Due to these struggling times, we are offering 50% off to employers with the code: STAY50

Save Time On Your Cyber Security Job Hunt

100% Focused on Cybersecurity & IT Security Jobs

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Threat Intelligence Jobs

Teradata

Information Security Analyst

San Diego, CA
SOC / Threat Intel
FULL-TIME
Nov 6
Premier

Considering COVID-19, we are still hiring but conducting virtual interviews to keep our candidates and employees safe. Many roles will be temporarily remote or work from home to comply with current safety regulations. These roles will be required to be in the office once it is safe or restrictions are lifted. Read more on our response here: Teradata Response to COVID-19 

With all the investments made in analytics, it’s time to stop buying into partial solutions that overpromise and underdeliver. It’s time to invest in answers. Only Teradata leverages all of the data, all of the time, so that customers can analyze anything, deploy anywhere, and deliver analytics that matter most to them. And we do it at scale, on-premises, in the Cloud, or anywhere in between.

We call this Pervasive Data Intelligence. It’s the answer to the complexity, cost, and inadequacy of today’s analytics. And it's the way Teradata transforms how businesses work and people live through the power of data throughout the world. Join us and help create the era of Pervasive Data Intelligence.

The Information Security Analyst will be tasked not only with identifying and responding to potential threats, but also proactively hunting and eliminating them. The ideal candidate will have highly technical skills and should possess an understanding across a broad range of security technologies and will take a proactive approach to network intrusions. You should have several years of experience working within a SOC environment and should have hands-on experience in creating and executing cyber hunting missions. The candidate must be a world-class problem-solver with the ability to handle challenges under pressure. This is a global role with responsibility for Teradata security technologies for all business units.

The ideal candidate will have experience and a proven track record of finding and responding to threats found from various tools DLP, SIEM. Security Analytics, Behavior Analysis etc. As a key member of the security team, flexibility and a broad knowledge of security processes, along with strong communication and collaboration skills, will result in a successful candidate.

Key Areas of Responsibility

Direct hands-on expertise in the following areas of information security

  • Threat intelligence/threat hunting
  • SIEM
  • Fireeye, Sourcefire, Snort, Suricata, Kibana
  • Security Analytics
  • Network Security, network access control, network monitoring tools
  • Vulnerability identification, anti-virus, malware detection/analysis
  • Programming Tools Java, Ruby, C/C++, PHP, Perl, Python
  • DLP, encryption, email security, HIDS/NIDS
  • Develop, maintain and report on security operation metrics
  • Participate in the review and analysis of internal projects and external requirements that may have an impact on security
  • Be aware of the IT security requirements for the business and implement measures to satisfy those requirements in the most efficient manner
  • Keep abreast of emerging security technologies and make appropriate recommendations regarding their implementation

Qualifications

  • BS degree in related field preferred. Equivalent experience/certification acceptable.
  • 3+ years of demonstrated experience in information security roles
  • 2+ years managing security technologies
  • Industry certifications such as CISSP, CCSP, CEH, PMP, GCIH, GSEC
  • Extensive Experience in
    • IT security industry trends and direction
    • Network and internet security
    • Emerging technologies
    • IT standards, procedures, policy
    • Information security management
    • Information security technologies

 

  • Excellent analytical, troubleshooting & interpersonal skills
  • Strong verbal and written communication skills
  • Self-motivated and able to work independently
  • Effective communication skills to translate technical risks and exposures to a business perspective - formal reports and/or presentations
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Palo Alto Networks

Intern – Information Security

Santa Clara, CA
SOC / Threat Intel
FULL-TIME
Nov 5
Premier

Our Mission

At Palo Alto Networks® everything starts and ends with our mission: 

Being the cybersecurity partner of choice, protecting our digital way of life. 

We have the vision of a world where each day is safer and more secure than the one before. These aren’t easy goals to accomplish – but we’re not here for easy. We’re here for better. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are. 

Your Career

You will join an Information Security (InfoSec) team that will give you the opportunity to make a global impact. One that protects our way of life in the digital age by preventing successful cyberattacks. A team looking for engineers who are passionate about technology, have an interest in cyber security, and also want to make a positive difference in the world that we live in. The projects our interns are assigned will give real hands-on experience working on securing Palo Alto Networks. The Information Security team’s mission is to protect the company's brand integrity, confidentiality, infrastructure, and assets from internal and external threats. They enable business outcomes everywhere while securing the user, product, infrastructure and data, built on a foundation of threat detection and response.

Our top Technical Internship roles we hire for are :

  • Security Architect

  • DevOps Engineer 

  • Security Operations Center (SOC) Engineer

  • Red Team Engineer

  • Risk & Compliance Analyst

  • Vulnerability Engineer 

Your Impact

  • Collaborate and execute alongside experienced engineers and security professionals.

  • Help us disrupt the cybersecurity industry using the latest and greatest technologies.

  • Write code that meaningfully improves our products and services

  • Learn about the cybersecurity industry from the world's leading security experts.

Your Experience

  • Completing a BS/MS/PhD degree in Computer Science, Computer Engineering or other related STEM field

  • Strong programming skills

  • An understanding of the fundamentals of Computer Science & Computer Security

  • Exemplify strong initiative and ability to work independently with limited direction

  • Ability to work cross functionally with other engineers, researchers and Product Managers

  • Excellent communications skills

The Team

Our Information Security team is at the core of our products and connected directly to the mission of preventing cyberattacks. We are constantly innovating — challenging the way we, and the industry, think about cybersecurity. Our engineers don’t shy away from building products to solve the problems no one has pursued before. 

We define the industry instead of waiting for directions. We need individuals who feel comfortable in ambiguity, excited by the prospect of a challenge, and empowered by the unknown risks facing our everyday lives that are only enabled by a secure digital environment. 

Intern Program

Our global internship program trains the next-generation of cybersecurity talent across a range of specializations, from threat intelligence to information security, engineering, sales, and marketing. The program also features a combination of challenging projects with tangible impact, engaging social events, and networking opportunities. Interns and recent graduates can learn about the network security industry from leading thinkers, grow their professional networks, and be part of a career-defining experience.

The summer internship program features a combination of challenging projects with real impact, engaging social events, and networking opportunities:

  • 12-week program

  • Peers of elite students

  • One-on-one mentoring by industry leaders

  • Exposure to and support from Palo Alto Networks executives

  • Events that pique your intellectual curiosity and inspire new ideas

  • Opportunities to expand your knowledge and work in a fast-paced environment

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
St. Joseph’s Health

Information Security Analyst

Paterson, NJ
SOC / Threat Intel
FULL-TIME
Nov 1
Premier

Overview

St. Joseph’s Health is recognized for the expertise and compassion of its highly skilled and responsive staff. The combined efforts of the organization’s outstanding physicians, superb nurses, and dedicated clinical and professional staff have made us one of the most highly respected healthcare organizations in the state, the largest employer in Passaic County, and one of the nation’s “100 Best Places to Work in Health Care”.

Job Overview
Responsible for assessing security threats and risks involving the security and integrity of data within the St. Joseph Healthcare System. Responsible for the monitoring and analyzing of logs and alerts from a variety of technologies including networks, servers, workstations, firewalls, Intrusion detection and prevention systems (IDS/IPS) virtual private networks (VPNs), encryption, data loss prevention (DLP), and antivirus systems. Responsible for the creation of comprehensive security write-ups which articulate security issues, analysis and remediation techniques, troubleshooting and resolution of security issues.

Qualifications

Work requires the knowledge of theories, principles, and concepts acquired through completion of a Bachelor's degree in Computer Information Systems, Computer Science, MIS, Engineering or closely related field. A minimum of five years experience with desktop, server and/or network administration in a mixed computing environment required.  Two years  of direct information security experience preferred.  CompTIA Network+ Certification, CompTIA Security+ Certification and Microsoft MCP Certification preferred.  Understanding of Information Security concepts and business acumen. Strong working knowledge of Windows Server, Desktop, Active Directory and Exchange.  Experience using  security vulnerability assessment tools and techniques.  Experience of using Malware Remediation Tools.  Solid understanding of operating systems and platforms (Windows, iOS, Unix, Linux).  Experience with Directory Services and LDAP.  Knowledge of network infrastructures including firewalls, VPN's, Intrusion Detection Systems, vulnerability assessment strategies, web application and device security.  Knowledge of the security requirements for HIPAA, HITECH, ISO 27001/27002 and SOX regulations.  Requires analytical skills with the ability to exercise sound judgment, attention to detail and problem resolution.  Must possess strong customer service, communication, organizational & interpersonal skills.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
RiskIQ

Cyber Threat Intelligence Analyst

Remote
SOC / Threat Intel
FULL-TIME
Nov 1
Premier

RiskIQ is the leader in attack surface management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk and take action to protect the business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners and MassMutual Ventures.

We are looking for a Senior Cyber Intelligence Analyst to join our i3 team. This position can be based at our office in Lenexa, KS or remotely. 

The Role
The Incident Investigations and Intelligence (i3) Program within RiskIQ is built to oversee managed services of the External Threats Product workspaces for clients and the Executive Guardian product workspaces for clients. Executive Guardian is designed to protect C-Suite and high net worth individuals from physical threats, exposures of Personally Identifiable Information (PII), and instances of social media account impersonation thereby safeguarding the individual, their reputation, family, and by extension, the company. External Threats protects clients from phishing attacks, domain infringement, mobile app impersonation, social & brand impersonation, and data leakage. The i3 Cyber Intelligence Analyst (SCIA) The i3 Cyber Threat Intelligence Analyst is a mid-level analytic role that will capitalize on an existing technical skillset to build and maintain complex technical logic to identify online threats to customers, manage client threat events, and take the appropriate action to suppress harmful content on the internet in order to protect our customers, their people, and their assets. i3 Cyber Threat Intelligence Analysts will also perform threat attribution research for the purposes of providing customers with finished and actionable intelligence products relevant to the safety and security of their assets and operations. The i3 Cyber Threat Intelligence Analyst is technically proficient, proactive, and is business-minded using both available open source and proprietary data sets to confidently support attribution of virtual threat actors with their actions.

Responsibilities

  • Configuration of technical details in the RiskIQ platform to identify sensitive data on the web for customers, including proprietary data and Personally Identifiable Information (PII)
  • Manage client workspaces to identify and mitigate threats such as phishing, domain infringement, brand infringement, social media impersonations, and mobile app fraudulent activity
  • Effectively conduct cyber investigations around events surfaced in the RiskIQ platform looking for relevant threat actor infrastructure, IOCs, and TTPS
  • Work with i3 colleagues and leadership to design solutions to improve collection within the External Threats and Executive Guardian platforms to improve the client experience
  • Respond to requests for customer support and escalate to Engineering as appropriate
  • Review and appropriately escalate detections based on the urgency of the discovered data/threat
  • Stand up Proofs-of-Concept (POC) workspaces and orchestrate effective and value-driven POCs for customers and prospective customers in support of sales opportunities
  • Monitor the RiskIQ platform and alert/support senior staff to conduct security/threat investigations into threat actors and their activities world-wide, using industry tools and proprietary information
  • Assist in the production of threat analysis for dissemination to consumers on the safety and security of customers, assets and operations, including impact assessment​ ​and mitigation recommendations
  • Identify opportunities to predict and prevent future security issues and/or incidents
  • Collaborate with client security teams digitally, via phone, or at times, in person to constantly improve analytic standards, workflows, and success metrics and develop/improve analytic products as appropriate
  • Collaborate with RiskIQ Legal and Engineering teams to ensure appropriate mitigation of identified risks
  • Work with sensitive and confidential information and maintain highest standards of data protection to ensure client confidentiality
  • Support the production of finished threat analysis for dissemination to consumers on the safety and security of customers, assets and operations, including impact assessment and mitigation recommendations
  • Effectively engage consultatively with customers to design workflows, provide training, and update and brief teams on performance, metrics, and workspace events/intelligence
  • Collaborate with senior i3 team members to constantly improve analytic standards,
  • workflows, and success metrics and develop/improve analytic products as appropriate

Requirements

  • Bachelor's degree required
  • Experience researching and collecting intelligence from within social media, deep web forums, and the dark web
  • Technical proficiency with open source intelligence (OSINT) research tools; familiarity with Regex, JavaScript, SQL, and Python a strong plus
  • Familiarity with Threat Models such as ​MITRE ATT&CK® ​, Diamond Model and Cyber Kill Chain®; Incident Response Investigations experience highly desired
  • Technical skill familiarization in network communications (TCP/IP, OSI Model), malware analysis(communication/installation/behavior) and computer network defense operations
  • Previous experience with anti-phishing and online fraud identification and remediation
  • Strong written and verbal communication skills
  • Ability to effectively interface with and lead communication with customers; previous cybersecurity consulting experience a strong plus
  • Experience managing multiple projects, and the ability to flex quickly as required evolving corporate priorities
  • Ability to work independently and with minimal supervision
  • Basic understanding of investigative analysis, and communicating findings to consumers
  • Approximately 10-25% global travel required
  • Ability to obtain a US Top Secret security clearance
 
 

Why work at RiskIQ?

  • Fascinating work - Welcome to the dark underbelly of the Internet. RiskIQ’s ability to help organizations map and monitor their attack surface, detect internet-scale threats, and investigate adversaries led to skyrocketing adoption by security teams around the world. It is the golden age of internet crime, and we are at the forefront of defensive efforts to stem the tide. Internet security is a global growth industry, and the knowledge you acquire here will be a marketable skill for decades to come.
  • We’re a company on the forefront of a burgeoning industry - RiskIQ experienced explosive growth in 2018, including a 362.5 percent increase in net new product sales due to the steady adoption of attack surface management across the world. We also experienced a 365 percent increase in registration for RiskIQ community, our freemium entry-level product, showing the increasing role of security outside the firewall to the growth of businesses.
  • Top Leadership - Our CEO is a renowned cybersecurity veteran known for his expertise. Our leadership group is poised and experienced with a track record in technology and cybersecurity.
  • Unbounded opportunity - We’re growing! At RiskIQ, you’ll be provided with as much responsibility as you can handle—new career development opportunities constantly arise given our rate of growth.
  • Flexibility - You’ll have a large workload, but also the freedom to accomplish it on your own terms.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Dominion Energy

Associate Cyber Security Analyst

Richmond, VA
SOC / Threat Intel
FULL-TIME
Oct 31
Premier

At Dominion Energy we love our jobs.  That’s right.  Love.  Every day we go to work filled with passion to be excellent, to creatively problem solve and to innovate.  These are exciting days for energy companies, and Dominion Energy aims to shape the future of energy in America. We are looking at all of our work with fresh eyes, retooling everything we do, in every part of the company, to operate more sustainably and to deliver energy more reliably than ever.  We are looking for interesting, independent thinkers and doers who can help shape the culture of a forward-looking company that’s proud of its rich legacy. Are you a change agent?  Do you think differently?  Do you want to fall in love with your job? If you answered “yes,” then read on!

At this time, Dominion Energy cannot transfer nor sponsor a work visa for this position.

This position does not offer relocation assistance. 

Job Summary

Do you have what it takes?


This is not your typical cyber role. A cyber war is underway in the world today, with hostile nations seeking to disrupt and destroy critical infrastructure in the United States, all day, and every day. If you want to be on the front lines up against the best cyber criminals and nation state attackers in the world and prove you are better, then this is the place to be.

For our employees, this is a mission, not a job. We educate the company about cyber threats. We establish the standards for cyber security. We perform assessments to ensure proper protections are in place. We manage vulnerabilities and guide the development of defenses. It takes a high degree of skill and a commitment to that mission to be successful. Do you have what it takes? 


If this description sounds like you, let’s talk!
 

This posting is for two positions that will be filled at the level commensurate with the successful candidates’ education, experience, knowledge, skills and abilities.


Associate Cyber Security Analyst


This entry level cyber security position, under close supervision, performs cyber security and cyber risk work, working closely with the Cyber Security Operations Center (CSOC) and other groups focused on the monitoring, analysis, and investigation of cyber security threats and events, both internal and external, that could potentially impact the security posture of the organization. Facilitates client requests to ensure critical business tasks continue uninterrupted. Performs assessments of cyber security risk and vulnerabilities, maintains security policies, and helps facilitate cyber security awareness throughout the organization. Provides updates and detailed information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. May work with other staff to assess the cyber security risk on the organization's network systems, applications, and solutions based upon user requests and business needs. Applies a basic understanding of IT technologies and develops an evolving knowledge of mitigation options and risk frameworks to assess the current threat landscape and improve security. 
 

