, and resolve issues
• Supports the implementation of hardware and software changes into environments to ensure security requirements are met
• Provides input into security breach response procedures; assists with security breach response activities
• Participates in break/fix activities
• Analyzes the output of industry standard cybersecurity tools and helps identify remediations to reduce risk and exposure of applications
• Completes basic custom enhancements of applications using secure coding techniques to reduce the threat of remote or local vulnerabilities
• Evaluates entire applications (Container, Infrastructure, host platform) to identify potential threats and vulnerabilities
 
 
Minimum Qualifications:
• Bachelor's Degree in Computer Science, CIS, Engineering, Cybersecurity, or related field (or equivalent work or military experience in a related field)
• 2 years of experience in technology system support, software development or a related field
• 1 year of experience with information security applications and systems
• 1 year of experience in database technologies
• 1 year of experience working on project(s) involving the implementation of solutions applying development life cycles (SDLC)
• 2 years of experience analyzing the output of industry standard cybersecurity tools and identifying remediations to reduce risk and exposure of applications



Preferred Qualifications:
• Master's Degree in Computer Science, CIS, or related field
• Relevant information security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen)
• Advanced understanding of information security practices and policies
• 2 years of IT experience developing and implementing business systems within an organization
• 4 years of experience working with defect or incident tracking software
• 4 years of experience with technical documentation in a software development environment
• 2 years of experience working with an IT Infrastructure Library (ITIL) framework
• 2 years of experience leading teams, with or without direct reports
• Experience with Cloud technologies

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
See More Network Security Jobs

Cloud Security Jobs

General Electric

Remote Cloud Security Engineer

Remote
Cloud Security
FULL-TIME
Nov 6
Premier

Job Description Summary

General Electric (GE) Gas Power is seeking a motivated Staff Cloud Security Engineer responsible for strategic technical development, Including cloud security automation capabilities in AWS and Azure. The successful candidate will have strong problem-solving, time management and analytical skills. As part of the GE Cybersecurity team, a curiosity to learn combined with a builder-attitude will be critical in our mission to address evolving threats and protect company information and resources.

Job Description

Specific Responsibilities Include:

  • Design, build and implement enterprise cyber technology for production environments
  • Align technical risk management standards, frameworks and policy with overall GE Gas Power business and digital requirements.
  • Drive efforts with program application leads and stakeholders to architect Cloud solutions using tools and services aligned to standards and secure design patterns.
  • Design and implement automated security controls to proactively enforce Security, Risk and Compliance standards for applications.
  • Develop libraries of common secure patterns for deploying cloud infrastructure and applications, including applications provided by GE Infrastructure as a Service providers
  • Provide mechanism to demonstrate consistent application of controls and configurations, including creation of real-time tool providing across GE Power cloud accounts.
  • Engineer secure technology solutions that promote adoption of SecDevOps and Cloud services (IaaS, PaaS & SaaS).
  • Understand current and evolving threats for Cloud, including mitigation tools and techniques.
  • Research, recommend and implement controls for developing technology such as container orchestration, machine learning and serverless technologies.
  • Apply native cloud service provider security and monitoring services in the cloud, including network access controls, encryption, alerting and secrets management.
  • Identify security design gaps in existing and proposed architectures and recommend and deploy changes and enhancements

Basic Qualifications:

  • Bachelor’s degree in Information Systems (IS), Information Technology (IT), Computer Science or Engineering from an accredited college or university;
  • Minimum of 5 years of experience architecting secure Cloud platforms (AWS or Azure);
  • Minimum of 5 years of experience with programming or scripting languages;
  • Minimum of 3 years of experience with Cloud automation capabilities

Eligibility Requirements: (Country Specific)

  • United States (Gas Power locations preferred) & Remote

Desired Characteristics:

  • Experience reviewing and understanding cloud architecture and security best practices.
  • Highly technical, eager to learn with strong analytical and problem-solving skills.
  • Working knowledge of Cloud provider security architecture design patterns.
  • Experience performing design reviews to assess security risk for application architecture or introduction of new cloud services.
  • Associate or Professional-level Cloud certification(s).
  • Knowledge of IT service management and cybersecurity processes including change management, incident management, configuration management, threat and vulnerability management.
  • Knowledge of current programming language, source code management and related technology to evaluate infrastructure as code safeguards
  • Strategic thinker, with experience planning and executing multiyear application security roadmaps
  • Ability to define program KPIs and metrics
  • Advanced degree In Information Systems, Information Technology, Computer Science or Engineering from an accredited college or university.
  • Experience leveraging agile methods within development and project efforts

Additional Information

GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

Relocation Assistance Provided: No

Inclusion & Diversity
We are passionate about creating an inclusive work environment. By valuing the ideas and contributions of a diverse workforce we help inspire others to grow, succeed, and raise the bar for everyone. Join us at GE Gas Power, where results can be achieved by embracing a community of belonging.  
About GE Gas Power
GE Gas Power engineers cleaner, more accessible energy that people depend on, powering growth and prosperity for people everywhere. Our leading technologies produce a third of the world’s electricity thanks to our talented people, who make gas work for our customers, stakeholders and the world. Through relentless innovation and continuous partnership with our customers, we are building the energy technologies of the future and providing the cleaner, more efficient power people depend on today.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
InfoSys

AWS Cloud Architect

Irving, TX
Cloud Security
FULL-TIME
Nov 2
Premier

Job Description

 

 

As an AWS Cloud Architect, you will interface with key stakeholders and apply your technical proficiency across different stages of the Software Development Life Cycle including Requirements Elicitation, Application development, definition and Design. You will play an important role in creating the high-level design artifacts. You will also deliver high quality code deliverables for a module, lead validation for all types of testing and support activities related to implementation, transition and warranty. At Infosys, you may look forward to collaborating with some of the best talent in the industry to create innovative high quality and defect-free solutions to meet our clients’ business needs. We drive a learning culture, where teamwork and collaboration are encouraged, excellence is rewarded, and diversity is respected and valued.

Required AWS Cloud Architect Qualifications:

• Bachelor’s degree or foreign equivalent required from an accredited institution. Will also consider three years of progressive experience in the specialty in lieu of every year of education.
• 7+ years of experience with Information Technology
• U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are not able to sponsor at this time
• Candidate must be located within the commuting distance of Irving, TX or be willing to relocate to this location. This position may require travel in the US and Canada.
 