Cyber Security Analyst
 

Under broad supervision, this intermediate role performs cyber security and cyber risk work, working closely with the Cyber Security Operations Center (CSOC) and other groups focused on the monitoring, analysis, and investigation of cyber security threats and events, both internal and external, that could potentially impact the security posture of the organization. Coordinates organization cyber security response activities, and maintains situational awareness of the security posture of the enterprise. Performs assessment of cyber security risk and vulnerability analysis, creates and maintains security policies, and facilitates cyber security awareness throughout the organization. Provides updates and detailed information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Evaluates the cyber security risk on the organization's network systems, applications, and solutions based upon user requests and business needs. Applies considerable understanding of IT technologies, evaluation of cyber security risks and attack vectors, and develops an evolving knowledge of mitigation options and risk frameworks to assess the current threat landscape and improve security. Consults with subject matter experts and business representatives, as needed, to provide input on cyber security decisions, the establishment of cyber security policies, and to foster security awareness. 

Required Knowledge, Skills, Abilities & Experience


Associate Cyber Security Analyst

Must possess 0-2 years of work experience in cyber security, or a cyber risk related role demonstrating a basic understanding regarding the identification, gathering and analysis of information, threats, etc. to investigate and mitigate security risks.

Demonstrates a general understanding of cyber security and or data system protection principles and practices. A basic understand of industrial cyber security standards and risk are desired. Demonstrated good organization and planning skills. Demonstrates a questioning attitude, with basic analytical and investigative skills. Demonstrates verbal and written communication skills, with the ability to interact effectively with others. A willingness to learn new skills and methodologies, conduct research, and learn to maintain hardware, software and network firewalls and encryption. Ability to work cooperatively in a teamed environment. Highly motivated, with the ability to work effectively under basic supervision in a fast-paced environment. Previous work experience or exposure to the security aspects governing software, communications, and network protocols is a plus.

Cyber Security Analyst

Three to five years of work experience in cyber security, or a cyber risk related role demonstrating a general knowledge in the identification, gathering and analysis of information, threats, etc. to investigate and mitigate security risks.  (Note:  A Master's degree will count as one year of experience.  A partial year of six months or more will be rounded up to one year)

Demonstrates a working knowledge of cyber security best practices and frameworks. Possesses a solid understanding of industrial cyber security standards, frameworks and risk assess modeling. Demonstrated good organization and planning skills, to include time and project management skills. Demonstrates good analytical, troubleshooting, and problem solving skills, and has a questioning attitude. Demonstrates verbal and written communication skills, with the proven ability to present information to others. Ability to conduct research and apply, and under broad supervision, maintain hardware, software and network firewalls and encryption. Ability to work cooperatively in a teamed environment. Highly motivated, with the ability to work effectively under minimal supervision in a fastpaced environment. Previous work experience in security aspects of multiple platforms, operating systems, software, communications, and network protocols is desired.

Note:  This position requires in office work.  You must be willing to report to Dominion Energy's corporate headquarters in Richmond, Virginia.
 

The company is actively seeking United States military veterans and service members who meet the qualifications outlined below.

  • Military service members and veterans with ranks from E3-E5, W1-W2, or O1-O3, plus appropriate equivalent combination of education and years of experience as outlined above.
Education Requirements

Bachelor Degree or will obtain a Bachelor's degree by December 2020.  Equivalent combination of education and demonstrated related experience may be accepted in lieu of preferred level of education

Preferred Disciplines:  IT Cyber Security or related specialization/track highly desirable

 

Other Preferred Disciplines: Information Systems, Computer Science, Computer Engineering
 

Other disciplines may be substituted for the preferred discipline(s) listed above.

Licenses, Certifications, or Quals Description
 
Working Conditions
Office Work Environment 76 -100%
Travel Up to 25%
Other Working Conditions
 
Test Description

No Testing Required

 

Export Control


Certain positions at Dominion Energy may involve access to information and technology subject to export controls under U.S. law.  Compliance with these export controls may result in Dominion Energy limiting its consideration of certain applicants.

 

Other Information


We offer excellent plans and programs for employees. Employees are rewarded with a competitive salary and comprehensive benefits package which may include: health benefits with coverage for families and domestic partners, vacation, retirement plans, paid holidays, tuition reimbursement, and much more.   To learn more about our benefits, click here dombenefits.com.

Dominion Energy is an equal opportunity employer and is committed to a diverse workforce. Qualified applicants will receive consideration for employment without regard to their protected veteran or disabled status.  

You can experience the excitement of our company – it's the difference between taking a job and starting a career.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
FireEye

Associate Security Consultant - Entry Level

New York, NY
SOC / Threat Intel
FULL-TIME
Oct 23
Premier

 

 

Associate Security Consultant - Entry Level 2021

Company Description

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 9,000 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.

Job Description

Do you love the challenge of figuring out solutions to intricate technology puzzles? 

Do you like to help others solve their network and information security issues? 

If you answered YES, then consider a career at Mandiant as an Associate Consultant! 

We have the expertise and experience in information security. This is our focus.

You’re not just a number and you won’t get lost in the shuffle. 

You will be working on challenging technical projects that make an impact. You’ll be visible.

You’ll be exposed to many different environments and technologies.

You’ll learn from our best incident responders and red teamers.

We investigate breaches that make headlines (and many more that don’t), as well as break into applications and systems to identify security gaps for our clients.  We find evil and solve crime, and are seeking candidates who possess the ability to think like an attacker and stay one step ahead of the game. 

Find your niche among the cool projects you'll be involved with, such as:

  • Incident Response
  • Host and network forensics
  • Network traffic analysis
  • Malware analysis and reverse engineering
  • Penetration testing and Red Team
  • Network, web and mobile application security assessments
  • Source code reviews
  • And more...

Responsibilities:

  • Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations
  • Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
  • Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments and social engineering assessment
  • Build internal scripts, tools and methodologies to enhance our capabilities
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Work with security and IT operations at clients to implement remediation plans

Qualifications

Requirements:

  • Technical skills in at least two of the following areas: 
    • Strong knowledge of Windows OS and networking protocols
    • Basic knowledge of tools used for forensic collection and analysis
    • Knowledge of application testing and network security concepts
    • Experience with programming/scripting languages such as Python
  • A technical security-related internship or other professional experience
  • Must be able to travel 20-30%
  • Must be eligible to work in the US without sponsorship

Additional Qualifications:

  • Strong technical acumen and ability to quickly assimilate new information
  • Ability to successfully interface with clients (internal and external) and manage expectations of others
  • Ability to document and explain technical details in a concise, understandable manner

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. Requests for accommodation due to disability can be sent directly to HR-Accommodations@FireEye.com.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Blackbaud

Red Team Security Engineer

New York, NY
SOC / Threat Intel
FULL-TIME
Oct 23
Premier

The NYC Red Team Security Engineer reports to the Senior Manager of Information Security and is responsible for testing and validating all facets of information security controls including networks, servers and web applications. The Red Team Security Engineer carries out attacks and perform security assessments to uncover vulnerable areas of systems and applications and to test defensive security measures using common as well as unique methods and practices.

What You’ll Do

  • Participate in Red/Blue Team exercises on a periodic basis so that management can assess effectiveness of security controls.
  • Conduct penetration testing for the red team which includes network, system, application, mobile, traditional web and wireless penetration testing.
  • Writing exploit code for local testing.
  • Perform thorough penetration testing that includes the identification, reporting, and recommendations for security vulnerabilities while adhering to management driven scope and deadlines.
  • Identify, prove, and report vulnerabilities that cannot be identified by scanners or tools
  • Develop, extend, or modify exploits, shellcode or exploit tools.
  • Develop applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE).
  • Reverse engineering malware, data obfuscators, or ciphers.
  • Source code review for control flow and security flaws.
  • Develop attack vectors, conduct reconnaissance, collect Open-source intelligence, enumeration, and foot printing of target networks and services, and develop exploit payloads and system backdoors.
  • Simulate malicious tactics of a motivated adversary with the intent of achieving a specific goal or access.
  • Develop on-going Technology Risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
  • Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise.
  • Obtain threat intelligence from white hat sources and stay up to date on the latest exploits and security trends
  • Advise Incident Response on defensive and monitoring process design.
  • Deliver clear and coherent written reporting and remediation guidance.

What We’ll Want You To Have

  • College degree in Computer Information Systems, Computer Science, Information Systems Management, or equivalent professional experience.
  • 5+ years (in excess of degree requirements stated above) of experience with technical Cyber Security and 3+ years with Red Team or penetration testing experience.
  • Demonstrates broad subject matter expertise of web, network, and system security.
  • Certification in highly technical information security disciplines such as: CISM, CISSP, CCSP, CCNP, CCDE, CCIE Security, GIAC, CEH, GPEN, GWAPT, GXPN or OSCP certification(s)
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
See More Threat Intelligence Jobs
Governance Risk & Compliance Jobs
Optiv

Cyber Security Compliance Analyst

Denver, CO
Risk & Compliance
FULL-TIME
Nov 6
Premier

Company Description

At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest growing companies in a truly essential industry.

In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients, and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.

Job Description

Optiv is the leading security solutions integrator creating confidence for a more connected world. Optiv’s corporate security team is tasked with protecting company resources and client data in a dynamic industry with expanding threats. To meet the challenging needs of Optiv’s growing business, the corporate security team is expanding their information security governance and compliance program. The security compliance analyst will report directly to the Director of Governance and Compliance. This position is responsible for assisting with the collection and analysis of key performance metrics, conducting internal audits and assessments, assisting with third-party assessments and internal risk management reviews to help ensure the confidentiality, integrity, and availability of Optiv data and systems.  The security compliance analyst must possess strong analytical skills, research capabilities, and an attention to detail to ensure Optiv can efficiently and effectively handle its compliance requirements. This position is highly business-facing, with frequent collaboration and interaction with all Optiv business units.

PRIMARY DUTIES AND RESPONSIBILITIES

  • Participate in all phases of internal and external assessments and audits.
  • Respond to client third-party assessment requests to facilitate business transactions and maintain strategic business relationships.
  • Positively interact with multiple internal Optiv business units to develop standardized assessment responses for external clients.
  • Perform compliance assessments to determine if business systems are aligned with regulatory requirements, industry standards, best practices and all corporate information security policy, procedures, and standards.
  • Actively review, test, analyze and report on the effectiveness and state of all required controls.
  • Monitor and report on the status of compliance activities and remediation efforts escalating potentially risky situations as needed.
  • Provide recommendations to improve the effectiveness and efficiency of our risk-based audit program to ensure that it is repeatable, sustainable and cost effective.
  • Establish ongoing relationships with business managers and key functional stakeholders.
  • Stay informed of new compliance regulations, assist in the assessment of the impact to the organization, and collaborate to ensure compliance.
  • Share experience, knowledge, and ideas with management and co-workers to maintain a kind and respectful team-based environment.
  • Promote a corporate culture that is committed to Governance, Risk, and Compliance and information security best practices.

SUPERVISORY RESPONSIBILITIES

Will not have direct reports

Qualifications

Education and Experience

  • An undergraduate degree preferably in IT or STEM discipline.
  • Proficient working with a variety of technology platforms (Microsoft, Apple) and common business applications such as MS Office, Teams, Zoom and so forth.
  • Excellent interpersonal, verbal and written communication, presentation, and problem-solving skills.
  • Passionate about security, client satisfaction and process improvement.
  • Ability to balance being flexible and collaborative with following the rules.
  • Able to work with minimal supervision, take initiative and follow through on assignments.
  • Capable of working multiple tasks of varying priorities while maintaining tight deadlines.

Desired Qualifications:

  • A cybersecurity degree or graduate degree.
  • An additional 1-3 years of related work experience.
  • Any cybersecurity related certification such as A+, CISSP, CISA, SANS-GSEC or so forth.
  • Good understanding of security governance, compliance, and risk management principles.
  • Possesses and demonstrates a strong understanding of controls assessment techniques.
  • Solid business acumen and judgment to evaluate issues/problems of high complexity.
  • Able to function independently and perform routine task such as:
    • Facilitate meetings, organize conference calls, deliver presentations and so forth
  • Familiarity with common standards, frameworks and regulations such as:
    • NIST, ISO, COBIT, SIG, CCM, SOC-2, FAIR, HITRUST, PCI, GDPR.
  • Ability to travel (minimal travel anticipated).

#LI-CP1

Additional Information

Why you'll love it here:

If you are seeking a culture that supports growth, fosters success and moves the industry forward, find your place at Optiv! As a market-leading provider of cyber security solutions, Optiv has the most comprehensive ecosystem of security products and partners to deliver unparalleled services. Our rich and successful history with our clients is based on trust, serving more than 12,000 clients of varying sizes and industries, including commercial, government and education. We have the proven expertise to plan, build, and run successful security programs across Risk Management, Cyber Digital Transformation, Threat Management, Security Operations ? Managed Services and Identity and Data Management. Optiv remains committed to championing Diversity, Equality and Inclusion within our organization and throughout the industry.

With Optiv you can expect:

• Work/life balance. We offer "Recharge", a flexible, time-off program that encourages eligible employees to take the time they need to recharge

• Professional training resources, including tuition reimbursement

• Creative problem-solving and the ability to tackle unique, complex projects

• Volunteer Opportunities. "Optiv Chips In" encourages employees to volunteer and engage with their teams and communities.

• The ability and technology necessary to productively work remote/from home (where applicable).

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
JPMorgan Chase

Cyber Risk Associate

Plano, TX
Risk & Compliance
FULL-TIME
Nov 2
Premier

Technology & Cybersecurity Operational Risk Management – Cybersecurity Engineer - Associate

 

The Cybersecurity Engineer within Operational Risk Management is responsible for the identification, monitoring, testing, and governance of cybersecurity processes and controls risks inherent in JPMorgan Chase technology environment. This position will be highly engaged with the firm-wide Cybersecurity team who provides high quality security solutions to detect and monitor for threats and vulnerabilities and manage security incidents to keep ahead of threats. 

 

We are looking for a multi-disciplined forward-looking technologist with diverse backgrounds and experiences including in areas such as cybersecurity, big data,  compliance and oversight, cloud security, cryptography, rights management, networking technologies (e.g Cisco, Bluecoat, Juniper), and data security architectures. Knowledge of emerging technical trends and cyber threats will be required.

 

The successful candidate will use experience and leadership skills to give guidance and best practice advice across the Cybersecurity discipline.  He/she will lead significant event reviews, risk assessments, and perform monitoring of cybersecurity controls. Written and verbal communication of results of risk assessments will be provided by the Cybersecurity Engineer to management, executive directors, managing directors and stakeholders.  The role requires a strong self-starter who can understand program objectives, understand mitigating cybersecurity controls using a logical to independently assess the control environment.  

 

Key responsibilities include:

·         Perform deep inspection of specific technologies in targeted processes or firm-wide evaluation.

·         Keep abreast of current cyber trends, vulnerabilities, and emerging technologies.

·         Engage with cyber teams to gain full understanding of cybersecurity and control environment.

·         Perform significant event reviews.

·         Independently assess technology risk management and controls across the bank 

·         Understand third party risks as related to specific technology area of expertise.

·         Risk assessment of the impact of threats and vulnerabilities on JPMC technology portfolio. 

·         Coordination and key participation in the development of the evolving risk position of new technology.  For each of the technology areas in focus, this person will be charged with escalating and tracking the individual risk items. 

·         Work with appropriate technology areas to identify potentially elevated risk concentrations globally and perform assessments of the corresponding inherent risks and mitigating controls. Recommend any adjustments required to meet JPMC policy, regulatory requirements, and industry best practices. 

·         Develop and perform ongoing analysis of Operational Risk loss, near miss and external events to inform RCSA results, technology assessments and scenario analysis.  Investigate Operational Risk events meeting selection criteria; assist LOB OROs in determining the appropriate consideration of technology risk management and risk events.