Preferred AWS Cloud Architect Qualifications:
 
• Hands on experience architecting in AWS and working with Big Data.
• Strong experience in Designing data pipelines and data solutions on-premise and on cloud, in AWS Big Data, Glue/EMR/S3/Redshift, Hadoop distributed frameworks, Apache Spark with Python, Java programming and Hadoop Ecosystems
• Good experience on Snowflake, End to End implementations on ETL and Bigdata Projects
• Good knowledge of Cloud Security implementation practices
• Expertise in scalability and high performance applications meeting various SLAs which are part of architecture and design
• Exposure on design and developing micro-services architecture, Diagnostic /Discovery/As Is Assessment, Solution
• Evaluation and Recommendation and CI / CD  Good experience in Project life cycle activities on development and maintenance projects
• Experience in data migration, estimation, sizing of project
• Experience in working in Agile teams, and working independently with Business stakeholders providing solutions and regular updates
• Experience and desire to work in a Global delivery environment with strong written and oral communication skills and Analytical skills
 
The job entails sitting as well as working at a computer for extended periods of time. Should be able to communicate by telephone, email or face to face. Travel may be required as per the job requirements.

About Us

Infosys is a global leader in next-generation digital services and consulting. We enable clients in 46 countries to navigate their digital transformation.

With over three decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change. We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise, and ideas from our innovation ecosystem.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
CrowdStrike

Software Engineer - Cloud Security

Remote
Cloud Security
FULL-TIME
Aug 19
Premier

About the Role

Cloud Security Posture Management (CSPM) is a new and complementary product area for CrowdStrike. We’re extending CrowdStrike’s mission of “stopping breaches” into the public cloud control plane and native cloud resources. CrowdStrike’s CSPM offering will give customers visibility into both the (mis)configuration and compliance of native cloud resources, and potential adversary activity involving those resources. When coupled with Falcon, CrowdStrike’s endpoint security offering, our CSPM offering will provide a more comprehensive perspective on how the adversary is targeting key customer infrastructure.

 

What You’ll Need 

  • Lead backend engineering efforts from rapid prototypes to large-scale applications across CrowdStrike products.
  • Leverage and build cloud based systems to detect targeted attacks and automate cyber threat intelligence production at a global scale.
  • Brainstorm, define, and build collaboratively with members across multiple teams.
  • Obsess about learning, and champion the newest technologies & tricks with others, raising the technical IQ of the team.
  • Be mentored and mentor other developers on web, backend and data storage technologies and our system.
  • Constantly re-evaluate our product to improve architecture, knowledge models, user experience, performance and stability.
  • Be an energetic ‘self-starter’ with the ability to take ownership and be accountable for deliverables.
  • Use and give back to the open source community.

 

You’ll use

  • Go (Golang)
  • AWS/GCP/Azure/Kubernetes
  • Kafka
  • GIT
  • Cassandra
  • ElasticSearch
  • Redis
  • ZMQ

 

Key Qualifications

  • Degree in Computer Science (or commensurate experience in data structures/algorithms/distributed systems).
  • The ability to scale backend systems – sharding, partitioning, scaling horizontally are second nature to you.
  • The desire to ship code and the love of seeing your bits run in production.
  • Deep understanding of distributed systems and scalability challenges.
  • Deep understand multi-threading, concurrency, and parallel processing technologies.
  • Team player skills – we embrace collaborating as a team as much as possible.
  • A thorough understanding of engineering best practices from appropriate testing paradigms to effective peer code reviews and resilient architecture.
  • The ability to thrive in a fast paced, test-driven, collaborative and iterative programming environment.
  • The skills to meet your commitments on time and produce high quality software that is unit tested, code reviewed, and checked in regularly for continuous integration.

 

Bonus points awarded for…

  • Authored and lead successful open source libraries and projects.
  • Contributions to the open source community (GitHub, Stack Overflow, blogging).
  • Existing exposure to Go, Scala, AWS, Cassandra, Kafka, Elasticsearch...
  • Prior experience in the cybersecurity or intelligence fields

 

Bring your experience in distributed technologies and algorithms, your great API and systems design sensibilities, and your passion for writing code that performs at extreme scale. You will help build a platform that scales to millions of events per second and Terabytes of data per day. If you want a job that makes a difference in the world and operates at high scale, you’ve come to the right place.

 

#LI-DK1

#LI-Remote

 

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards
  • Competitive vacation policy
  • Comprehensive health benefits + 401k plan 
  • Paid parental leave, including adoption
  • Flexible work environment
  • Wellness programs
  • Stocked fridges, coffee, soda, and lots of treats
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
IHS Markit

Junior Cloud Security Engineer

Remote
Cloud Security
FULL-TIME
Jul 8
Premier

Your role 

Reporting to the global head of cloud security at IHS Markit, your work will focus primarily on AWS with a secondary focus on VMC, Azure and/or GCP as needed. You will mentor and guide junior members of the cloud security team and partner with stakeholders across information security and other IHS Markit organizations to deliver solutions that harden IHS Markit’s cloud security posture.

 

Emphasis will be on the following objectives: 

·       Creating security automation for response and remediation of compliance findings and hardening of AWS and VMWare Cloud on AWS (VMC) environments primarily, and Azure or GCP secondarily

·       Onboard corporate and open-source security tools into build pipelines including SAST, DAST, TVM and anti-virus tools using Cloud native and open-source tooling and create custom tooling where needed to fill in gaps

·       Partner with the cybersecurity operations center (CSOC), offensive security operations and threat intelligence teams to onboard new services for the purpose of detection and predication of events

 

Your expertise 

·       0 – 2 years of experience of cloud security engineering on AWS 

·       Basic understanding of security requirements, best practices and execution in various cloud implementation scenarios: IaaS, PaaS, SaaS 

·       Basic understanding of Lockheed Martin’s Kill Chain or MITRE ATT&CK 

·       Basic understanding and exposure to automation using scripts and CI/CD pipelines with cloud native or open-source technologies 

·       Basic experience with a scripting language such as Bash or Python 

·       Basic understanding of Windows and Linux platforms in the lens of investigations, configuration management and patch management 

·       Knowledge of Google Cloud Platform (GCP) or Microsoft Azure security concepts in a secondary capacity is strongly desired, but not required 
 

You are 

·       A naturally curious self-starter - you can deliver on requirements with some limited guidance or supervision, as needed by you and the team 

·       A relentless learner - you actively seek to add to your skillset and knowledge base while challenging the status quo to drive efficiency in the team 

·       Strong interpersonal skills – you can communicate with a wide range of technical and non-technical teams 

·       Insist on the highest standards within the team and actively share your perspectives with the team and the larger information security organization 

 

What we offer: 

·       Access to the most interesting information technologies 

·       The ability to implement your own ideas and solutions 

·       Participation in conferences and training for Information Security qualifications 

 

Flexible Working  

We pride ourselves on our agility and diversity, and we welcome requests to work flexibly. For most roles, flexible hours and/or an element of remote working are usually possible. Please talk to us during the interview about the type of arrangement that is best for you. We will always try to be adaptable wherever we can and in accordance with local and regional practices.   