·         Participate in key portfolio governance forums.

·         Provide feedback and coordination with the application risk assessment process.

·         Identify risk measures and thresholds for monitoring key risk cybersecurity controls.

·         BS/BA degree in computer science or equivalent experience.

·         2+ years or more proven experience in technology development, engineering or technical architecture with financial services experience

·         Working knowledge and interest of current and emerging technologies

·         Knowledge of Cybersecurity organization practices, operations, risk management processes, principles, architectural requirements, engineering and threats and vulnerabilities, including incident response methodologies

·         Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals

·         Demonstrated verbal and written communication skills and excellent analytical skills

·         Ability to understand complex technical systems and the business processes they support and synthesize the corresponding risks and controls and recommend adjustments if required.

·         Track record of collaboration and relationship building

·         Proven ability to anticipate and identify risks and effective mitigants

·         Excellent analytical and problem-solving skills, inquisitive nature and comfort challenging current practices

·         Proven track record of taking ideas forward without supervision and challenging others, where appropriate

·         Adept at developing relationships with senior business executives with a reputation for partnering across organization lines to mitigate risks

·         Highly disciplined, able to work with limited supervision and make independent decisions

·         Strong organizational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results

·         High level of professionalism, self-motivation, and sense of urgency

About Us

JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.

Equal Opportunity Employer/Disability/Veterans

About the Team

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.
 
Risk Management helps the firm understand, manage and anticipate risks in a constantly changing environment. The work covers areas such as evaluating country-specific risk, understanding regulatory changes and determining credit worthiness. Risk Management provides independent oversight and maintains an effective control environment.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
FireEye

Compliance Analyst Intern

Richmond, VA
Risk & Compliance
INTERN
Oct 31
Premier

Company Description

FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,500 customers across 67 countries, including more than 50 percent of the Forbes Global 2000.

Job Description

Compliance Analyst Intern - Summer 2021

The Governance and Compliance team is a critical part of the larger FireEye Security team. The team is responsible for performance of internal audits and assessments, external audit coordination, policy management, business continuity management and third-party management.

As a Compliance Analyst on the Governance and Compliance team, you will use your acumen, customer service skills, and cybersecurity knowledge to assess the internal control environments within FireEye and participate in vendor management due diligence activities. You will work with a great team of professionals who will provide you the guidance and support you will need to be successful in our shared goal of supporting our internal and external customers to meet today’s complex regulatory and security requirements.

What You Will Do:

·       Interact with our internal customers, internal and external auditors to identify, scope, and evaluate the effectiveness of internal controls

·       Conduct vendor risk assessments

·       Assist with business continuity and disaster recovery documentation and associated testing exercises

·       Be responsible for documenting and tracking your work within internal web-based tools

·       Develop a deep understanding of FireEye products and services

·       Exemplify industry-leading customer support skills and deliver positive customer experience

Qualifications

Requirements:

·       Bachelor’s degree in a technical field or working toward such degree, with at least 3 years of completed post-secondary education

·       Experience with cyber security tools, technology and best practices

·       Experience working in customer facing environment

·       Experience fielding questions and requests from customers, and providing timely and comprehensive responses

 

Additional Qualifications:

·       Demonstrated aptitude and desire to learn new technologies and services

·       Ability to ramp up quickly in learning the portfolio of FireEye services and products

·       Problem solver with keen attention to detail

·       Excellent written and verbal communication skills

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. Requests for accommodation due to disability can be sent directly to HR-Accommodations@FireEye.com.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Boeing

Cyber Security Specialist

Los Angeles, CA
Risk & Compliance
FULL-TIME
Sep 28
Premier

Job Description

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.

Boeing Security is seeking a detail-oriented and self-motivated Mid-Level Cyber Security Specialist to support Department of Defense (DoD) and Special Access Program (SAP) activities. This position will be located in El Segundo, CA, Seal Beach, CA, or Huntington Beach, CA.

Position Responsibilities

  • Contributes to the development and deployment of program information security for assigned systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures.
  • Implements Assessment and Authorization (A&A) processes under the Risk Management Framework (RMF), as well as product development and product maintenance for assigned systems.
  • Performs security compliance continuous monitoring (CONMON).
  • Participates in security assessments and audits.

Additional Responsibilities

  • Prepares and presents technical reports and briefings.
  • Contributes to the identification of root causes, the prioritization of threats, and recommends/ implements corrective action.
  • Provides mentoring and technical leadership within the information security program team.
  • Explores the enterprise and industry for the evolving state of industry knowledge and methods regarding information security best practices.
  • Supports development of enterprise-wide information security policies, standards, guidelines and procedures that may reach across multiple stakeholder organizations.

This position requires an active Secret U.S. Security Clearance. (A U.S. Security Clearance that has been active in the past 24 months is considered active.)

Basic Qualifications (Required Skills/Experience):

  • Current IAM Level 1 DoD 8140.01 (previously 8570.01) compliant certification or higher (i.e. CAP, GSLC, Security+ CE, CISSP, CASP, CISM, GSLC)
  • 1+ years of experience in utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS

Preferred Qualifications (Desired Skills/Experience):

  • Experience working within the National Industrial Security Procedures and Operations Manual (NISPOM)
  • Experience in policies and implementation of Risk Management Framework (RMF)

Typical Education & Experience:

Education/experience typically acquired through advanced technical education (e.g. Bachelor) and typically 5 or more years' related work experience or an equivalent combination of technical education and experience (e.g. Masters with 3 years' related work experience, PhD with 1+ years' related work experience, etc.).

Relocation:

This position does not offer relocation.  Candidates must live in the immediate area or relocate at their own expense.

Employee Referral:

Referral to this job is eligible for bonus.

Drug Free Workplace:

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.


Experience Level
Individual Contributor
Contingent Upon Program Award
No, this position is not contingent upon program award

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Church Mutual Insurance

Cybersecurity Intern

Merrill, WI
Risk & Compliance
INTERN
Aug 30
Premier

Overview

Church Mutual's Internship Program runs the day after Memorial Day through mid August, when students return to school. During the 12 week internship, the Cybersecurity Intern will have the opportunity to work on important assignments, gain insight into the business of Cybersecurity, and use your academic knowledge and match your interests to a job.  As an Cybersecurity intern at Church Mutual, you will work alongside our trained professionals, learning and applying valuable skills. 

 

Responsibilities

The typical Intern is an undergraduate who will handle projects normally performed by an entry-level, professional employee.  Assignments can include: identity governance, security risk analysis and assessment, network boundary defense and intrusion detection, security awareness campaigns, vulnerability assessment, process management, and security incident handling.  As an intern, you will have the opportunity to network with senior leaders and participate in a variety of training and development activities.  Interns are valued members of our team and will make immediate and lasting contributions to our company’s success

Qualifications

  • Working towards a Bachelor's Degree in Computer Science, Computer Engineering, Computer Information Systems, Management Information Systems, Information Technology, Mathematics, or other related technical programs
  • Strong technical, analytical, communication, and organizational skills
  • At least one course in, or equivalent knowledge of, the Java programming language
  • Minimum 3.0 cumulative GPA
  • Preferred candidates will be entering Junior or Senior year status in Fall of 2021
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
FireEye

Compliance Analyst Intern

Reston, VA
Risk & Compliance
INTERN
Aug 29
Premier

Company Description

FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,500 customers across 67 countries, including more than 50 percent of the Forbes Global 2000.

Job Description

The Governance and Compliance team is a critical part of the larger FireEye Security team. The team is responsible for performance of internal audits and assessments, external audit coordination, policy management, business continuity management and third-party management.

As a Compliance Analyst on the Governance and Compliance team, you will use your acumen, customer service skills, and cybersecurity knowledge to assess the internal control environments within FireEye and participate in vendor management due diligence activities. You will work with a great team of professionals who will provide you the guidance and support you will need to be successful in our shared goal of supporting our internal and external customers to meet today’s complex regulatory and security requirements.

What You Will Do:

·       Interact with our internal customers, internal and external auditors to identify, scope, and evaluate the effectiveness of internal controls

·       Conduct vendor risk assessments

·       Assist with business continuity and disaster recovery documentation and associated testing exercises

·       Be responsible for documenting and tracking your work within internal web-based tools

·       Develop a deep understanding of FireEye products and services

·       Exemplify industry-leading customer support skills and deliver positive customer experience

Qualifications

Requirements:

·       Bachelor’s degree in a technical field or working toward such degree, with at least 3 years of completed post-secondary education

·       Experience with cyber security tools, technology and best practices

·       Experience working in customer facing environment

·       Experience fielding questions and requests from customers, and providing timely and comprehensive responses

 

Additional Qualifications:

·       Demonstrated aptitude and desire to learn new technologies and services

·       Ability to ramp up quickly in learning the portfolio of FireEye services and products

·       Problem solver with keen attention to detail

·       Excellent written and verbal communication skills

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Grant Thornton

IT Audit Associate

New York, NY
Risk & Compliance
FULL-TIME
Aug 23
Premier

Description

IT Audit Associate - NYC

Grant Thornton LLP (Grant Thornton) is the U.S. member firm of Grant Thornton International Ltd, one of the world’s leading organizations of independent audit, tax and advisory firms. We’ve never been a typical professional services firm. We put people first, and that is what sets us apart.

As one of the fastest-growing professional services firms in the world, Grant Thornton LLP is continuously seeking top talent. Discover a place where you’ll work with a team of professionals dedicated to providing bold leadership and distinctive client service. Spend each day engaged in meaningful and challenging work. Be supported in your professional growth and recognized for your contributions.


Position Summary

An IT Assurance Associate is responsible for delivering a full range of IT audit services to our clients. Responsibilities include testing and assessment of information systems control review engagements in support of financial statement audits.

Qualifications

 Essential Duties and Responsibilities

  • Evaluate and test IT controls and identify areas of risk.
  • Apply current knowledge of IT trends and systems processes to identify security and risk management issues, as well as other opportunities for overall process improvement.
  • Maintain professionalism and rapport with the client. Proactively interact with key client management to manage expectations, help ensure client satisfaction, meet client deadlines, and resolve any problems.
  • Gain a comprehensive understanding of assigned client operations, processes and business objectives, and then utilize that knowledge on assigned engagements.
  • Participate in recruiting efforts as needed.
  • Meet or exceed IT Assurance metrics (e.g. – billable hours, CPE, time delinquencies, etc…)
  • Participate in other business development activities as appropriate
  • Other duties as assigned.

Experience Requirements

  • Bachelor's degree in Accounting, Finance, Information Technology, MIS or related field. A Master’s degree is a plus.
  • Desire to pursue CPA, CISA, CISSP, CIA or CISM license/certification.
  • Some related work experience in public accounting or equivalent delivering controls based services, auditing Information Technology General Controls (ITGC’s.) in support of financial statement audits to cross-industry clients and technologies. An understanding of generally accepted practices for testing Key Reports, and Application Controls a plus.
  • Information Security experience or information security training is required.
  • Exceptional client service and communication skills.
  • Strong technical aptitude and problem solving skills
  • Excellent analytical, communication (written and verbal) and interpersonal skills.
  • Effective project and time management skills for handling multiple priorities and simultaneous projects
  • Enthusiasm to learn through a combination of structured, on-the-job and self-directed training
  • Ability to work efficiently and effectively in a complex team environment
  • Strong computer skills including proficiency in Microsoft Office suite applications.
  • Ability to work additional hours and/or travel as needed.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
See More Governance Risk & Compliance Jobs

Network Security Jobs

TD Bank

Network Security Specialist

Mount Laurel, NJ
Network Security
FULL-TIME
Nov 6
Premier

TD Description

About TD Bank, America's Most Convenient Bank

TD Bank, America's Most Convenient Bank, is one of the 10 largest banks in the U.S., providing more than 8 million customers with a full range of retail, small business and commercial banking products and services at approximately 1,300 convenient locations throughout the Northeast, Mid-Atlantic, Metro D.C., the Carolinas and Florida. In addition, TD Bank and its subsidiaries offer customized private banking and wealth management services through TD Wealth®, and vehicle financing and dealer commercial services through TD Auto Finance. TD Bank is headquartered in Cherry Hill, N.J. To learn more, visit www.tdbank.com. Find TD Bank on Facebook at www.facebook.com/TDBank and on Twitter at www.twitter.com/TDBank_US.

TD Bank, America's Most Convenient Bank, is a member of TD Bank Group and a subsidiary of The Toronto-Dominion Bank of Toronto, Canada, a top 10 financial services company in North America. The Toronto-Dominion Bank trades on the New York and Toronto stock exchanges under the ticker symbol "TD". To learn more, visit www.td.com.

 

Department Overview

 

Building a World-Class Technology Team at TD

We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open

 

Job Description

PLEASE REFER TO THE QUALIFICATIONS SECTION FOR SPECIFIC ROLE REQUIREMENTS

About This Role

We are looking for someone to develop and implement Technology Controls and Information Security related policies, programs and tools. You will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect TD. You may also participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.

Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here are the essential job functions of this position:

  • Guide partners on a broad range of specific Technology Controls and Information Security programs, policies, standards and incidents.
  • Conduct risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas.
  • Lead or contribute to the completion of risk and control design assessments for an assigned business application, business portfolio, and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy.
  • Contribute to the definition, development, and oversight of a global security management strategy and framework.
  • Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against TDBG’s business.
  • Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
  • Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
  • Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
  • Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
  • Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise .
Other duties as assigned • Driving Requirements: • Travel Requirements:

 

Job Requirements

PLEASE REFER TO THE QUALIFICATIONS SECTION FOR SPECIFIC ROLE REQUIREMENTS

What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. Here are the minimum requirements for this position:

  • University Degree.
  • Information Security Certification / Accreditation an asset.
  • 7+ years of relevant experience.
  • Expert knowledge of IT security and risk disciplines and practices.
  • Advanced knowledge of of organization, technology controls, security and risk issues.
  • Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
  • Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors.
  • Must be eligible for employment under regulatory standards applicable to the position.

 

Qualifications

Preferred Qualifications - Here are the preferred qualifications for this role:

• Define, develop, implement, manage and govern standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency and effectiveness
• Provide subject matter expertise over network security risk assessment, secure network design and risk/threat/vulnerability management capabilities and functions across People, Process and Technology
• Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities
• Review and analyze large, complex, and comprehensive private and public cloud projects to assess network security risk, ensure compliance with standards, and suggest changes
• Conduct detailed assessments to prioritize program remediation or improvement for various network related technologies
• Build and maintain appropriate relationships with internal and external parties to ensure awareness and understanding of potential or impending threats, and measures to counter these threats
• Contribute to the review of internal processes & activities and assist in identifying potential opportunities for improvement
• Identify and recommend opportunities to enhance productivity, effectiveness and operational efficiency
• Assess / identify key issues and escalate to appropriate levels and relevant stakeholders where required
• Able to work well with others, and in particular be able to influence and change behaviors and build consensus
• Participate in the investigation of Information Security Incidents and development of remediation/prevention mechanisms
• Work with project teams to understand and accommodate application architecture and the applications specific requirements for private and public cloud networking
• Work with security team to understand and accommodate network security requirements for application
• Establish requirements and drive implementation of network security governance and reporting for private and public cloud environments.

Job Requirements :
• 5 to 7 years of experience in an information technology role focused on network infrastructure security preferably within the financial services industry or a consulting company
• Strong technical knowledge and understanding of various software-defined and physical network platforms including, firewalls, IDS/IPS, routers, switches, WAN technologies, MPLS, load balancing and wireless Networks
• Experience and understanding of public cloud networking and network security controls, particularly on Azure
• Experience defining network security standards and processes such as firewall rules request/approval process, B2B communication standards, logging and monitoring standards, device hardening standards for large organizations preferably in the financial services industry
• Resourceful and able to work independently with minimum supervision under the direction of the Senior Manager – Network Security
• Information Security certification or accreditation would be an asset
• Strong research, analytical and problem-solving abilities
• Effective written and verbal communication skills
• Have experience with micro segmentation and network automation in a hybrid public and private cloud environment
• Knowledgeable of cloud and hybrid-cloud implementations including IaaS, PaaS and SaaS

Education:
• University degree in Information Technology, Computer Science, Computer Engineering or equivalent work experience
• Certifications: CISSP, CCSP, Microsoft MCSE Azure – 400 or 500

 

 

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Lowe's

Network Security Engineer

Mooresville, NC
Network Security
FULL-TIME
Nov 1
Premier

Job Summary:
The primary purpose of this role is to support the design, implementation and ongoing operations of information security tools and services. This includes translating business and technical requirements into robust enterprise security software solutions that ensure information assets are adequately protected with acceptable levels of control. This also includes monitoring, testing, and evaluating security assessments of systems and taking steps to help design and implement remediation solutions.
 