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Excelicon

Cloud Risk Analyst

Washington, DC
Cloud Security
CONTRACTOR
Jun 25
Premier

The reesource shall provide the organization risk guidance on existing and emerging cloud technologies.

Excelicon seeks a resource to support and execute the following tasks:

 

  • Evaluate technologies and determine risk of technology architecture, implementation and

suitability for the client. This may require interaction with vendors to gather product security

features, research vulnerabilities/weaknesses, and provide implementation recommendations to Senior Management.

  • Support the development of the client’s A&A strategy for Cloud based systems.
  • Provide technical writing support and guidance to system owners in the development, and
  • technical review of System Security Plans (SSPs).
  • Conduct in-depth technical security reviews, risk assessments, and architecture reviews for
  • Cloud based technologies to ensure alignment with House information security policies
  • and technical guidelines.
  • Develop recommendations for decision briefs for Senior Management to use in making
  • ATO and other security decisions.
  • Provide technical guidance in the development and revision of client’s information security policies to incorporate Cloud technologies.
  • The Contractor shall provide risk management guidance and advisement to CAO teams for

emerging technologies to include new cloud, mobile and desktop application work products.

  • Provide technical support for responding to and implementing recommendations of the Office of Inspector General and Internal Controls/Internal Audit.
  • Provide analysis and reporting on the cloud products currently in use at the client site to include high-risk services, data usage, and threats.
  • Other duties as assigned.

 

 

The Contractor shall provide individuals with the following knowledge, skills and abilities:

 

  • Bachelor’s degree in a related field.
  • Knowledge and expertise in cloud computing, virtualization, Platform as a Service (PaaS),
  • Infrastructure as a Service (IaaS), Software as a Service (SaaS).
  • Demonstrated experience in conducting technical risk assessments for various Cloud platforms.
  • Experience working with Cloud Security Alliance (CSA) guidelines and security guidance from

the National Institute of Standards and Technology (NIST) to include SP-800-53A: Assessing

Security and Privacy Controls in Federal Information Systems and Organizations: Building

Effective Assessment Plans, NIST SP 800-144: Guidelines on and Security and Privacy in Public

Computing Cloud, NIST SP 800-145: The NIST Definition of Cloud Computing, NIST SP 800-

146: Cloud Computing Synopsis and Recommendations; Federal Risk and Authorization

Management Program (FedRAMP) security control baselines and security guides.

  • Demonstrated understanding and/or experience of various Cloud environments.
  • Demonstrated experience supporting a CASB tool.
  • Strong familiarity with FedRAMP and Federal Cloud guidelines.
  • Achievement of CCSP (Certified Cloud Security Professional), CISSP (Certified Information
  • Systems Security Professional) and/or CRISC (Certified in Risk and Information Systems Control)
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
See More Cloud Security Jobs

Application Security Jobs

No jobs here as of now...we'll get it together and find some soon.
See More Application Security Jobs
No jobs here as of now...we'll get it together and find some soon.
TD Bank

Network Security Specialist

Mount Laurel, NJ
Network Security
FULL-TIME
Nov 6
Premier

TD Description

About TD Bank, America's Most Convenient Bank

TD Bank, America's Most Convenient Bank, is one of the 10 largest banks in the U.S., providing more than 8 million customers with a full range of retail, small business and commercial banking products and services at approximately 1,300 convenient locations throughout the Northeast, Mid-Atlantic, Metro D.C., the Carolinas and Florida. In addition, TD Bank and its subsidiaries offer customized private banking and wealth management services through TD Wealth®, and vehicle financing and dealer commercial services through TD Auto Finance. TD Bank is headquartered in Cherry Hill, N.J. To learn more, visit www.tdbank.com. Find TD Bank on Facebook at www.facebook.com/TDBank and on Twitter at www.twitter.com/TDBank_US.

TD Bank, America's Most Convenient Bank, is a member of TD Bank Group and a subsidiary of The Toronto-Dominion Bank of Toronto, Canada, a top 10 financial services company in North America. The Toronto-Dominion Bank trades on the New York and Toronto stock exchanges under the ticker symbol "TD". To learn more, visit www.td.com.

 

Department Overview

 

Building a World-Class Technology Team at TD

We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open

 

Job Description

PLEASE REFER TO THE QUALIFICATIONS SECTION FOR SPECIFIC ROLE REQUIREMENTS

About This Role

We are looking for someone to develop and implement Technology Controls and Information Security related policies, programs and tools. You will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect TD. You may also participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.

Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here are the essential job functions of this position:

  • Guide partners on a broad range of specific Technology Controls and Information Security programs, policies, standards and incidents.
  • Conduct risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas.
  • Lead or contribute to the completion of risk and control design assessments for an assigned business application, business portfolio, and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy.
  • Contribute to the definition, development, and oversight of a global security management strategy and framework.
  • Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against TDBG’s business.
  • Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
  • Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
  • Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
  • Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
  • Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise .
Other duties as assigned • Driving Requirements: • Travel Requirements:

 

Job Requirements

PLEASE REFER TO THE QUALIFICATIONS SECTION FOR SPECIFIC ROLE REQUIREMENTS

What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. Here are the minimum requirements for this position:

  • University Degree.
  • Information Security Certification / Accreditation an asset.
  • 7+ years of relevant experience.
  • Expert knowledge of IT security and risk disciplines and practices.
  • Advanced knowledge of of organization, technology controls, security and risk issues.
  • Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
  • Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors.
  • Must be eligible for employment under regulatory standards applicable to the position.

 

Qualifications

Preferred Qualifications - Here are the preferred qualifications for this role:

• Define, develop, implement, manage and govern standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency and effectiveness
• Provide subject matter expertise over network security risk assessment, secure network design and risk/threat/vulnerability management capabilities and functions across People, Process and Technology
• Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities
• Review and analyze large, complex, and comprehensive private and public cloud projects to assess network security risk, ensure compliance with standards, and suggest changes
• Conduct detailed assessments to prioritize program remediation or improvement for various network related technologies
• Build and maintain appropriate relationships with internal and external parties to ensure awareness and understanding of potential or impending threats, and measures to counter these threats
• Contribute to the review of internal processes & activities and assist in identifying potential opportunities for improvement
• Identify and recommend opportunities to enhance productivity, effectiveness and operational efficiency
• Assess / identify key issues and escalate to appropriate levels and relevant stakeholders where required
• Able to work well with others, and in particular be able to influence and change behaviors and build consensus
• Participate in the investigation of Information Security Incidents and development of remediation/prevention mechanisms
• Work with project teams to understand and accommodate application architecture and the applications specific requirements for private and public cloud networking
• Work with security team to understand and accommodate network security requirements for application
• Establish requirements and drive implementation of network security governance and reporting for private and public cloud environments.