 
To be successful, the individual in this role must have knowledge of security practices and tools related to identity and access management along with enterprise digital certificate management systems. This role helps establish and maintain programs that enable the business to operate efficiently and remain in compliance with regulatory and industry best practices.
 
 
Key Responsibilities:
• Supports the implementation and maintenance of assigned information security solutions to ensure successful deployment and operation; develops and documents detailed standards (e.g., guidelines, processes, procedures)
• Assists the Information Security team in monitoring security systems, reviewing logs, and managing information security systems
• Participates in regular security vulnerability assessments
• Performs internal and external penetration validation testing to ensure that computer systems are up to date relative to all operating systems, patches, and virus protection software
• Collaborates with other technology teams including Engineering to design and implement remediation solutions
• Provides assistance during information security incidents as part of an Incident Response Team
• Performs security tests against third-party products
• Remains aware of technological trends and developments in the area of information security
• Solves difficult technical problems; solutions are testable, maintainable, and efficient
• Provides support in the event of escalated security issues for enterprise systems; helps diagnose, troubleshoot, and resolve issues
• Supports the implementation of hardware and software changes into environments to ensure security requirements are met
• Provides input into security breach response procedures; assists with security breach response activities
• Participates in break/fix activities
• Analyzes the output of industry standard cybersecurity tools and helps identify remediations to reduce risk and exposure of applications
• Completes basic custom enhancements of applications using secure coding techniques to reduce the threat of remote or local vulnerabilities
• Evaluates entire applications (Container, Infrastructure, host platform) to identify potential threats and vulnerabilities
 
 
Minimum Qualifications:
• Bachelor's Degree in Computer Science, CIS, Engineering, Cybersecurity, or related field (or equivalent work or military experience in a related field)
• 2 years of experience in technology system support, software development or a related field
• 1 year of experience with information security applications and systems
• 1 year of experience in database technologies
• 1 year of experience working on project(s) involving the implementation of solutions applying development life cycles (SDLC)
• 2 years of experience analyzing the output of industry standard cybersecurity tools and identifying remediations to reduce risk and exposure of applications



Preferred Qualifications:
• Master's Degree in Computer Science, CIS, or related field
• Relevant information security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen)
• Advanced understanding of information security practices and policies
• 2 years of IT experience developing and implementing business systems within an organization
• 4 years of experience working with defect or incident tracking software
• 4 years of experience with technical documentation in a software development environment
• 2 years of experience working with an IT Infrastructure Library (ITIL) framework
• 2 years of experience leading teams, with or without direct reports
• Experience with Cloud technologies

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Discovery Inc

Network Security Engineer

Los Angeles, CA
Network Security
FULL-TIME
Oct 31
Premier

Our Team
As Discovery Inc’s portfolio continues to grow – around the world and across platforms – the Global Technology & Operations team is building media technology and IT systems that meet the world class standard for which Discovery is known. GT&O builds, implements and maintains the business systems and technology that are critical for delivering Discovery’s products, while articulating the long-term technology strategy that will enable Discovery’s growing pay-tv, digital terrestrial, free-to-air and online services to reach more audiences on more platforms.

From Amsterdam to Singapore and from satellite and broadcast operations to SAP, we are driving Discovery forward on the leading edge of technology.

 

The Role
The Network Security Engineer will be responsible for working with the operations and engineering teams around the strategic, tactical, and improvement of the global network security platforms. The individual will be evaluating processes regularly to ensure expected outcomes are achieved in the most efficient way along with identifying service improvements and document those improvements. Help ensure standards and processes are followed.

Key Responsibilities
  • Effectively support all DCI network security infrastructure 24*7 by responding to and resolving all trouble tickets within the stipulated SLA time – 40%
  • Clearly understand the root cause of all the network security outages and take remediation steps to prevent the recurrence of the problem – 10%
  • Ability to prioritize work based on business criticalities and also be flexible to work on ad hoc tasks as assigned by the manager – 20%
  • Fully understand and adhere to the team’s network security standards and procedures both in technical and functional areas – 20%
  • Maintain positive relationships with all user communities, peers and the management team – 10%
  • Perform other duties as needed.
Requirements

* Bachelor’s degree in Computer Science, Information Technology, Information Systems or similar
* Minimum of 5 years of experience in system administration in an enterprise network security production environment
* Strong skills with network protocols, standards and policies
* Strong skills with Juniper, Cisco, and Palo Alto network security platforms
* Strong skills with network access control systems (AAA, NAC)
* Understanding of load balancing, remote access, DNS, DHCP and IPAM platforms
* Process oriented leader with strong execution and follow-through skills
* Able to perform multiple tasks simultaneously and prioritize self
* Strong and consistent customer service and communication skills
* Willingness to work a flexible schedule
* Strong team member with self-motivation and desires to improve the infrastructure
* Excellent troubleshooting, analytical and problem-solving skills
* Minimal travel anticipated for this position
* Must have the legal right to work in the United States

 

Preferred qualifications
* Media industry experience

Discovery Communications, Inc. is an equal opportunity employer. Discovery is committed to being an employer of choice, not just a good place to work, but a great and inclusive place to work. To that end, we strive to recruit and maintain a workforce that meaningfully represents the diverse and culturally rich communities that we serve. Qualified applicants will receive consideration for employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, protected veteran status or disabled status or, genetic information.

We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including but not limited to all local Fair Chance Ordinances.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
GSK

Network Security Specialist

Multiple
Network Security
FULL-TIME
Aug 23
Premier

Site Name: USA - Massachusetts - Waltham, USA - North Carolina - Research Triangle Park, USA - Pennsylvania - Philadelphia, USA - Pennsylvania - Upper Providence, USA - Texas - Richardson, UK - Hertfordshire - Stevenage
Posted Date: Aug 18 2020

This role is an exciting opportunity within GSK Tech Security & Risk (TSR) organisation who provide services and expertise to enable a risk based, compliant, efficient, secure and value driven Technology Delivery. As GSK continues its digital transformation, the security of platforms for infrastructure, data and applications must be elevated to utilize the latest and most effective capabilities available. The successful candidate will have strong technical & consultative skills as well as relevant experience in IT Security Architecture & Engineering. The successful candidate will be required to collaborate with technologists within GSK and other business entities.

 

This role will report to the Director of App & Infrastructure within the Architecture team of the Security & Risk Organisation. The Network Security Specialist will lead on developing the network security architecture and strategy. The candidate will support the GSK cyber security program team, as a technical leader architecting modern network paradigms including Software-Defined Networking, Zero-trust networking, Micro segmentation, Network Access Control, network security and monitoring solutions and secure remote access. The candidate will act as an interface with technical experts in the Platforms, Consumer, Pharma, Vaccines Technology teams as they build out internal & external capabilities on behalf of GSK and our customers. The candidate must be capable of understanding the threats to our platforms from internal and external sources, be able to direct and coach team members on mitigation solutions.  The candidate will ensure processes and technology align with the Tech Transformation Strategy within GSK and it complement the other functions within TSR. The candidate must ensure the deployment and operational security requirements are modern and scalable, align with the vision of the GSK Chief Digital Officer and Chief Information Security Officer. 

 

This role will provide YOU the opportunity to lead key activities to progress YOUR career, these responsibilities include some of the following:

  • Closely collaborate with the Tech Security & Risk peers and the wider Tech organisation within GSK to identify key business drivers, risks and security capability requirements
  • Develop GSK's network security architecture and strategy, fit for purpose for a large pharmaceutical with a global footprint
  • Present the architecture and strategy to stakeholders across the Tech organisation to get buy-in for the vision and roadmap
  • Provide input and direction for technology decisions and investments related to the strategy
  • Closely collaborate Tech Security & Risk peers and the wider Tech organisation within GSK to incrementally deliver against the strategy
  • Support Tech Security & Risk peers in delivery of their own security strategies
  • Support the wider Tech organisation to enable them to deliver their network related initiatives in a secure manner

Basic Qualifications:

 

We are looking for professionals with these required skills to achieve our goals:

  • Experience architecting and deploying networks and network security solutions in large enterprise organisations
  • Experience of modern network paradigms/technologies including: Software-Defined Networking, zero-trust networking, micro-segmentation, network access control, network security monitoring and secure remote access
  • Experience with building solutions on cloud platforms (Azure, GCP and AWS)
  • Experience in maintaining and enhancing security standards to align to industry best practice in relation to emerging technologies
  • Experience with Architecture frameworks such as SABSA, TOGAF etc.
  • 7-10 years experience in Information Security
  • 10+ years experience in Information Technology

 

 

Preferred Qualifications:

 

If you have the following characteristics, it would be a plus:

  • CISSP/ISSAP or other industry network, security and cloud certifications desirable
  • Proven experience working and influencing cross functionally
  • Pragmatic and focused on delivering value to the business
  • Strong and clear communication skills – verbal and written
  • Ability to engage with leadership teams
  • Highly self-motivated, directed, and can work independently without supervision
  • Prepared to work at a low level of detail where necessary
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
See More Network Security Jobs

Cloud Security Jobs

General Electric

Remote Cloud Security Engineer

Remote
Cloud Security
FULL-TIME
Nov 6
Premier

Job Description Summary

General Electric (GE) Gas Power is seeking a motivated Staff Cloud Security Engineer responsible for strategic technical development, Including cloud security automation capabilities in AWS and Azure. The successful candidate will have strong problem-solving, time management and analytical skills. As part of the GE Cybersecurity team, a curiosity to learn combined with a builder-attitude will be critical in our mission to address evolving threats and protect company information and resources.

Job Description

Specific Responsibilities Include:

  • Design, build and implement enterprise cyber technology for production environments
  • Align technical risk management standards, frameworks and policy with overall GE Gas Power business and digital requirements.
  • Drive efforts with program application leads and stakeholders to architect Cloud solutions using tools and services aligned to standards and secure design patterns.
  • Design and implement automated security controls to proactively enforce Security, Risk and Compliance standards for applications.
  • Develop libraries of common secure patterns for deploying cloud infrastructure and applications, including applications provided by GE Infrastructure as a Service providers
  • Provide mechanism to demonstrate consistent application of controls and configurations, including creation of real-time tool providing across GE Power cloud accounts.
  • Engineer secure technology solutions that promote adoption of SecDevOps and Cloud services (IaaS, PaaS & SaaS).
  • Understand current and evolving threats for Cloud, including mitigation tools and techniques.
  • Research, recommend and implement controls for developing technology such as container orchestration, machine learning and serverless technologies.
  • Apply native cloud service provider security and monitoring services in the cloud, including network access controls, encryption, alerting and secrets management.
  • Identify security design gaps in existing and proposed architectures and recommend and deploy changes and enhancements

Basic Qualifications:

  • Bachelor’s degree in Information Systems (IS), Information Technology (IT), Computer Science or Engineering from an accredited college or university;
  • Minimum of 5 years of experience architecting secure Cloud platforms (AWS or Azure);
  • Minimum of 5 years of experience with programming or scripting languages;
  • Minimum of 3 years of experience with Cloud automation capabilities

Eligibility Requirements: (Country Specific)

  • United States (Gas Power locations preferred) & Remote

Desired Characteristics:

  • Experience reviewing and understanding cloud architecture and security best practices.
  • Highly technical, eager to learn with strong analytical and problem-solving skills.
  • Working knowledge of Cloud provider security architecture design patterns.
  • Experience performing design reviews to assess security risk for application architecture or introduction of new cloud services.
  • Associate or Professional-level Cloud certification(s).
  • Knowledge of IT service management and cybersecurity processes including change management, incident management, configuration management, threat and vulnerability management.
  • Knowledge of current programming language, source code management and related technology to evaluate infrastructure as code safeguards
  • Strategic thinker, with experience planning and executing multiyear application security roadmaps
  • Ability to define program KPIs and metrics
  • Advanced degree In Information Systems, Information Technology, Computer Science or Engineering from an accredited college or university.
  • Experience leveraging agile methods within development and project efforts

Additional Information

GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

Relocation Assistance Provided: No

Inclusion & Diversity
We are passionate about creating an inclusive work environment. By valuing the ideas and contributions of a diverse workforce we help inspire others to grow, succeed, and raise the bar for everyone. Join us at GE Gas Power, where results can be achieved by embracing a community of belonging.  
About GE Gas Power
GE Gas Power engineers cleaner, more accessible energy that people depend on, powering growth and prosperity for people everywhere. Our leading technologies produce a third of the world’s electricity thanks to our talented people, who make gas work for our customers, stakeholders and the world. Through relentless innovation and continuous partnership with our customers, we are building the energy technologies of the future and providing the cleaner, more efficient power people depend on today.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
InfoSys

AWS Cloud Architect

Irving, TX
Cloud Security
FULL-TIME
Nov 2
Premier

Job Description

 

 

As an AWS Cloud Architect, you will interface with key stakeholders and apply your technical proficiency across different stages of the Software Development Life Cycle including Requirements Elicitation, Application development, definition and Design. You will play an important role in creating the high-level design artifacts. You will also deliver high quality code deliverables for a module, lead validation for all types of testing and support activities related to implementation, transition and warranty. At Infosys, you may look forward to collaborating with some of the best talent in the industry to create innovative high quality and defect-free solutions to meet our clients’ business needs. We drive a learning culture, where teamwork and collaboration are encouraged, excellence is rewarded, and diversity is respected and valued.

Required AWS Cloud Architect Qualifications:

• Bachelor’s degree or foreign equivalent required from an accredited institution. Will also consider three years of progressive experience in the specialty in lieu of every year of education.
• 7+ years of experience with Information Technology
• U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are not able to sponsor at this time
• Candidate must be located within the commuting distance of Irving, TX or be willing to relocate to this location. This position may require travel in the US and Canada.
 
Preferred AWS Cloud Architect Qualifications:
 
• Hands on experience architecting in AWS and working with Big Data.
• Strong experience in Designing data pipelines and data solutions on-premise and on cloud, in AWS Big Data, Glue/EMR/S3/Redshift, Hadoop distributed frameworks, Apache Spark with Python, Java programming and Hadoop Ecosystems
• Good experience on Snowflake, End to End implementations on ETL and Bigdata Projects
• Good knowledge of Cloud Security implementation practices
• Expertise in scalability and high performance applications meeting various SLAs which are part of architecture and design
• Exposure on design and developing micro-services architecture, Diagnostic /Discovery/As Is Assessment, Solution
• Evaluation and Recommendation and CI / CD  Good experience in Project life cycle activities on development and maintenance projects
• Experience in data migration, estimation, sizing of project
• Experience in working in Agile teams, and working independently with Business stakeholders providing solutions and regular updates
• Experience and desire to work in a Global delivery environment with strong written and oral communication skills and Analytical skills
 
The job entails sitting as well as working at a computer for extended periods of time. Should be able to communicate by telephone, email or face to face. Travel may be required as per the job requirements.

About Us

Infosys is a global leader in next-generation digital services and consulting. We enable clients in 46 countries to navigate their digital transformation.

With over three decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change. We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise, and ideas from our innovation ecosystem.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
CrowdStrike

Software Engineer - Cloud Security

Remote
Cloud Security
FULL-TIME
Aug 19
Premier

About the Role

Cloud Security Posture Management (CSPM) is a new and complementary product area for CrowdStrike. We’re extending CrowdStrike’s mission of “stopping breaches” into the public cloud control plane and native cloud resources. CrowdStrike’s CSPM offering will give customers visibility into both the (mis)configuration and compliance of native cloud resources, and potential adversary activity involving those resources. When coupled with Falcon, CrowdStrike’s endpoint security offering, our CSPM offering will provide a more comprehensive perspective on how the adversary is targeting key customer infrastructure.

 

What You’ll Need 

  • Lead backend engineering efforts from rapid prototypes to large-scale applications across CrowdStrike products.
  • Leverage and build cloud based systems to detect targeted attacks and automate cyber threat intelligence production at a global scale.
  • Brainstorm, define, and build collaboratively with members across multiple teams.
  • Obsess about learning, and champion the newest technologies & tricks with others, raising the technical IQ of the team.
  • Be mentored and mentor other developers on web, backend and data storage technologies and our system.
  • Constantly re-evaluate our product to improve architecture, knowledge models, user experience, performance and stability.
  • Be an energetic ‘self-starter’ with the ability to take ownership and be accountable for deliverables.
  • Use and give back to the open source community.

 

You’ll use

  • Go (Golang)
  • AWS/GCP/Azure/Kubernetes
  • Kafka
  • GIT
  • Cassandra
  • ElasticSearch
  • Redis
  • ZMQ

 

Key Qualifications

  • Degree in Computer Science (or commensurate experience in data structures/algorithms/distributed systems).
  • The ability to scale backend systems – sharding, partitioning, scaling horizontally are second nature to you.
  • The desire to ship code and the love of seeing your bits run in production.
  • Deep understanding of distributed systems and scalability challenges.
  • Deep understand multi-threading, concurrency, and parallel processing technologies.
  • Team player skills – we embrace collaborating as a team as much as possible.
  • A thorough understanding of engineering best practices from appropriate testing paradigms to effective peer code reviews and resilient architecture.
  • The ability to thrive in a fast paced, test-driven, collaborative and iterative programming environment.
  • The skills to meet your commitments on time and produce high quality software that is unit tested, code reviewed, and checked in regularly for continuous integration.

 

Bonus points awarded for…

  • Authored and lead successful open source libraries and projects.
  • Contributions to the open source community (GitHub, Stack Overflow, blogging).
  • Existing exposure to Go, Scala, AWS, Cassandra, Kafka, Elasticsearch...
  • Prior experience in the cybersecurity or intelligence fields

 

Bring your experience in distributed technologies and algorithms, your great API and systems design sensibilities, and your passion for writing code that performs at extreme scale. You will help build a platform that scales to millions of events per second and Terabytes of data per day. If you want a job that makes a difference in the world and operates at high scale, you’ve come to the right place.

 

#LI-DK1

#LI-Remote

 

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards
  • Competitive vacation policy
  • Comprehensive health benefits + 401k plan 
  • Paid parental leave, including adoption
  • Flexible work environment
  • Wellness programs
  • Stocked fridges, coffee, soda, and lots of treats
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
IHS Markit

Junior Cloud Security Engineer

Remote
Cloud Security
FULL-TIME
Jul 8
Premier

Your role 

Reporting to the global head of cloud security at IHS Markit, your work will focus primarily on AWS with a secondary focus on VMC, Azure and/or GCP as needed. You will mentor and guide junior members of the cloud security team and partner with stakeholders across information security and other IHS Markit organizations to deliver solutions that harden IHS Markit’s cloud security posture.

 

Emphasis will be on the following objectives: 

·       Creating security automation for response and remediation of compliance findings and hardening of AWS and VMWare Cloud on AWS (VMC) environments primarily, and Azure or GCP secondarily

·       Onboard corporate and open-source security tools into build pipelines including SAST, DAST, TVM and anti-virus tools using Cloud native and open-source tooling and create custom tooling where needed to fill in gaps

·       Partner with the cybersecurity operations center (CSOC), offensive security operations and threat intelligence teams to onboard new services for the purpose of detection and predication of events

 

Your expertise 

·       0 – 2 years of experience of cloud security engineering on AWS 

·       Basic understanding of security requirements, best practices and execution in various cloud implementation scenarios: IaaS, PaaS, SaaS 

·       Basic understanding of Lockheed Martin’s Kill Chain or MITRE ATT&CK 

·       Basic understanding and exposure to automation using scripts and CI/CD pipelines with cloud native or open-source technologies 

·       Basic experience with a scripting language such as Bash or Python 

·       Basic understanding of Windows and Linux platforms in the lens of investigations, configuration management and patch management 

·       Knowledge of Google Cloud Platform (GCP) or Microsoft Azure security concepts in a secondary capacity is strongly desired, but not required 
 

You are 

·       A naturally curious self-starter - you can deliver on requirements with some limited guidance or supervision, as needed by you and the team 

·       A relentless learner - you actively seek to add to your skillset and knowledge base while challenging the status quo to drive efficiency in the team 

·       Strong interpersonal skills – you can communicate with a wide range of technical and non-technical teams 

·       Insist on the highest standards within the team and actively share your perspectives with the team and the larger information security organization 

 

What we offer: 

·       Access to the most interesting information technologies 

·       The ability to implement your own ideas and solutions 

·       Participation in conferences and training for Information Security qualifications 

 

Flexible Working  

We pride ourselves on our agility and diversity, and we welcome requests to work flexibly. For most roles, flexible hours and/or an element of remote working are usually possible. Please talk to us during the interview about the type of arrangement that is best for you. We will always try to be adaptable wherever we can and in accordance with local and regional practices.   

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Excelicon

Cloud Risk Analyst

Washington, DC
Cloud Security
CONTRACTOR
Jun 25
Premier

The reesource shall provide the organization risk guidance on existing and emerging cloud technologies.

Excelicon seeks a resource to support and execute the following tasks:

 

  • Evaluate technologies and determine risk of technology architecture, implementation and

suitability for the client. This may require interaction with vendors to gather product security

features, research vulnerabilities/weaknesses, and provide implementation recommendations to Senior Management.

  • Support the development of the client’s A&A strategy for Cloud based systems.
  • Provide technical writing support and guidance to system owners in the development, and
  • technical review of System Security Plans (SSPs).
  • Conduct in-depth technical security reviews, risk assessments, and architecture reviews for
  • Cloud based technologies to ensure alignment with House information security policies
  • and technical guidelines.
  • Develop recommendations for decision briefs for Senior Management to use in making
  • ATO and other security decisions.
  • Provide technical guidance in the development and revision of client’s information security policies to incorporate Cloud technologies.
  • The Contractor shall provide risk management guidance and advisement to CAO teams for

emerging technologies to include new cloud, mobile and desktop application work products.

  • Provide technical support for responding to and implementing recommendations of the Office of Inspector General and Internal Controls/Internal Audit.
  • Provide analysis and reporting on the cloud products currently in use at the client site to include high-risk services, data usage, and threats.
  • Other duties as assigned.

 

 

The Contractor shall provide individuals with the following knowledge, skills and abilities:

 

  • Bachelor’s degree in a related field.
  • Knowledge and expertise in cloud computing, virtualization, Platform as a Service (PaaS),
  • Infrastructure as a Service (IaaS), Software as a Service (SaaS).
  • Demonstrated experience in conducting technical risk assessments for various Cloud platforms.
  • Experience working with Cloud Security Alliance (CSA) guidelines and security guidance from

the National Institute of Standards and Technology (NIST) to include SP-800-53A: Assessing

Security and Privacy Controls in Federal Information Systems and Organizations: Building

Effective Assessment Plans, NIST SP 800-144: Guidelines on and Security and Privacy in Public

Computing Cloud, NIST SP 800-145: The NIST Definition of Cloud Computing, NIST SP 800-

146: Cloud Computing Synopsis and Recommendations; Federal Risk and Authorization

Management Program (FedRAMP) security control baselines and security guides.

  • Demonstrated understanding and/or experience of various Cloud environments.
  • Demonstrated experience supporting a CASB tool.
  • Strong familiarity with FedRAMP and Federal Cloud guidelines.
  • Achievement of CCSP (Certified Cloud Security Professional), CISSP (Certified Information
  • Systems Security Professional) and/or CRISC (Certified in Risk and Information Systems Control)
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
See More Cloud Security Jobs

Application Security Jobs

Auth0

Software Engineer, Platform Tools

Remote
Application Security
FULL-TIME
Oct 28
Premier
Auth0 is a unicorn that just closed a $120M Series F round of funding, with total capital raised to date of $330M and valuation of nearly $2B. We are growing rapidly and looking for exceptional new team members to add to our exceptional talent pool - and who will help take us to the next level of success. One team, one score. 
 
Our vision is to provide people with secure access to any application in one click or less. And our promise is to make identity work for everyone—whether you’re a developer looking to innovate, or a security professional looking to mitigate. We are looking for curious, excited, boundary-pushing team members. So, if you’re a big thinker who is nimble and adaptable, Auth0 may be an ideal place for you to shine.
 
The Platform Tools team mission is to make the life of Auth0’s engineers easier and more productive by providing a frictionless interface to Auth0’s internal platform. 
 
We are looking for senior software engineers to help us achieve the level of excellence that our teams need to make their day-to-day work easier and enjoyable.

You will:

  • Design, build and maintain tools and a toolchain to improve the development lifecycle.
  • Help build and scale our development environment as engineering teams grow.
  • Research and build prototypes using new technologies.
  • Investigate, discuss and propose new engineering productivity practices and tools.
  • Collaborate with fellow team members on priorities, specifications, and progress communication.
  • Evangelize Auth0 engineers about our new tools offering.

You are a good fit if you:

  • Have excellent communication and collaboration skills.
  • Love to work with cutting edge technologies.
  • Enjoy solving chores through automation.
  • Have experience with Go, Node.js or similar.
  • Have experience with container technology such as Docker, Kubernetes, ECS, etc.
  • Have experience with distributed systems, software architectures and authentication.
  • Are autonomous and have a continuous improvement mindset.
  • Pay attention to details and keep user experience a top priority.
  • Enjoy being part of a highly collaborative, remote first environment.
  • Timezone: we are giving preference to candidates located between GMT -3 and GMT +2.

You might work on:

  • Open source tools, integrations, CLIs, and frameworks.
  • API and CLI interface to our internal platform.
  • Vivaldi, our Docker-based development environment.
  • Bots and scripts to automate common tasks.
  • IDE and browser extensions.
  • Pull Requests flow automation.

Preferred Locations:

  • #US; #CA; #AR;

 

Auth0 safeguards more than 4.5 billion login transactions each month and its top priorities are availability and security.
 
We like to think that we are helping make the internet safer. Our team is spread across more than 35 countries and we are proud to continually be recognized as a great place to work. Culture is critical to us, and we are transparent about our vision and principles
 
Auth0 is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will confirm work authorization for candidates residing in the United States.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
CyberArk

Software Engineer Intern

Newton, MA
Application Security
INTERN
Aug 22
Premier

Job Description:

We are looking for software engineering interns to join the Conjur Community and Integrations (C&I) team at CyberArk! Our team delivers high-quality open source software and more to CyberArk’s customers. We know that our community is best served when:
- Our projects are active, maintained, well organized, and superbly documented
- We discuss, plan, design, and build in the open
- Contributions from community members are solicited, welcomed, and reviewed

The intern will play an important role in helping us grow and maintain our suite of tools and integrations that work with Conjur open source. During the internship, the intern will work with the community and integrations team to extend our Conjur SDK from a handful of client libraries to a complete OpenAPI implementation. There will also be opportunities to write tutorials, blog posts, and provide code samples that community members can use to understand how to use our software. In creating this content, interns will get hands-on experience with bash, Docker, interacting with a REST API, and some of the most popular modern DevOps tools and platforms for deploying software.

 

Responsibilities
The Conjur C&I team are responsible for many features and initiatives within the CyberArk portfolio, including:
- Features within the Conjur open source product
- Integrations for the Conjur and DAP products with popular open DevOps tools
- Connectors and enhancements for the revolutionary Secretless Broker
- APIs and SDKs for the above

 

Requirements:

- Senior currently enrolled in a University/ College

- Major studies focused in Computer Science, Information System Security, etc or prior industry software development experience 

- Experience with Docker, Bash, Golang, Ruby is a plus

- Capable of understanding the technical aspects of a complex system.

- Must have excellent communication skills and a passion for providing world-class service.

- Experience of directly supporting enterprise-level customers is a plus.

- Ability and desire to learn products and technologies.

- Must be able to work independently as well as with others, as part of a domestic and international team.

- Excellent time management, decision making, prioritization and organization skills.

- Experience developing on Unix/Linux based system is a plus

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
HP

Application Security Engineer

Spring, TX
Application Security
FULL-TIME
Aug 20
Premier

We are seeking a Product Security consultant within Personal PC organization. We are looking for an innovative and motivated candidate who under general direction and with a high level of autonomy, will use extensive knowledge and skills obtained through education and experience to perform the services.

The candidate will be required to work on multiple products and must have the ability to develop and present secure solutions and remediation advice to leadership and technical teams. The candidate will be required to assess risks imposed by technical solutions and advise product teams of security standards, best practices and solutions to address risk, while maintaining security quality and customer satisfaction.

 

Primary responsibilities of this role are:

  • Work closely with Business Team and product development team to:
  • Drive Security Development Lifecycle activities (architecture review, threat modeling, security code reads)
  • Align security solution to overall HP Inc. product.
  • Certify the product HP Inc. ship are align with cyber security standard.
  • Apply security throughout the product development lifecycle using Secure Development Lifecycle processes and techniques
  • Gain and maintain a working knowledge of the HP Inc. portfolio of products.
  • Continually review and enhance existing knowledge of security aspects of HP Inc. product sets and technologies.
  • Partner with product development teams in order to remediate risks identified by Product Security.
  • Capture Remediation data to provide dashboard and metrics to senior management
  • Provide 'soft' consultancy skills and a proactive approach to earn the trust of product teams.

Requirements and Desirable Qualities:

  • Strong engineering background preferred
  • Application architecture experience preferred
  • Advanced knowledge of Windows platforms
  • Advanced knowledge of application mobile security tools
  • Strong technical acumen securing software and hardware
  • Excellent analytical and problem solving skills
  • Good understanding of software development and working experience with any one of the higher level programing languages or scripting
  • Typically 5 or more years of related work experience
  • Experience leading security efforts and/or teams
  • Good analytical and problem solving skills.
  • Good communication skills

 

Experience:

  • Typically 7 or more years of related work experience
  • Typically 5 years’ experience in vulnerability research analyst, pen testing, security researcher, Windows, Linux.
  • Strong engineering and development background in software are preferred.
  • Open Source Contributor
  • Strong knowledge to perform below tests:
    • Penetration Testing
    • Static Analysis/ Static Application Security Testing
    • Vulnerability Assessment/Scanning
    • Dynamic Analysis/Dynamic Application Security Testing (DAST)
    • Malicious Software Analysis
    • SDL (architecture review, code reads, threat modeling)

 

 

Preferred Certifications:

  • CEH: Certified Ethical Hacker
  • CCNP Security: Cisco Certified Network Professional Security
  • GSEC / GCIH / GCIA: GIAC Security Certifications
  • CISSP: Certified Information Systems Security Professional
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
See More Application Security Jobs
Auth0

Software Engineer, Platform Tools

Remote
Application Security
FULL-TIME
Oct 28
Premier
Auth0 is a unicorn that just closed a $120M Series F round of funding, with total capital raised to date of $330M and valuation of nearly $2B. We are growing rapidly and looking for exceptional new team members to add to our exceptional talent pool - and who will help take us to the next level of success. One team, one score. 
 
Our vision is to provide people with secure access to any application in one click or less. And our promise is to make identity work for everyone—whether you’re a developer looking to innovate, or a security professional looking to mitigate. We are looking for curious, excited, boundary-pushing team members. So, if you’re a big thinker who is nimble and adaptable, Auth0 may be an ideal place for you to shine.
 
The Platform Tools team mission is to make the life of Auth0’s engineers easier and more productive by providing a frictionless interface to Auth0’s internal platform. 
 
We are looking for senior software engineers to help us achieve the level of excellence that our teams need to make their day-to-day work easier and enjoyable.

You will:

  • Design, build and maintain tools and a toolchain to improve the development lifecycle.
  • Help build and scale our development environment as engineering teams grow.
  • Research and build prototypes using new technologies.
  • Investigate, discuss and propose new engineering productivity practices and tools.
  • Collaborate with fellow team members on priorities, specifications, and progress communication.
  • Evangelize Auth0 engineers about our new tools offering.