Job Requirements :
• 5 to 7 years of experience in an information technology role focused on network infrastructure security preferably within the financial services industry or a consulting company
• Strong technical knowledge and understanding of various software-defined and physical network platforms including, firewalls, IDS/IPS, routers, switches, WAN technologies, MPLS, load balancing and wireless Networks
• Experience and understanding of public cloud networking and network security controls, particularly on Azure
• Experience defining network security standards and processes such as firewall rules request/approval process, B2B communication standards, logging and monitoring standards, device hardening standards for large organizations preferably in the financial services industry
• Resourceful and able to work independently with minimum supervision under the direction of the Senior Manager – Network Security
• Information Security certification or accreditation would be an asset
• Strong research, analytical and problem-solving abilities
• Effective written and verbal communication skills
• Have experience with micro segmentation and network automation in a hybrid public and private cloud environment
• Knowledgeable of cloud and hybrid-cloud implementations including IaaS, PaaS and SaaS

Education:
• University degree in Information Technology, Computer Science, Computer Engineering or equivalent work experience
• Certifications: CISSP, CCSP, Microsoft MCSE Azure – 400 or 500

 

 

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Lowe's

Network Security Engineer

Mooresville, NC
Network Security
FULL-TIME
Nov 1
Premier

Job Summary:
The primary purpose of this role is to support the design, implementation and ongoing operations of information security tools and services. This includes translating business and technical requirements into robust enterprise security software solutions that ensure information assets are adequately protected with acceptable levels of control. This also includes monitoring, testing, and evaluating security assessments of systems and taking steps to help design and implement remediation solutions.
 
 
To be successful, the individual in this role must have knowledge of security practices and tools related to identity and access management along with enterprise digital certificate management systems. This role helps establish and maintain programs that enable the business to operate efficiently and remain in compliance with regulatory and industry best practices.
 
 
Key Responsibilities:
• Supports the implementation and maintenance of assigned information security solutions to ensure successful deployment and operation; develops and documents detailed standards (e.g., guidelines, processes, procedures)
• Assists the Information Security team in monitoring security systems, reviewing logs, and managing information security systems
• Participates in regular security vulnerability assessments
• Performs internal and external penetration validation testing to ensure that computer systems are up to date relative to all operating systems, patches, and virus protection software
• Collaborates with other technology teams including Engineering to design and implement remediation solutions
• Provides assistance during information security incidents as part of an Incident Response Team
• Performs security tests against third-party products
• Remains aware of technological trends and developments in the area of information security
• Solves difficult technical problems; solutions are testable, maintainable, and efficient
• Provides support in the event of escalated security issues for enterprise systems; helps diagnose, troubleshoot, and resolve issues
• Supports the implementation of hardware and software changes into environments to ensure security requirements are met
• Provides input into security breach response procedures; assists with security breach response activities
• Participates in break/fix activities
• Analyzes the output of industry standard cybersecurity tools and helps identify remediations to reduce risk and exposure of applications
• Completes basic custom enhancements of applications using secure coding techniques to reduce the threat of remote or local vulnerabilities
• Evaluates entire applications (Container, Infrastructure, host platform) to identify potential threats and vulnerabilities
 
 
Minimum Qualifications:
• Bachelor's Degree in Computer Science, CIS, Engineering, Cybersecurity, or related field (or equivalent work or military experience in a related field)
• 2 years of experience in technology system support, software development or a related field
• 1 year of experience with information security applications and systems
• 1 year of experience in database technologies
• 1 year of experience working on project(s) involving the implementation of solutions applying development life cycles (SDLC)
• 2 years of experience analyzing the output of industry standard cybersecurity tools and identifying remediations to reduce risk and exposure of applications



Preferred Qualifications:
• Master's Degree in Computer Science, CIS, or related field
• Relevant information security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen)
• Advanced understanding of information security practices and policies
• 2 years of IT experience developing and implementing business systems within an organization
• 4 years of experience working with defect or incident tracking software
• 4 years of experience with technical documentation in a software development environment
• 2 years of experience working with an IT Infrastructure Library (ITIL) framework
• 2 years of experience leading teams, with or without direct reports
• Experience with Cloud technologies

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
General Electric

Remote Cloud Security Engineer

Remote
Cloud Security
FULL-TIME
Nov 6
Premier

Job Description Summary

General Electric (GE) Gas Power is seeking a motivated Staff Cloud Security Engineer responsible for strategic technical development, Including cloud security automation capabilities in AWS and Azure. The successful candidate will have strong problem-solving, time management and analytical skills. As part of the GE Cybersecurity team, a curiosity to learn combined with a builder-attitude will be critical in our mission to address evolving threats and protect company information and resources.

Job Description

Specific Responsibilities Include:

  • Design, build and implement enterprise cyber technology for production environments
  • Align technical risk management standards, frameworks and policy with overall GE Gas Power business and digital requirements.
  • Drive efforts with program application leads and stakeholders to architect Cloud solutions using tools and services aligned to standards and secure design patterns.
  • Design and implement automated security controls to proactively enforce Security, Risk and Compliance standards for applications.
  • Develop libraries of common secure patterns for deploying cloud infrastructure and applications, including applications provided by GE Infrastructure as a Service providers
  • Provide mechanism to demonstrate consistent application of controls and configurations, including creation of real-time tool providing across GE Power cloud accounts.
  • Engineer secure technology solutions that promote adoption of SecDevOps and Cloud services (IaaS, PaaS & SaaS).
  • Understand current and evolving threats for Cloud, including mitigation tools and techniques.
  • Research, recommend and implement controls for developing technology such as container orchestration, machine learning and serverless technologies.
  • Apply native cloud service provider security and monitoring services in the cloud, including network access controls, encryption, alerting and secrets management.
  • Identify security design gaps in existing and proposed architectures and recommend and deploy changes and enhancements

Basic Qualifications:

  • Bachelor’s degree in Information Systems (IS), Information Technology (IT), Computer Science or Engineering from an accredited college or university;
  • Minimum of 5 years of experience architecting secure Cloud platforms (AWS or Azure);
  • Minimum of 5 years of experience with programming or scripting languages;
  • Minimum of 3 years of experience with Cloud automation capabilities

Eligibility Requirements: (Country Specific)

  • United States (Gas Power locations preferred) & Remote

Desired Characteristics:

  • Experience reviewing and understanding cloud architecture and security best practices.
  • Highly technical, eager to learn with strong analytical and problem-solving skills.
  • Working knowledge of Cloud provider security architecture design patterns.
  • Experience performing design reviews to assess security risk for application architecture or introduction of new cloud services.
  • Associate or Professional-level Cloud certification(s).
  • Knowledge of IT service management and cybersecurity processes including change management, incident management, configuration management, threat and vulnerability management.
  • Knowledge of current programming language, source code management and related technology to evaluate infrastructure as code safeguards
  • Strategic thinker, with experience planning and executing multiyear application security roadmaps
  • Ability to define program KPIs and metrics
  • Advanced degree In Information Systems, Information Technology, Computer Science or Engineering from an accredited college or university.
  • Experience leveraging agile methods within development and project efforts

Additional Information

GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

Relocation Assistance Provided: No

Inclusion & Diversity
We are passionate about creating an inclusive work environment. By valuing the ideas and contributions of a diverse workforce we help inspire others to grow, succeed, and raise the bar for everyone. Join us at GE Gas Power, where results can be achieved by embracing a community of belonging.  
About GE Gas Power
GE Gas Power engineers cleaner, more accessible energy that people depend on, powering growth and prosperity for people everywhere. Our leading technologies produce a third of the world’s electricity thanks to our talented people, who make gas work for our customers, stakeholders and the world. Through relentless innovation and continuous partnership with our customers, we are building the energy technologies of the future and providing the cleaner, more efficient power people depend on today.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
InfoSys

AWS Cloud Architect

Irving, TX
Cloud Security
FULL-TIME
Nov 2
Premier

Job Description

 

 

As an AWS Cloud Architect, you will interface with key stakeholders and apply your technical proficiency across different stages of the Software Development Life Cycle including Requirements Elicitation, Application development, definition and Design. You will play an important role in creating the high-level design artifacts. You will also deliver high quality code deliverables for a module, lead validation for all types of testing and support activities related to implementation, transition and warranty. At Infosys, you may look forward to collaborating with some of the best talent in the industry to create innovative high quality and defect-free solutions to meet our clients’ business needs. We drive a learning culture, where teamwork and collaboration are encouraged, excellence is rewarded, and diversity is respected and valued.

Required AWS Cloud Architect Qualifications:

• Bachelor’s degree or foreign equivalent required from an accredited institution. Will also consider three years of progressive experience in the specialty in lieu of every year of education.
• 7+ years of experience with Information Technology
• U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are not able to sponsor at this time
• Candidate must be located within the commuting distance of Irving, TX or be willing to relocate to this location. This position may require travel in the US and Canada.
 
Preferred AWS Cloud Architect Qualifications:
 
• Hands on experience architecting in AWS and working with Big Data.
• Strong experience in Designing data pipelines and data solutions on-premise and on cloud, in AWS Big Data, Glue/EMR/S3/Redshift, Hadoop distributed frameworks, Apache Spark with Python, Java programming and Hadoop Ecosystems
• Good experience on Snowflake, End to End implementations on ETL and Bigdata Projects
• Good knowledge of Cloud Security implementation practices
• Expertise in scalability and high performance applications meeting various SLAs which are part of architecture and design
• Exposure on design and developing micro-services architecture, Diagnostic /Discovery/As Is Assessment, Solution
• Evaluation and Recommendation and CI / CD  Good experience in Project life cycle activities on development and maintenance projects
• Experience in data migration, estimation, sizing of project
• Experience in working in Agile teams, and working independently with Business stakeholders providing solutions and regular updates
• Experience and desire to work in a Global delivery environment with strong written and oral communication skills and Analytical skills
 
The job entails sitting as well as working at a computer for extended periods of time. Should be able to communicate by telephone, email or face to face. Travel may be required as per the job requirements.

About Us

Infosys is a global leader in next-generation digital services and consulting. We enable clients in 46 countries to navigate their digital transformation.

With over three decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change. We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise, and ideas from our innovation ecosystem.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Teradata

Information Security Analyst

San Diego, CA
SOC / Threat Intel
FULL-TIME
Nov 6
Premier

Considering COVID-19, we are still hiring but conducting virtual interviews to keep our candidates and employees safe. Many roles will be temporarily remote or work from home to comply with current safety regulations. These roles will be required to be in the office once it is safe or restrictions are lifted. Read more on our response here: Teradata Response to COVID-19 

With all the investments made in analytics, it’s time to stop buying into partial solutions that overpromise and underdeliver. It’s time to invest in answers. Only Teradata leverages all of the data, all of the time, so that customers can analyze anything, deploy anywhere, and deliver analytics that matter most to them. And we do it at scale, on-premises, in the Cloud, or anywhere in between.

We call this Pervasive Data Intelligence. It’s the answer to the complexity, cost, and inadequacy of today’s analytics. And it's the way Teradata transforms how businesses work and people live through the power of data throughout the world. Join us and help create the era of Pervasive Data Intelligence.

The Information Security Analyst will be tasked not only with identifying and responding to potential threats, but also proactively hunting and eliminating them. The ideal candidate will have highly technical skills and should possess an understanding across a broad range of security technologies and will take a proactive approach to network intrusions. You should have several years of experience working within a SOC environment and should have hands-on experience in creating and executing cyber hunting missions. The candidate must be a world-class problem-solver with the ability to handle challenges under pressure. This is a global role with responsibility for Teradata security technologies for all business units.

The ideal candidate will have experience and a proven track record of finding and responding to threats found from various tools DLP, SIEM. Security Analytics, Behavior Analysis etc. As a key member of the security team, flexibility and a broad knowledge of security processes, along with strong communication and collaboration skills, will result in a successful candidate.

Key Areas of Responsibility

Direct hands-on expertise in the following areas of information security

  • Threat intelligence/threat hunting
  • SIEM
  • Fireeye, Sourcefire, Snort, Suricata, Kibana
  • Security Analytics
  • Network Security, network access control, network monitoring tools
  • Vulnerability identification, anti-virus, malware detection/analysis
  • Programming Tools Java, Ruby, C/C++, PHP, Perl, Python
  • DLP, encryption, email security, HIDS/NIDS
  • Develop, maintain and report on security operation metrics
  • Participate in the review and analysis of internal projects and external requirements that may have an impact on security
  • Be aware of the IT security requirements for the business and implement measures to satisfy those requirements in the most efficient manner
  • Keep abreast of emerging security technologies and make appropriate recommendations regarding their implementation

Qualifications

  • BS degree in related field preferred. Equivalent experience/certification acceptable.
  • 3+ years of demonstrated experience in information security roles
  • 2+ years managing security technologies
  • Industry certifications such as CISSP, CCSP, CEH, PMP, GCIH, GSEC
  • Extensive Experience in
    • IT security industry trends and direction
    • Network and internet security
    • Emerging technologies
    • IT standards, procedures, policy
    • Information security management
    • Information security technologies

 

  • Excellent analytical, troubleshooting & interpersonal skills
  • Strong verbal and written communication skills
  • Self-motivated and able to work independently
  • Effective communication skills to translate technical risks and exposures to a business perspective - formal reports and/or presentations
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Palo Alto Networks

Intern – Information Security

Santa Clara, CA
SOC / Threat Intel
FULL-TIME
Nov 5
Premier

Our Mission

At Palo Alto Networks® everything starts and ends with our mission: 

Being the cybersecurity partner of choice, protecting our digital way of life. 