You are a good fit if you:

  • Have excellent communication and collaboration skills.
  • Love to work with cutting edge technologies.
  • Enjoy solving chores through automation.
  • Have experience with Go, Node.js or similar.
  • Have experience with container technology such as Docker, Kubernetes, ECS, etc.
  • Have experience with distributed systems, software architectures and authentication.
  • Are autonomous and have a continuous improvement mindset.
  • Pay attention to details and keep user experience a top priority.
  • Enjoy being part of a highly collaborative, remote first environment.
  • Timezone: we are giving preference to candidates located between GMT -3 and GMT +2.

You might work on:

  • Open source tools, integrations, CLIs, and frameworks.
  • API and CLI interface to our internal platform.
  • Vivaldi, our Docker-based development environment.
  • Bots and scripts to automate common tasks.
  • IDE and browser extensions.
  • Pull Requests flow automation.

Preferred Locations:

  • #US; #CA; #AR;

 

Auth0 safeguards more than 4.5 billion login transactions each month and its top priorities are availability and security.
 
We like to think that we are helping make the internet safer. Our team is spread across more than 35 countries and we are proud to continually be recognized as a great place to work. Culture is critical to us, and we are transparent about our vision and principles
 
Auth0 is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will confirm work authorization for candidates residing in the United States.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
CyberArk

Software Engineer Intern

Newton, MA
Application Security
INTERN
Aug 22
Premier

Job Description:

We are looking for software engineering interns to join the Conjur Community and Integrations (C&I) team at CyberArk! Our team delivers high-quality open source software and more to CyberArk’s customers. We know that our community is best served when:
- Our projects are active, maintained, well organized, and superbly documented
- We discuss, plan, design, and build in the open
- Contributions from community members are solicited, welcomed, and reviewed

The intern will play an important role in helping us grow and maintain our suite of tools and integrations that work with Conjur open source. During the internship, the intern will work with the community and integrations team to extend our Conjur SDK from a handful of client libraries to a complete OpenAPI implementation. There will also be opportunities to write tutorials, blog posts, and provide code samples that community members can use to understand how to use our software. In creating this content, interns will get hands-on experience with bash, Docker, interacting with a REST API, and some of the most popular modern DevOps tools and platforms for deploying software.

 

Responsibilities
The Conjur C&I team are responsible for many features and initiatives within the CyberArk portfolio, including:
- Features within the Conjur open source product
- Integrations for the Conjur and DAP products with popular open DevOps tools
- Connectors and enhancements for the revolutionary Secretless Broker
- APIs and SDKs for the above

 

Requirements:

- Senior currently enrolled in a University/ College

- Major studies focused in Computer Science, Information System Security, etc or prior industry software development experience 

- Experience with Docker, Bash, Golang, Ruby is a plus

- Capable of understanding the technical aspects of a complex system.

- Must have excellent communication skills and a passion for providing world-class service.

- Experience of directly supporting enterprise-level customers is a plus.

- Ability and desire to learn products and technologies.

- Must be able to work independently as well as with others, as part of a domestic and international team.

- Excellent time management, decision making, prioritization and organization skills.

- Experience developing on Unix/Linux based system is a plus

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
HP

Application Security Engineer

Spring, TX
Application Security
FULL-TIME
Aug 20
Premier

We are seeking a Product Security consultant within Personal PC organization. We are looking for an innovative and motivated candidate who under general direction and with a high level of autonomy, will use extensive knowledge and skills obtained through education and experience to perform the services.

The candidate will be required to work on multiple products and must have the ability to develop and present secure solutions and remediation advice to leadership and technical teams. The candidate will be required to assess risks imposed by technical solutions and advise product teams of security standards, best practices and solutions to address risk, while maintaining security quality and customer satisfaction.

 

Primary responsibilities of this role are:

  • Work closely with Business Team and product development team to:
  • Drive Security Development Lifecycle activities (architecture review, threat modeling, security code reads)
  • Align security solution to overall HP Inc. product.
  • Certify the product HP Inc. ship are align with cyber security standard.
  • Apply security throughout the product development lifecycle using Secure Development Lifecycle processes and techniques
  • Gain and maintain a working knowledge of the HP Inc. portfolio of products.
  • Continually review and enhance existing knowledge of security aspects of HP Inc. product sets and technologies.
  • Partner with product development teams in order to remediate risks identified by Product Security.
  • Capture Remediation data to provide dashboard and metrics to senior management
  • Provide 'soft' consultancy skills and a proactive approach to earn the trust of product teams.

Requirements and Desirable Qualities:

  • Strong engineering background preferred
  • Application architecture experience preferred
  • Advanced knowledge of Windows platforms
  • Advanced knowledge of application mobile security tools
  • Strong technical acumen securing software and hardware
  • Excellent analytical and problem solving skills
  • Good understanding of software development and working experience with any one of the higher level programing languages or scripting
  • Typically 5 or more years of related work experience
  • Experience leading security efforts and/or teams
  • Good analytical and problem solving skills.
  • Good communication skills

 

Experience:

  • Typically 7 or more years of related work experience
  • Typically 5 years’ experience in vulnerability research analyst, pen testing, security researcher, Windows, Linux.
  • Strong engineering and development background in software are preferred.
  • Open Source Contributor
  • Strong knowledge to perform below tests:
    • Penetration Testing
    • Static Analysis/ Static Application Security Testing
    • Vulnerability Assessment/Scanning
    • Dynamic Analysis/Dynamic Application Security Testing (DAST)
    • Malicious Software Analysis
    • SDL (architecture review, code reads, threat modeling)

 

 

Preferred Certifications:

  • CEH: Certified Ethical Hacker
  • CCNP Security: Cisco Certified Network Professional Security
  • GSEC / GCIH / GCIA: GIAC Security Certifications
  • CISSP: Certified Information Systems Security Professional
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
TD Bank

Network Security Specialist

Mount Laurel, NJ
Network Security
FULL-TIME
Nov 6
Premier

TD Description

About TD Bank, America's Most Convenient Bank

TD Bank, America's Most Convenient Bank, is one of the 10 largest banks in the U.S., providing more than 8 million customers with a full range of retail, small business and commercial banking products and services at approximately 1,300 convenient locations throughout the Northeast, Mid-Atlantic, Metro D.C., the Carolinas and Florida. In addition, TD Bank and its subsidiaries offer customized private banking and wealth management services through TD Wealth®, and vehicle financing and dealer commercial services through TD Auto Finance. TD Bank is headquartered in Cherry Hill, N.J. To learn more, visit www.tdbank.com. Find TD Bank on Facebook at www.facebook.com/TDBank and on Twitter at www.twitter.com/TDBank_US.

TD Bank, America's Most Convenient Bank, is a member of TD Bank Group and a subsidiary of The Toronto-Dominion Bank of Toronto, Canada, a top 10 financial services company in North America. The Toronto-Dominion Bank trades on the New York and Toronto stock exchanges under the ticker symbol "TD". To learn more, visit www.td.com.

 

Department Overview

 

Building a World-Class Technology Team at TD

We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open

 

Job Description

PLEASE REFER TO THE QUALIFICATIONS SECTION FOR SPECIFIC ROLE REQUIREMENTS

About This Role

We are looking for someone to develop and implement Technology Controls and Information Security related policies, programs and tools. You will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect TD. You may also participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.

Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here are the essential job functions of this position:

  • Guide partners on a broad range of specific Technology Controls and Information Security programs, policies, standards and incidents.
  • Conduct risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas.
  • Lead or contribute to the completion of risk and control design assessments for an assigned business application, business portfolio, and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy.
  • Contribute to the definition, development, and oversight of a global security management strategy and framework.
  • Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against TDBG’s business.
  • Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
  • Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
  • Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
  • Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
  • Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise .
Other duties as assigned • Driving Requirements: • Travel Requirements:

 

Job Requirements

PLEASE REFER TO THE QUALIFICATIONS SECTION FOR SPECIFIC ROLE REQUIREMENTS

What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. Here are the minimum requirements for this position:

  • University Degree.
  • Information Security Certification / Accreditation an asset.
  • 7+ years of relevant experience.
  • Expert knowledge of IT security and risk disciplines and practices.
  • Advanced knowledge of of organization, technology controls, security and risk issues.
  • Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
  • Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors.
  • Must be eligible for employment under regulatory standards applicable to the position.

 

Qualifications

Preferred Qualifications - Here are the preferred qualifications for this role:

• Define, develop, implement, manage and govern standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency and effectiveness
• Provide subject matter expertise over network security risk assessment, secure network design and risk/threat/vulnerability management capabilities and functions across People, Process and Technology
• Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities
• Review and analyze large, complex, and comprehensive private and public cloud projects to assess network security risk, ensure compliance with standards, and suggest changes
• Conduct detailed assessments to prioritize program remediation or improvement for various network related technologies
• Build and maintain appropriate relationships with internal and external parties to ensure awareness and understanding of potential or impending threats, and measures to counter these threats
• Contribute to the review of internal processes & activities and assist in identifying potential opportunities for improvement
• Identify and recommend opportunities to enhance productivity, effectiveness and operational efficiency
• Assess / identify key issues and escalate to appropriate levels and relevant stakeholders where required
• Able to work well with others, and in particular be able to influence and change behaviors and build consensus
• Participate in the investigation of Information Security Incidents and development of remediation/prevention mechanisms
• Work with project teams to understand and accommodate application architecture and the applications specific requirements for private and public cloud networking
• Work with security team to understand and accommodate network security requirements for application
• Establish requirements and drive implementation of network security governance and reporting for private and public cloud environments.

Job Requirements :
• 5 to 7 years of experience in an information technology role focused on network infrastructure security preferably within the financial services industry or a consulting company
• Strong technical knowledge and understanding of various software-defined and physical network platforms including, firewalls, IDS/IPS, routers, switches, WAN technologies, MPLS, load balancing and wireless Networks
• Experience and understanding of public cloud networking and network security controls, particularly on Azure
• Experience defining network security standards and processes such as firewall rules request/approval process, B2B communication standards, logging and monitoring standards, device hardening standards for large organizations preferably in the financial services industry
• Resourceful and able to work independently with minimum supervision under the direction of the Senior Manager – Network Security
• Information Security certification or accreditation would be an asset
• Strong research, analytical and problem-solving abilities
• Effective written and verbal communication skills
• Have experience with micro segmentation and network automation in a hybrid public and private cloud environment
• Knowledgeable of cloud and hybrid-cloud implementations including IaaS, PaaS and SaaS

Education:
• University degree in Information Technology, Computer Science, Computer Engineering or equivalent work experience
• Certifications: CISSP, CCSP, Microsoft MCSE Azure – 400 or 500

 

 

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Lowe's

Network Security Engineer

Mooresville, NC
Network Security
FULL-TIME
Nov 1
Premier

Job Summary:
The primary purpose of this role is to support the design, implementation and ongoing operations of information security tools and services. This includes translating business and technical requirements into robust enterprise security software solutions that ensure information assets are adequately protected with acceptable levels of control. This also includes monitoring, testing, and evaluating security assessments of systems and taking steps to help design and implement remediation solutions.
 
 
To be successful, the individual in this role must have knowledge of security practices and tools related to identity and access management along with enterprise digital certificate management systems. This role helps establish and maintain programs that enable the business to operate efficiently and remain in compliance with regulatory and industry best practices.
 
 
Key Responsibilities:
• Supports the implementation and maintenance of assigned information security solutions to ensure successful deployment and operation; develops and documents detailed standards (e.g., guidelines, processes, procedures)
• Assists the Information Security team in monitoring security systems, reviewing logs, and managing information security systems
• Participates in regular security vulnerability assessments
• Performs internal and external penetration validation testing to ensure that computer systems are up to date relative to all operating systems, patches, and virus protection software
• Collaborates with other technology teams including Engineering to design and implement remediation solutions
• Provides assistance during information security incidents as part of an Incident Response Team
• Performs security tests against third-party products
• Remains aware of technological trends and developments in the area of information security
• Solves difficult technical problems; solutions are testable, maintainable, and efficient
• Provides support in the event of escalated security issues for enterprise systems; helps diagnose, troubleshoot, and resolve issues
• Supports the implementation of hardware and software changes into environments to ensure security requirements are met
• Provides input into security breach response procedures; assists with security breach response activities
• Participates in break/fix activities
• Analyzes the output of industry standard cybersecurity tools and helps identify remediations to reduce risk and exposure of applications
• Completes basic custom enhancements of applications using secure coding techniques to reduce the threat of remote or local vulnerabilities
• Evaluates entire applications (Container, Infrastructure, host platform) to identify potential threats and vulnerabilities
 
 
Minimum Qualifications:
• Bachelor's Degree in Computer Science, CIS, Engineering, Cybersecurity, or related field (or equivalent work or military experience in a related field)
• 2 years of experience in technology system support, software development or a related field
• 1 year of experience with information security applications and systems
• 1 year of experience in database technologies
• 1 year of experience working on project(s) involving the implementation of solutions applying development life cycles (SDLC)
• 2 years of experience analyzing the output of industry standard cybersecurity tools and identifying remediations to reduce risk and exposure of applications



Preferred Qualifications:
• Master's Degree in Computer Science, CIS, or related field
• Relevant information security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen)
• Advanced understanding of information security practices and policies
• 2 years of IT experience developing and implementing business systems within an organization
• 4 years of experience working with defect or incident tracking software
• 4 years of experience with technical documentation in a software development environment
• 2 years of experience working with an IT Infrastructure Library (ITIL) framework
• 2 years of experience leading teams, with or without direct reports
• Experience with Cloud technologies

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Discovery Inc

Network Security Engineer

Los Angeles, CA
Network Security
FULL-TIME
Oct 31
Premier

Our Team
As Discovery Inc’s portfolio continues to grow – around the world and across platforms – the Global Technology & Operations team is building media technology and IT systems that meet the world class standard for which Discovery is known. GT&O builds, implements and maintains the business systems and technology that are critical for delivering Discovery’s products, while articulating the long-term technology strategy that will enable Discovery’s growing pay-tv, digital terrestrial, free-to-air and online services to reach more audiences on more platforms.

From Amsterdam to Singapore and from satellite and broadcast operations to SAP, we are driving Discovery forward on the leading edge of technology.

 

The Role
The Network Security Engineer will be responsible for working with the operations and engineering teams around the strategic, tactical, and improvement of the global network security platforms. The individual will be evaluating processes regularly to ensure expected outcomes are achieved in the most efficient way along with identifying service improvements and document those improvements. Help ensure standards and processes are followed.

Key Responsibilities
  • Effectively support all DCI network security infrastructure 24*7 by responding to and resolving all trouble tickets within the stipulated SLA time – 40%
  • Clearly understand the root cause of all the network security outages and take remediation steps to prevent the recurrence of the problem – 10%
  • Ability to prioritize work based on business criticalities and also be flexible to work on ad hoc tasks as assigned by the manager – 20%
  • Fully understand and adhere to the team’s network security standards and procedures both in technical and functional areas – 20%
  • Maintain positive relationships with all user communities, peers and the management team – 10%
  • Perform other duties as needed.
Requirements

* Bachelor’s degree in Computer Science, Information Technology, Information Systems or similar
* Minimum of 5 years of experience in system administration in an enterprise network security production environment
* Strong skills with network protocols, standards and policies
* Strong skills with Juniper, Cisco, and Palo Alto network security platforms
* Strong skills with network access control systems (AAA, NAC)
* Understanding of load balancing, remote access, DNS, DHCP and IPAM platforms
* Process oriented leader with strong execution and follow-through skills
* Able to perform multiple tasks simultaneously and prioritize self
* Strong and consistent customer service and communication skills
* Willingness to work a flexible schedule
* Strong team member with self-motivation and desires to improve the infrastructure
* Excellent troubleshooting, analytical and problem-solving skills
* Minimal travel anticipated for this position
* Must have the legal right to work in the United States

 

Preferred qualifications
* Media industry experience

Discovery Communications, Inc. is an equal opportunity employer. Discovery is committed to being an employer of choice, not just a good place to work, but a great and inclusive place to work. To that end, we strive to recruit and maintain a workforce that meaningfully represents the diverse and culturally rich communities that we serve. Qualified applicants will receive consideration for employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, protected veteran status or disabled status or, genetic information.