We have the vision of a world where each day is safer and more secure than the one before. These aren’t easy goals to accomplish – but we’re not here for easy. We’re here for better. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are. 

Your Career

You will join an Information Security (InfoSec) team that will give you the opportunity to make a global impact. One that protects our way of life in the digital age by preventing successful cyberattacks. A team looking for engineers who are passionate about technology, have an interest in cyber security, and also want to make a positive difference in the world that we live in. The projects our interns are assigned will give real hands-on experience working on securing Palo Alto Networks. The Information Security team’s mission is to protect the company's brand integrity, confidentiality, infrastructure, and assets from internal and external threats. They enable business outcomes everywhere while securing the user, product, infrastructure and data, built on a foundation of threat detection and response.

Our top Technical Internship roles we hire for are :

  • Security Architect

  • DevOps Engineer 

  • Security Operations Center (SOC) Engineer

  • Red Team Engineer

  • Risk & Compliance Analyst

  • Vulnerability Engineer 

Your Impact

  • Collaborate and execute alongside experienced engineers and security professionals.

  • Help us disrupt the cybersecurity industry using the latest and greatest technologies.

  • Write code that meaningfully improves our products and services

  • Learn about the cybersecurity industry from the world's leading security experts.

Your Experience

  • Completing a BS/MS/PhD degree in Computer Science, Computer Engineering or other related STEM field

  • Strong programming skills

  • An understanding of the fundamentals of Computer Science & Computer Security

  • Exemplify strong initiative and ability to work independently with limited direction

  • Ability to work cross functionally with other engineers, researchers and Product Managers

  • Excellent communications skills

The Team

Our Information Security team is at the core of our products and connected directly to the mission of preventing cyberattacks. We are constantly innovating — challenging the way we, and the industry, think about cybersecurity. Our engineers don’t shy away from building products to solve the problems no one has pursued before. 

We define the industry instead of waiting for directions. We need individuals who feel comfortable in ambiguity, excited by the prospect of a challenge, and empowered by the unknown risks facing our everyday lives that are only enabled by a secure digital environment. 

Intern Program

Our global internship program trains the next-generation of cybersecurity talent across a range of specializations, from threat intelligence to information security, engineering, sales, and marketing. The program also features a combination of challenging projects with tangible impact, engaging social events, and networking opportunities. Interns and recent graduates can learn about the network security industry from leading thinkers, grow their professional networks, and be part of a career-defining experience.

The summer internship program features a combination of challenging projects with real impact, engaging social events, and networking opportunities:

  • 12-week program

  • Peers of elite students

  • One-on-one mentoring by industry leaders

  • Exposure to and support from Palo Alto Networks executives

  • Events that pique your intellectual curiosity and inspire new ideas

  • Opportunities to expand your knowledge and work in a fast-paced environment

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
St. Joseph’s Health

Information Security Analyst

Paterson, NJ
SOC / Threat Intel
FULL-TIME
Nov 1
Premier

Overview

St. Joseph’s Health is recognized for the expertise and compassion of its highly skilled and responsive staff. The combined efforts of the organization’s outstanding physicians, superb nurses, and dedicated clinical and professional staff have made us one of the most highly respected healthcare organizations in the state, the largest employer in Passaic County, and one of the nation’s “100 Best Places to Work in Health Care”.

Job Overview
Responsible for assessing security threats and risks involving the security and integrity of data within the St. Joseph Healthcare System. Responsible for the monitoring and analyzing of logs and alerts from a variety of technologies including networks, servers, workstations, firewalls, Intrusion detection and prevention systems (IDS/IPS) virtual private networks (VPNs), encryption, data loss prevention (DLP), and antivirus systems. Responsible for the creation of comprehensive security write-ups which articulate security issues, analysis and remediation techniques, troubleshooting and resolution of security issues.

Qualifications

Work requires the knowledge of theories, principles, and concepts acquired through completion of a Bachelor's degree in Computer Information Systems, Computer Science, MIS, Engineering or closely related field. A minimum of five years experience with desktop, server and/or network administration in a mixed computing environment required.  Two years  of direct information security experience preferred.  CompTIA Network+ Certification, CompTIA Security+ Certification and Microsoft MCP Certification preferred.  Understanding of Information Security concepts and business acumen. Strong working knowledge of Windows Server, Desktop, Active Directory and Exchange.  Experience using  security vulnerability assessment tools and techniques.  Experience of using Malware Remediation Tools.  Solid understanding of operating systems and platforms (Windows, iOS, Unix, Linux).  Experience with Directory Services and LDAP.  Knowledge of network infrastructures including firewalls, VPN's, Intrusion Detection Systems, vulnerability assessment strategies, web application and device security.  Knowledge of the security requirements for HIPAA, HITECH, ISO 27001/27002 and SOX regulations.  Requires analytical skills with the ability to exercise sound judgment, attention to detail and problem resolution.  Must possess strong customer service, communication, organizational & interpersonal skills.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
RiskIQ

Cyber Threat Intelligence Analyst

Remote
SOC / Threat Intel
FULL-TIME
Nov 1
Premier

RiskIQ is the leader in attack surface management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk and take action to protect the business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners and MassMutual Ventures.

We are looking for a Senior Cyber Intelligence Analyst to join our i3 team. This position can be based at our office in Lenexa, KS or remotely. 

The Role
The Incident Investigations and Intelligence (i3) Program within RiskIQ is built to oversee managed services of the External Threats Product workspaces for clients and the Executive Guardian product workspaces for clients. Executive Guardian is designed to protect C-Suite and high net worth individuals from physical threats, exposures of Personally Identifiable Information (PII), and instances of social media account impersonation thereby safeguarding the individual, their reputation, family, and by extension, the company. External Threats protects clients from phishing attacks, domain infringement, mobile app impersonation, social & brand impersonation, and data leakage. The i3 Cyber Intelligence Analyst (SCIA) The i3 Cyber Threat Intelligence Analyst is a mid-level analytic role that will capitalize on an existing technical skillset to build and maintain complex technical logic to identify online threats to customers, manage client threat events, and take the appropriate action to suppress harmful content on the internet in order to protect our customers, their people, and their assets. i3 Cyber Threat Intelligence Analysts will also perform threat attribution research for the purposes of providing customers with finished and actionable intelligence products relevant to the safety and security of their assets and operations. The i3 Cyber Threat Intelligence Analyst is technically proficient, proactive, and is business-minded using both available open source and proprietary data sets to confidently support attribution of virtual threat actors with their actions.