We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including but not limited to all local Fair Chance Ordinances.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
GSK

Network Security Specialist

Multiple
Network Security
FULL-TIME
Aug 23
Premier

Site Name: USA - Massachusetts - Waltham, USA - North Carolina - Research Triangle Park, USA - Pennsylvania - Philadelphia, USA - Pennsylvania - Upper Providence, USA - Texas - Richardson, UK - Hertfordshire - Stevenage
Posted Date: Aug 18 2020

This role is an exciting opportunity within GSK Tech Security & Risk (TSR) organisation who provide services and expertise to enable a risk based, compliant, efficient, secure and value driven Technology Delivery. As GSK continues its digital transformation, the security of platforms for infrastructure, data and applications must be elevated to utilize the latest and most effective capabilities available. The successful candidate will have strong technical & consultative skills as well as relevant experience in IT Security Architecture & Engineering. The successful candidate will be required to collaborate with technologists within GSK and other business entities.

 

This role will report to the Director of App & Infrastructure within the Architecture team of the Security & Risk Organisation. The Network Security Specialist will lead on developing the network security architecture and strategy. The candidate will support the GSK cyber security program team, as a technical leader architecting modern network paradigms including Software-Defined Networking, Zero-trust networking, Micro segmentation, Network Access Control, network security and monitoring solutions and secure remote access. The candidate will act as an interface with technical experts in the Platforms, Consumer, Pharma, Vaccines Technology teams as they build out internal & external capabilities on behalf of GSK and our customers. The candidate must be capable of understanding the threats to our platforms from internal and external sources, be able to direct and coach team members on mitigation solutions.  The candidate will ensure processes and technology align with the Tech Transformation Strategy within GSK and it complement the other functions within TSR. The candidate must ensure the deployment and operational security requirements are modern and scalable, align with the vision of the GSK Chief Digital Officer and Chief Information Security Officer. 

 

This role will provide YOU the opportunity to lead key activities to progress YOUR career, these responsibilities include some of the following:

  • Closely collaborate with the Tech Security & Risk peers and the wider Tech organisation within GSK to identify key business drivers, risks and security capability requirements
  • Develop GSK's network security architecture and strategy, fit for purpose for a large pharmaceutical with a global footprint
  • Present the architecture and strategy to stakeholders across the Tech organisation to get buy-in for the vision and roadmap
  • Provide input and direction for technology decisions and investments related to the strategy
  • Closely collaborate Tech Security & Risk peers and the wider Tech organisation within GSK to incrementally deliver against the strategy
  • Support Tech Security & Risk peers in delivery of their own security strategies
  • Support the wider Tech organisation to enable them to deliver their network related initiatives in a secure manner

Basic Qualifications:

 

We are looking for professionals with these required skills to achieve our goals:

  • Experience architecting and deploying networks and network security solutions in large enterprise organisations
  • Experience of modern network paradigms/technologies including: Software-Defined Networking, zero-trust networking, micro-segmentation, network access control, network security monitoring and secure remote access
  • Experience with building solutions on cloud platforms (Azure, GCP and AWS)
  • Experience in maintaining and enhancing security standards to align to industry best practice in relation to emerging technologies
  • Experience with Architecture frameworks such as SABSA, TOGAF etc.
  • 7-10 years experience in Information Security
  • 10+ years experience in Information Technology

 

 

Preferred Qualifications:

 

If you have the following characteristics, it would be a plus:

  • CISSP/ISSAP or other industry network, security and cloud certifications desirable
  • Proven experience working and influencing cross functionally
  • Pragmatic and focused on delivering value to the business
  • Strong and clear communication skills – verbal and written
  • Ability to engage with leadership teams
  • Highly self-motivated, directed, and can work independently without supervision
  • Prepared to work at a low level of detail where necessary
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
General Electric

Remote Cloud Security Engineer

Remote
Cloud Security
FULL-TIME
Nov 6
Premier

Job Description Summary

General Electric (GE) Gas Power is seeking a motivated Staff Cloud Security Engineer responsible for strategic technical development, Including cloud security automation capabilities in AWS and Azure. The successful candidate will have strong problem-solving, time management and analytical skills. As part of the GE Cybersecurity team, a curiosity to learn combined with a builder-attitude will be critical in our mission to address evolving threats and protect company information and resources.

Job Description

Specific Responsibilities Include:

  • Design, build and implement enterprise cyber technology for production environments
  • Align technical risk management standards, frameworks and policy with overall GE Gas Power business and digital requirements.
  • Drive efforts with program application leads and stakeholders to architect Cloud solutions using tools and services aligned to standards and secure design patterns.
  • Design and implement automated security controls to proactively enforce Security, Risk and Compliance standards for applications.
  • Develop libraries of common secure patterns for deploying cloud infrastructure and applications, including applications provided by GE Infrastructure as a Service providers
  • Provide mechanism to demonstrate consistent application of controls and configurations, including creation of real-time tool providing across GE Power cloud accounts.
  • Engineer secure technology solutions that promote adoption of SecDevOps and Cloud services (IaaS, PaaS & SaaS).
  • Understand current and evolving threats for Cloud, including mitigation tools and techniques.
  • Research, recommend and implement controls for developing technology such as container orchestration, machine learning and serverless technologies.
  • Apply native cloud service provider security and monitoring services in the cloud, including network access controls, encryption, alerting and secrets management.
  • Identify security design gaps in existing and proposed architectures and recommend and deploy changes and enhancements

Basic Qualifications:

  • Bachelor’s degree in Information Systems (IS), Information Technology (IT), Computer Science or Engineering from an accredited college or university;
  • Minimum of 5 years of experience architecting secure Cloud platforms (AWS or Azure);
  • Minimum of 5 years of experience with programming or scripting languages;
  • Minimum of 3 years of experience with Cloud automation capabilities

Eligibility Requirements: (Country Specific)

  • United States (Gas Power locations preferred) & Remote

Desired Characteristics:

  • Experience reviewing and understanding cloud architecture and security best practices.
  • Highly technical, eager to learn with strong analytical and problem-solving skills.
  • Working knowledge of Cloud provider security architecture design patterns.
  • Experience performing design reviews to assess security risk for application architecture or introduction of new cloud services.
  • Associate or Professional-level Cloud certification(s).
  • Knowledge of IT service management and cybersecurity processes including change management, incident management, configuration management, threat and vulnerability management.
  • Knowledge of current programming language, source code management and related technology to evaluate infrastructure as code safeguards
  • Strategic thinker, with experience planning and executing multiyear application security roadmaps
  • Ability to define program KPIs and metrics
  • Advanced degree In Information Systems, Information Technology, Computer Science or Engineering from an accredited college or university.
  • Experience leveraging agile methods within development and project efforts

Additional Information

GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

Relocation Assistance Provided: No

Inclusion & Diversity
We are passionate about creating an inclusive work environment. By valuing the ideas and contributions of a diverse workforce we help inspire others to grow, succeed, and raise the bar for everyone. Join us at GE Gas Power, where results can be achieved by embracing a community of belonging.  
About GE Gas Power
GE Gas Power engineers cleaner, more accessible energy that people depend on, powering growth and prosperity for people everywhere. Our leading technologies produce a third of the world’s electricity thanks to our talented people, who make gas work for our customers, stakeholders and the world. Through relentless innovation and continuous partnership with our customers, we are building the energy technologies of the future and providing the cleaner, more efficient power people depend on today.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
InfoSys

AWS Cloud Architect

Irving, TX
Cloud Security
FULL-TIME
Nov 2
Premier

Job Description

 

 

As an AWS Cloud Architect, you will interface with key stakeholders and apply your technical proficiency across different stages of the Software Development Life Cycle including Requirements Elicitation, Application development, definition and Design. You will play an important role in creating the high-level design artifacts. You will also deliver high quality code deliverables for a module, lead validation for all types of testing and support activities related to implementation, transition and warranty. At Infosys, you may look forward to collaborating with some of the best talent in the industry to create innovative high quality and defect-free solutions to meet our clients’ business needs. We drive a learning culture, where teamwork and collaboration are encouraged, excellence is rewarded, and diversity is respected and valued.

Required AWS Cloud Architect Qualifications:

• Bachelor’s degree or foreign equivalent required from an accredited institution. Will also consider three years of progressive experience in the specialty in lieu of every year of education.
• 7+ years of experience with Information Technology
• U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are not able to sponsor at this time
• Candidate must be located within the commuting distance of Irving, TX or be willing to relocate to this location. This position may require travel in the US and Canada.
 
Preferred AWS Cloud Architect Qualifications:
 
• Hands on experience architecting in AWS and working with Big Data.
• Strong experience in Designing data pipelines and data solutions on-premise and on cloud, in AWS Big Data, Glue/EMR/S3/Redshift, Hadoop distributed frameworks, Apache Spark with Python, Java programming and Hadoop Ecosystems
• Good experience on Snowflake, End to End implementations on ETL and Bigdata Projects
• Good knowledge of Cloud Security implementation practices
• Expertise in scalability and high performance applications meeting various SLAs which are part of architecture and design
• Exposure on design and developing micro-services architecture, Diagnostic /Discovery/As Is Assessment, Solution
• Evaluation and Recommendation and CI / CD  Good experience in Project life cycle activities on development and maintenance projects
• Experience in data migration, estimation, sizing of project
• Experience in working in Agile teams, and working independently with Business stakeholders providing solutions and regular updates
• Experience and desire to work in a Global delivery environment with strong written and oral communication skills and Analytical skills
 
The job entails sitting as well as working at a computer for extended periods of time. Should be able to communicate by telephone, email or face to face. Travel may be required as per the job requirements.

About Us

Infosys is a global leader in next-generation digital services and consulting. We enable clients in 46 countries to navigate their digital transformation.

With over three decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change. We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise, and ideas from our innovation ecosystem.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
CrowdStrike

Software Engineer - Cloud Security

Remote
Cloud Security
FULL-TIME
Aug 19
Premier

About the Role

Cloud Security Posture Management (CSPM) is a new and complementary product area for CrowdStrike. We’re extending CrowdStrike’s mission of “stopping breaches” into the public cloud control plane and native cloud resources. CrowdStrike’s CSPM offering will give customers visibility into both the (mis)configuration and compliance of native cloud resources, and potential adversary activity involving those resources. When coupled with Falcon, CrowdStrike’s endpoint security offering, our CSPM offering will provide a more comprehensive perspective on how the adversary is targeting key customer infrastructure.

 

What You’ll Need 

  • Lead backend engineering efforts from rapid prototypes to large-scale applications across CrowdStrike products.
  • Leverage and build cloud based systems to detect targeted attacks and automate cyber threat intelligence production at a global scale.
  • Brainstorm, define, and build collaboratively with members across multiple teams.
  • Obsess about learning, and champion the newest technologies & tricks with others, raising the technical IQ of the team.
  • Be mentored and mentor other developers on web, backend and data storage technologies and our system.
  • Constantly re-evaluate our product to improve architecture, knowledge models, user experience, performance and stability.
  • Be an energetic ‘self-starter’ with the ability to take ownership and be accountable for deliverables.
  • Use and give back to the open source community.

 

You’ll use

  • Go (Golang)
  • AWS/GCP/Azure/Kubernetes
  • Kafka
  • GIT
  • Cassandra
  • ElasticSearch
  • Redis
  • ZMQ

 

Key Qualifications

  • Degree in Computer Science (or commensurate experience in data structures/algorithms/distributed systems).
  • The ability to scale backend systems – sharding, partitioning, scaling horizontally are second nature to you.
  • The desire to ship code and the love of seeing your bits run in production.
  • Deep understanding of distributed systems and scalability challenges.
  • Deep understand multi-threading, concurrency, and parallel processing technologies.
  • Team player skills – we embrace collaborating as a team as much as possible.
  • A thorough understanding of engineering best practices from appropriate testing paradigms to effective peer code reviews and resilient architecture.
  • The ability to thrive in a fast paced, test-driven, collaborative and iterative programming environment.
  • The skills to meet your commitments on time and produce high quality software that is unit tested, code reviewed, and checked in regularly for continuous integration.

 

Bonus points awarded for…

  • Authored and lead successful open source libraries and projects.
  • Contributions to the open source community (GitHub, Stack Overflow, blogging).
  • Existing exposure to Go, Scala, AWS, Cassandra, Kafka, Elasticsearch...
  • Prior experience in the cybersecurity or intelligence fields

 

Bring your experience in distributed technologies and algorithms, your great API and systems design sensibilities, and your passion for writing code that performs at extreme scale. You will help build a platform that scales to millions of events per second and Terabytes of data per day. If you want a job that makes a difference in the world and operates at high scale, you’ve come to the right place.

 

#LI-DK1

#LI-Remote

 

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards
  • Competitive vacation policy
  • Comprehensive health benefits + 401k plan 
  • Paid parental leave, including adoption
  • Flexible work environment
  • Wellness programs
  • Stocked fridges, coffee, soda, and lots of treats
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Teradata

Information Security Analyst

San Diego, CA
SOC / Threat Intel
FULL-TIME
Nov 6
Premier

Considering COVID-19, we are still hiring but conducting virtual interviews to keep our candidates and employees safe. Many roles will be temporarily remote or work from home to comply with current safety regulations. These roles will be required to be in the office once it is safe or restrictions are lifted. Read more on our response here: Teradata Response to COVID-19 

With all the investments made in analytics, it’s time to stop buying into partial solutions that overpromise and underdeliver. It’s time to invest in answers. Only Teradata leverages all of the data, all of the time, so that customers can analyze anything, deploy anywhere, and deliver analytics that matter most to them. And we do it at scale, on-premises, in the Cloud, or anywhere in between.

We call this Pervasive Data Intelligence. It’s the answer to the complexity, cost, and inadequacy of today’s analytics. And it's the way Teradata transforms how businesses work and people live through the power of data throughout the world. Join us and help create the era of Pervasive Data Intelligence.

The Information Security Analyst will be tasked not only with identifying and responding to potential threats, but also proactively hunting and eliminating them. The ideal candidate will have highly technical skills and should possess an understanding across a broad range of security technologies and will take a proactive approach to network intrusions. You should have several years of experience working within a SOC environment and should have hands-on experience in creating and executing cyber hunting missions. The candidate must be a world-class problem-solver with the ability to handle challenges under pressure. This is a global role with responsibility for Teradata security technologies for all business units.

The ideal candidate will have experience and a proven track record of finding and responding to threats found from various tools DLP, SIEM. Security Analytics, Behavior Analysis etc. As a key member of the security team, flexibility and a broad knowledge of security processes, along with strong communication and collaboration skills, will result in a successful candidate.

Key Areas of Responsibility

Direct hands-on expertise in the following areas of information security

  • Threat intelligence/threat hunting
  • SIEM
  • Fireeye, Sourcefire, Snort, Suricata, Kibana
  • Security Analytics
  • Network Security, network access control, network monitoring tools
  • Vulnerability identification, anti-virus, malware detection/analysis
  • Programming Tools Java, Ruby, C/C++, PHP, Perl, Python
  • DLP, encryption, email security, HIDS/NIDS
  • Develop, maintain and report on security operation metrics
  • Participate in the review and analysis of internal projects and external requirements that may have an impact on security
  • Be aware of the IT security requirements for the business and implement measures to satisfy those requirements in the most efficient manner
  • Keep abreast of emerging security technologies and make appropriate recommendations regarding their implementation

Qualifications

  • BS degree in related field preferred. Equivalent experience/certification acceptable.
  • 3+ years of demonstrated experience in information security roles
  • 2+ years managing security technologies
  • Industry certifications such as CISSP, CCSP, CEH, PMP, GCIH, GSEC
  • Extensive Experience in
    • IT security industry trends and direction
    • Network and internet security
    • Emerging technologies
    • IT standards, procedures, policy
    • Information security management
    • Information security technologies

 

  • Excellent analytical, troubleshooting & interpersonal skills
  • Strong verbal and written communication skills
  • Self-motivated and able to work independently
  • Effective communication skills to translate technical risks and exposures to a business perspective - formal reports and/or presentations
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Palo Alto Networks

Intern – Information Security

Santa Clara, CA
SOC / Threat Intel
FULL-TIME
Nov 5
Premier

Our Mission

At Palo Alto Networks® everything starts and ends with our mission: 

Being the cybersecurity partner of choice, protecting our digital way of life. 