Responsibilities

  • Configuration of technical details in the RiskIQ platform to identify sensitive data on the web for customers, including proprietary data and Personally Identifiable Information (PII)
  • Manage client workspaces to identify and mitigate threats such as phishing, domain infringement, brand infringement, social media impersonations, and mobile app fraudulent activity
  • Effectively conduct cyber investigations around events surfaced in the RiskIQ platform looking for relevant threat actor infrastructure, IOCs, and TTPS
  • Work with i3 colleagues and leadership to design solutions to improve collection within the External Threats and Executive Guardian platforms to improve the client experience
  • Respond to requests for customer support and escalate to Engineering as appropriate
  • Review and appropriately escalate detections based on the urgency of the discovered data/threat
  • Stand up Proofs-of-Concept (POC) workspaces and orchestrate effective and value-driven POCs for customers and prospective customers in support of sales opportunities
  • Monitor the RiskIQ platform and alert/support senior staff to conduct security/threat investigations into threat actors and their activities world-wide, using industry tools and proprietary information
  • Assist in the production of threat analysis for dissemination to consumers on the safety and security of customers, assets and operations, including impact assessment​ ​and mitigation recommendations
  • Identify opportunities to predict and prevent future security issues and/or incidents
  • Collaborate with client security teams digitally, via phone, or at times, in person to constantly improve analytic standards, workflows, and success metrics and develop/improve analytic products as appropriate
  • Collaborate with RiskIQ Legal and Engineering teams to ensure appropriate mitigation of identified risks
  • Work with sensitive and confidential information and maintain highest standards of data protection to ensure client confidentiality
  • Support the production of finished threat analysis for dissemination to consumers on the safety and security of customers, assets and operations, including impact assessment and mitigation recommendations
  • Effectively engage consultatively with customers to design workflows, provide training, and update and brief teams on performance, metrics, and workspace events/intelligence
  • Collaborate with senior i3 team members to constantly improve analytic standards,
  • workflows, and success metrics and develop/improve analytic products as appropriate

Requirements

  • Bachelor's degree required
  • Experience researching and collecting intelligence from within social media, deep web forums, and the dark web
  • Technical proficiency with open source intelligence (OSINT) research tools; familiarity with Regex, JavaScript, SQL, and Python a strong plus
  • Familiarity with Threat Models such as ​MITRE ATT&CK® ​, Diamond Model and Cyber Kill Chain®; Incident Response Investigations experience highly desired
  • Technical skill familiarization in network communications (TCP/IP, OSI Model), malware analysis(communication/installation/behavior) and computer network defense operations
  • Previous experience with anti-phishing and online fraud identification and remediation
  • Strong written and verbal communication skills
  • Ability to effectively interface with and lead communication with customers; previous cybersecurity consulting experience a strong plus
  • Experience managing multiple projects, and the ability to flex quickly as required evolving corporate priorities
  • Ability to work independently and with minimal supervision
  • Basic understanding of investigative analysis, and communicating findings to consumers
  • Approximately 10-25% global travel required
  • Ability to obtain a US Top Secret security clearance
 
 

Why work at RiskIQ?

  • Fascinating work - Welcome to the dark underbelly of the Internet. RiskIQ’s ability to help organizations map and monitor their attack surface, detect internet-scale threats, and investigate adversaries led to skyrocketing adoption by security teams around the world. It is the golden age of internet crime, and we are at the forefront of defensive efforts to stem the tide. Internet security is a global growth industry, and the knowledge you acquire here will be a marketable skill for decades to come.
  • We’re a company on the forefront of a burgeoning industry - RiskIQ experienced explosive growth in 2018, including a 362.5 percent increase in net new product sales due to the steady adoption of attack surface management across the world. We also experienced a 365 percent increase in registration for RiskIQ community, our freemium entry-level product, showing the increasing role of security outside the firewall to the growth of businesses.
  • Top Leadership - Our CEO is a renowned cybersecurity veteran known for his expertise. Our leadership group is poised and experienced with a track record in technology and cybersecurity.
  • Unbounded opportunity - We’re growing! At RiskIQ, you’ll be provided with as much responsibility as you can handle—new career development opportunities constantly arise given our rate of growth.
  • Flexibility - You’ll have a large workload, but also the freedom to accomplish it on your own terms.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Optiv

Cyber Security Compliance Analyst

Denver, CO
Risk & Compliance
FULL-TIME
Nov 6
Premier

Company Description

At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest growing companies in a truly essential industry.

In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients, and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.

Job Description

Optiv is the leading security solutions integrator creating confidence for a more connected world. Optiv’s corporate security team is tasked with protecting company resources and client data in a dynamic industry with expanding threats. To meet the challenging needs of Optiv’s growing business, the corporate security team is expanding their information security governance and compliance program. The security compliance analyst will report directly to the Director of Governance and Compliance. This position is responsible for assisting with the collection and analysis of key performance metrics, conducting internal audits and assessments, assisting with third-party assessments and internal risk management reviews to help ensure the confidentiality, integrity, and availability of Optiv data and systems.  The security compliance analyst must possess strong analytical skills, research capabilities, and an attention to detail to ensure Optiv can efficiently and effectively handle its compliance requirements. This position is highly business-facing, with frequent collaboration and interaction with all Optiv business units.

PRIMARY DUTIES AND RESPONSIBILITIES

  • Participate in all phases of internal and external assessments and audits.
  • Respond to client third-party assessment requests to facilitate business transactions and maintain strategic business relationships.
  • Positively interact with multiple internal Optiv business units to develop standardized assessment responses for external clients.
  • Perform compliance assessments to determine if business systems are aligned with regulatory requirements, industry standards, best practices and all corporate information security policy, procedures, and standards.
  • Actively review, test, analyze and report on the effectiveness and state of all required controls.
  • Monitor and report on the status of compliance activities and remediation efforts escalating potentially risky situations as needed.
  • Provide recommendations to improve the effectiveness and efficiency of our risk-based audit program to ensure that it is repeatable, sustainable and cost effective.
  • Establish ongoing relationships with business managers and key functional stakeholders.
  • Stay informed of new compliance regulations, assist in the assessment of the impact to the organization, and collaborate to ensure compliance.
  • Share experience, knowledge, and ideas with management and co-workers to maintain a kind and respectful team-based environment.
  • Promote a corporate culture that is committed to Governance, Risk, and Compliance and information security best practices.

SUPERVISORY RESPONSIBILITIES

Will not have direct reports

Qualifications

Education and Experience

  • An undergraduate degree preferably in IT or STEM discipline.
  • Proficient working with a variety of technology platforms (Microsoft, Apple) and common business applications such as MS Office, Teams, Zoom and so forth.
  • Excellent interpersonal, verbal and written communication, presentation, and problem-solving skills.
  • Passionate about security, client satisfaction and process improvement.
  • Ability to balance being flexible and collaborative with following the rules.
  • Able to work with minimal supervision, take initiative and follow through on assignments.
  • Capable of working multiple tasks of varying priorities while maintaining tight deadlines.

Desired Qualifications:

  • A cybersecurity degree or graduate degree.
  • An additional 1-3 years of related work experience.
  • Any cybersecurity related certification such as A+, CISSP, CISA, SANS-GSEC or so forth.
  • Good understanding of security governance, compliance, and risk management principles.
  • Possesses and demonstrates a strong understanding of controls assessment techniques.
  • Solid business acumen and judgment to evaluate issues/problems of high complexity.
  • Able to function independently and perform routine task such as:
    • Facilitate meetings, organize conference calls, deliver presentations and so forth
  • Familiarity with common standards, frameworks and regulations such as:
    • NIST, ISO, COBIT, SIG, CCM, SOC-2, FAIR, HITRUST, PCI, GDPR.
  • Ability to travel (minimal travel anticipated).

#LI-CP1

Additional Information

Why you'll love it here:

If you are seeking a culture that supports growth, fosters success and moves the industry forward, find your place at Optiv! As a market-leading provider of cyber security solutions, Optiv has the most comprehensive ecosystem of security products and partners to deliver unparalleled services. Our rich and successful history with our clients is based on trust, serving more than 12,000 clients of varying sizes and industries, including commercial, government and education. We have the proven expertise to plan, build, and run successful security programs across Risk Management, Cyber Digital Transformation, Threat Management, Security Operations ? Managed Services and Identity and Data Management. Optiv remains committed to championing Diversity, Equality and Inclusion within our organization and throughout the industry.

With Optiv you can expect:

• Work/life balance. We offer "Recharge", a flexible, time-off program that encourages eligible employees to take the time they need to recharge

• Professional training resources, including tuition reimbursement

• Creative problem-solving and the ability to tackle unique, complex projects

• Volunteer Opportunities. "Optiv Chips In" encourages employees to volunteer and engage with their teams and communities.

• The ability and technology necessary to productively work remote/from home (where applicable).

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
JPMorgan Chase

Cyber Risk Associate

Plano, TX
Risk & Compliance
FULL-TIME
Nov 2
Premier

Technology & Cybersecurity Operational Risk Management – Cybersecurity Engineer - Associate

 

The Cybersecurity Engineer within Operational Risk Management is responsible for the identification, monitoring, testing, and governance of cybersecurity processes and controls risks inherent in JPMorgan Chase technology environment. This position will be highly engaged with the firm-wide Cybersecurity team who provides high quality security solutions to detect and monitor for threats and vulnerabilities and manage security incidents to keep ahead of threats. 

 

We are looking for a multi-disciplined forward-looking technologist with diverse backgrounds and experiences including in areas such as cybersecurity, big data,  compliance and oversight, cloud security, cryptography, rights management, networking technologies (e.g Cisco, Bluecoat, Juniper), and data security architectures. Knowledge of emerging technical trends and cyber threats will be required.

 

The successful candidate will use experience and leadership skills to give guidance and best practice advice across the Cybersecurity discipline.  He/she will lead significant event reviews, risk assessments, and perform monitoring of cybersecurity controls. Written and verbal communication of results of risk assessments will be provided by the Cybersecurity Engineer to management, executive directors, managing directors and stakeholders.  The role requires a strong self-starter who can understand program objectives, understand mitigating cybersecurity controls using a logical to independently assess the control environment.  

 

Key responsibilities include:

·         Perform deep inspection of specific technologies in targeted processes or firm-wide evaluation.

·         Keep abreast of current cyber trends, vulnerabilities, and emerging technologies.

·         Engage with cyber teams to gain full understanding of cybersecurity and control environment.

·         Perform significant event reviews.

·         Independently assess technology risk management and controls across the bank 

·         Understand third party risks as related to specific technology area of expertise.

·         Risk assessment of the impact of threats and vulnerabilities on JPMC technology portfolio. 

·         Coordination and key participation in the development of the evolving risk position of new technology.  For each of the technology areas in focus, this person will be charged with escalating and tracking the individual risk items. 

·         Work with appropriate technology areas to identify potentially elevated risk concentrations globally and perform assessments of the corresponding inherent risks and mitigating controls. Recommend any adjustments required to meet JPMC policy, regulatory requirements, and industry best practices. 

·         Develop and perform ongoing analysis of Operational Risk loss, near miss and external events to inform RCSA results, technology assessments and scenario analysis.  Investigate Operational Risk events meeting selection criteria; assist LOB OROs in determining the appropriate consideration of technology risk management and risk events.

·         Participate in key portfolio governance forums.

·         Provide feedback and coordination with the application risk assessment process.

·         Identify risk measures and thresholds for monitoring key risk cybersecurity controls.

·         BS/BA degree in computer science or equivalent experience.

·         2+ years or more proven experience in technology development, engineering or technical architecture with financial services experience

·         Working knowledge and interest of current and emerging technologies

·         Knowledge of Cybersecurity organization practices, operations, risk management processes, principles, architectural requirements, engineering and threats and vulnerabilities, including incident response methodologies

·         Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals

·         Demonstrated verbal and written communication skills and excellent analytical skills

·         Ability to understand complex technical systems and the business processes they support and synthesize the corresponding risks and controls and recommend adjustments if required.

·         Track record of collaboration and relationship building

·         Proven ability to anticipate and identify risks and effective mitigants

·         Excellent analytical and problem-solving skills, inquisitive nature and comfort challenging current practices

·         Proven track record of taking ideas forward without supervision and challenging others, where appropriate

·         Adept at developing relationships with senior business executives with a reputation for partnering across organization lines to mitigate risks

·         Highly disciplined, able to work with limited supervision and make independent decisions

·         Strong organizational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results

·         High level of professionalism, self-motivation, and sense of urgency

About Us

JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.

Equal Opportunity Employer/Disability/Veterans

About the Team

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.
 
Risk Management helps the firm understand, manage and anticipate risks in a constantly changing environment. The work covers areas such as evaluating country-specific risk, understanding regulatory changes and determining credit worthiness. Risk Management provides independent oversight and maintains an effective control environment.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.