We have the vision of a world where each day is safer and more secure than the one before. These aren’t easy goals to accomplish – but we’re not here for easy. We’re here for better. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are. 

Your Career

You will join an Information Security (InfoSec) team that will give you the opportunity to make a global impact. One that protects our way of life in the digital age by preventing successful cyberattacks. A team looking for engineers who are passionate about technology, have an interest in cyber security, and also want to make a positive difference in the world that we live in. The projects our interns are assigned will give real hands-on experience working on securing Palo Alto Networks. The Information Security team’s mission is to protect the company's brand integrity, confidentiality, infrastructure, and assets from internal and external threats. They enable business outcomes everywhere while securing the user, product, infrastructure and data, built on a foundation of threat detection and response.

Our top Technical Internship roles we hire for are :

  • Security Architect

  • DevOps Engineer 

  • Security Operations Center (SOC) Engineer

  • Red Team Engineer

  • Risk & Compliance Analyst

  • Vulnerability Engineer 

Your Impact

  • Collaborate and execute alongside experienced engineers and security professionals.

  • Help us disrupt the cybersecurity industry using the latest and greatest technologies.

  • Write code that meaningfully improves our products and services

  • Learn about the cybersecurity industry from the world's leading security experts.

Your Experience

  • Completing a BS/MS/PhD degree in Computer Science, Computer Engineering or other related STEM field

  • Strong programming skills

  • An understanding of the fundamentals of Computer Science & Computer Security

  • Exemplify strong initiative and ability to work independently with limited direction

  • Ability to work cross functionally with other engineers, researchers and Product Managers

  • Excellent communications skills

The Team

Our Information Security team is at the core of our products and connected directly to the mission of preventing cyberattacks. We are constantly innovating — challenging the way we, and the industry, think about cybersecurity. Our engineers don’t shy away from building products to solve the problems no one has pursued before. 

We define the industry instead of waiting for directions. We need individuals who feel comfortable in ambiguity, excited by the prospect of a challenge, and empowered by the unknown risks facing our everyday lives that are only enabled by a secure digital environment. 

Intern Program

Our global internship program trains the next-generation of cybersecurity talent across a range of specializations, from threat intelligence to information security, engineering, sales, and marketing. The program also features a combination of challenging projects with tangible impact, engaging social events, and networking opportunities. Interns and recent graduates can learn about the network security industry from leading thinkers, grow their professional networks, and be part of a career-defining experience.

The summer internship program features a combination of challenging projects with real impact, engaging social events, and networking opportunities:

  • 12-week program

  • Peers of elite students

  • One-on-one mentoring by industry leaders

  • Exposure to and support from Palo Alto Networks executives

  • Events that pique your intellectual curiosity and inspire new ideas

  • Opportunities to expand your knowledge and work in a fast-paced environment

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
St. Joseph’s Health

Information Security Analyst

Paterson, NJ
SOC / Threat Intel
FULL-TIME
Nov 1
Premier

Overview

St. Joseph’s Health is recognized for the expertise and compassion of its highly skilled and responsive staff. The combined efforts of the organization’s outstanding physicians, superb nurses, and dedicated clinical and professional staff have made us one of the most highly respected healthcare organizations in the state, the largest employer in Passaic County, and one of the nation’s “100 Best Places to Work in Health Care”.

Job Overview
Responsible for assessing security threats and risks involving the security and integrity of data within the St. Joseph Healthcare System. Responsible for the monitoring and analyzing of logs and alerts from a variety of technologies including networks, servers, workstations, firewalls, Intrusion detection and prevention systems (IDS/IPS) virtual private networks (VPNs), encryption, data loss prevention (DLP), and antivirus systems. Responsible for the creation of comprehensive security write-ups which articulate security issues, analysis and remediation techniques, troubleshooting and resolution of security issues.

Qualifications

Work requires the knowledge of theories, principles, and concepts acquired through completion of a Bachelor's degree in Computer Information Systems, Computer Science, MIS, Engineering or closely related field. A minimum of five years experience with desktop, server and/or network administration in a mixed computing environment required.  Two years  of direct information security experience preferred.  CompTIA Network+ Certification, CompTIA Security+ Certification and Microsoft MCP Certification preferred.  Understanding of Information Security concepts and business acumen. Strong working knowledge of Windows Server, Desktop, Active Directory and Exchange.  Experience using  security vulnerability assessment tools and techniques.  Experience of using Malware Remediation Tools.  Solid understanding of operating systems and platforms (Windows, iOS, Unix, Linux).  Experience with Directory Services and LDAP.  Knowledge of network infrastructures including firewalls, VPN's, Intrusion Detection Systems, vulnerability assessment strategies, web application and device security.  Knowledge of the security requirements for HIPAA, HITECH, ISO 27001/27002 and SOX regulations.  Requires analytical skills with the ability to exercise sound judgment, attention to detail and problem resolution.  Must possess strong customer service, communication, organizational & interpersonal skills.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
RiskIQ

Cyber Threat Intelligence Analyst

Remote
SOC / Threat Intel
FULL-TIME
Nov 1
Premier

RiskIQ is the leader in attack surface management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk and take action to protect the business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners and MassMutual Ventures.

We are looking for a Senior Cyber Intelligence Analyst to join our i3 team. This position can be based at our office in Lenexa, KS or remotely. 

The Role
The Incident Investigations and Intelligence (i3) Program within RiskIQ is built to oversee managed services of the External Threats Product workspaces for clients and the Executive Guardian product workspaces for clients. Executive Guardian is designed to protect C-Suite and high net worth individuals from physical threats, exposures of Personally Identifiable Information (PII), and instances of social media account impersonation thereby safeguarding the individual, their reputation, family, and by extension, the company. External Threats protects clients from phishing attacks, domain infringement, mobile app impersonation, social & brand impersonation, and data leakage. The i3 Cyber Intelligence Analyst (SCIA) The i3 Cyber Threat Intelligence Analyst is a mid-level analytic role that will capitalize on an existing technical skillset to build and maintain complex technical logic to identify online threats to customers, manage client threat events, and take the appropriate action to suppress harmful content on the internet in order to protect our customers, their people, and their assets. i3 Cyber Threat Intelligence Analysts will also perform threat attribution research for the purposes of providing customers with finished and actionable intelligence products relevant to the safety and security of their assets and operations. The i3 Cyber Threat Intelligence Analyst is technically proficient, proactive, and is business-minded using both available open source and proprietary data sets to confidently support attribution of virtual threat actors with their actions.

Responsibilities

  • Configuration of technical details in the RiskIQ platform to identify sensitive data on the web for customers, including proprietary data and Personally Identifiable Information (PII)
  • Manage client workspaces to identify and mitigate threats such as phishing, domain infringement, brand infringement, social media impersonations, and mobile app fraudulent activity
  • Effectively conduct cyber investigations around events surfaced in the RiskIQ platform looking for relevant threat actor infrastructure, IOCs, and TTPS
  • Work with i3 colleagues and leadership to design solutions to improve collection within the External Threats and Executive Guardian platforms to improve the client experience
  • Respond to requests for customer support and escalate to Engineering as appropriate
  • Review and appropriately escalate detections based on the urgency of the discovered data/threat
  • Stand up Proofs-of-Concept (POC) workspaces and orchestrate effective and value-driven POCs for customers and prospective customers in support of sales opportunities
  • Monitor the RiskIQ platform and alert/support senior staff to conduct security/threat investigations into threat actors and their activities world-wide, using industry tools and proprietary information
  • Assist in the production of threat analysis for dissemination to consumers on the safety and security of customers, assets and operations, including impact assessment​ ​and mitigation recommendations
  • Identify opportunities to predict and prevent future security issues and/or incidents
  • Collaborate with client security teams digitally, via phone, or at times, in person to constantly improve analytic standards, workflows, and success metrics and develop/improve analytic products as appropriate
  • Collaborate with RiskIQ Legal and Engineering teams to ensure appropriate mitigation of identified risks
  • Work with sensitive and confidential information and maintain highest standards of data protection to ensure client confidentiality
  • Support the production of finished threat analysis for dissemination to consumers on the safety and security of customers, assets and operations, including impact assessment and mitigation recommendations
  • Effectively engage consultatively with customers to design workflows, provide training, and update and brief teams on performance, metrics, and workspace events/intelligence
  • Collaborate with senior i3 team members to constantly improve analytic standards,
  • workflows, and success metrics and develop/improve analytic products as appropriate

Requirements

  • Bachelor's degree required
  • Experience researching and collecting intelligence from within social media, deep web forums, and the dark web
  • Technical proficiency with open source intelligence (OSINT) research tools; familiarity with Regex, JavaScript, SQL, and Python a strong plus
  • Familiarity with Threat Models such as ​MITRE ATT&CK® ​, Diamond Model and Cyber Kill Chain®; Incident Response Investigations experience highly desired
  • Technical skill familiarization in network communications (TCP/IP, OSI Model), malware analysis(communication/installation/behavior) and computer network defense operations
  • Previous experience with anti-phishing and online fraud identification and remediation
  • Strong written and verbal communication skills
  • Ability to effectively interface with and lead communication with customers; previous cybersecurity consulting experience a strong plus
  • Experience managing multiple projects, and the ability to flex quickly as required evolving corporate priorities
  • Ability to work independently and with minimal supervision
  • Basic understanding of investigative analysis, and communicating findings to consumers
  • Approximately 10-25% global travel required
  • Ability to obtain a US Top Secret security clearance
 
 

Why work at RiskIQ?

  • Fascinating work - Welcome to the dark underbelly of the Internet. RiskIQ’s ability to help organizations map and monitor their attack surface, detect internet-scale threats, and investigate adversaries led to skyrocketing adoption by security teams around the world. It is the golden age of internet crime, and we are at the forefront of defensive efforts to stem the tide. Internet security is a global growth industry, and the knowledge you acquire here will be a marketable skill for decades to come.
  • We’re a company on the forefront of a burgeoning industry - RiskIQ experienced explosive growth in 2018, including a 362.5 percent increase in net new product sales due to the steady adoption of attack surface management across the world. We also experienced a 365 percent increase in registration for RiskIQ community, our freemium entry-level product, showing the increasing role of security outside the firewall to the growth of businesses.
  • Top Leadership - Our CEO is a renowned cybersecurity veteran known for his expertise. Our leadership group is poised and experienced with a track record in technology and cybersecurity.
  • Unbounded opportunity - We’re growing! At RiskIQ, you’ll be provided with as much responsibility as you can handle—new career development opportunities constantly arise given our rate of growth.
  • Flexibility - You’ll have a large workload, but also the freedom to accomplish it on your own terms.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Dominion Energy

Associate Cyber Security Analyst

Richmond, VA
SOC / Threat Intel
FULL-TIME
Oct 31
Premier

At Dominion Energy we love our jobs.  That’s right.  Love.  Every day we go to work filled with passion to be excellent, to creatively problem solve and to innovate.  These are exciting days for energy companies, and Dominion Energy aims to shape the future of energy in America. We are looking at all of our work with fresh eyes, retooling everything we do, in every part of the company, to operate more sustainably and to deliver energy more reliably than ever.  We are looking for interesting, independent thinkers and doers who can help shape the culture of a forward-looking company that’s proud of its rich legacy. Are you a change agent?  Do you think differently?  Do you want to fall in love with your job? If you answered “yes,” then read on!

At this time, Dominion Energy cannot transfer nor sponsor a work visa for this position.

This position does not offer relocation assistance. 

Job Summary

Do you have what it takes?


This is not your typical cyber role. A cyber war is underway in the world today, with hostile nations seeking to disrupt and destroy critical infrastructure in the United States, all day, and every day. If you want to be on the front lines up against the best cyber criminals and nation state attackers in the world and prove you are better, then this is the place to be.

For our employees, this is a mission, not a job. We educate the company about cyber threats. We establish the standards for cyber security. We perform assessments to ensure proper protections are in place. We manage vulnerabilities and guide the development of defenses. It takes a high degree of skill and a commitment to that mission to be successful. Do you have what it takes? 


If this description sounds like you, let’s talk!
 

This posting is for two positions that will be filled at the level commensurate with the successful candidates’ education, experience, knowledge, skills and abilities.


Associate Cyber Security Analyst


This entry level cyber security position, under close supervision, performs cyber security and cyber risk work, working closely with the Cyber Security Operations Center (CSOC) and other groups focused on the monitoring, analysis, and investigation of cyber security threats and events, both internal and external, that could potentially impact the security posture of the organization. Facilitates client requests to ensure critical business tasks continue uninterrupted. Performs assessments of cyber security risk and vulnerabilities, maintains security policies, and helps facilitate cyber security awareness throughout the organization. Provides updates and detailed information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. May work with other staff to assess the cyber security risk on the organization's network systems, applications, and solutions based upon user requests and business needs. Applies a basic understanding of IT technologies and develops an evolving knowledge of mitigation options and risk frameworks to assess the current threat landscape and improve security. 
 

Cyber Security Analyst
 

Under broad supervision, this intermediate role performs cyber security and cyber risk work, working closely with the Cyber Security Operations Center (CSOC) and other groups focused on the monitoring, analysis, and investigation of cyber security threats and events, both internal and external, that could potentially impact the security posture of the organization. Coordinates organization cyber security response activities, and maintains situational awareness of the security posture of the enterprise. Performs assessment of cyber security risk and vulnerability analysis, creates and maintains security policies, and facilitates cyber security awareness throughout the organization. Provides updates and detailed information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Evaluates the cyber security risk on the organization's network systems, applications, and solutions based upon user requests and business needs. Applies considerable understanding of IT technologies, evaluation of cyber security risks and attack vectors, and develops an evolving knowledge of mitigation options and risk frameworks to assess the current threat landscape and improve security. Consults with subject matter experts and business representatives, as needed, to provide input on cyber security decisions, the establishment of cyber security policies, and to foster security awareness. 

Required Knowledge, Skills, Abilities & Experience


Associate Cyber Security Analyst

Must possess 0-2 years of work experience in cyber security, or a cyber risk related role demonstrating a basic understanding regarding the identification, gathering and analysis of information, threats, etc. to investigate and mitigate security risks.

Demonstrates a general understanding of cyber security and or data system protection principles and practices. A basic understand of industrial cyber security standards and risk are desired. Demonstrated good organization and planning skills. Demonstrates a questioning attitude, with basic analytical and investigative skills. Demonstrates verbal and written communication skills, with the ability to interact effectively with others. A willingness to learn new skills and methodologies, conduct research, and learn to maintain hardware, software and network firewalls and encryption. Ability to work cooperatively in a teamed environment. Highly motivated, with the ability to work effectively under basic supervision in a fast-paced environment. Previous work experience or exposure to the security aspects governing software, communications, and network protocols is a plus.

Cyber Security Analyst

Three to five years of work experience in cyber security, or a cyber risk related role demonstrating a general knowledge in the identification, gathering and analysis of information, threats, etc. to investigate and mitigate security risks.  (Note:  A Master's degree will count as one year of experience.  A partial year of six months or more will be rounded up to one year)

Demonstrates a working knowledge of cyber security best practices and frameworks. Possesses a solid understanding of industrial cyber security standards, frameworks and risk assess modeling. Demonstrated good organization and planning skills, to include time and project management skills. Demonstrates good analytical, troubleshooting, and problem solving skills, and has a questioning attitude. Demonstrates verbal and written communication skills, with the proven ability to present information to others. Ability to conduct research and apply, and under broad supervision, maintain hardware, software and network firewalls and encryption. Ability to work cooperatively in a teamed environment. Highly motivated, with the ability to work effectively under minimal supervision in a fastpaced environment. Previous work experience in security aspects of multiple platforms, operating systems, software, communications, and network protocols is desired.

Note:  This position requires in office work.  You must be willing to report to Dominion Energy's corporate headquarters in Richmond, Virginia.
 

The company is actively seeking United States military veterans and service members who meet the qualifications outlined below.

  • Military service members and veterans with ranks from E3-E5, W1-W2, or O1-O3, plus appropriate equivalent combination of education and years of experience as outlined above.
Education Requirements

Bachelor Degree or will obtain a Bachelor's degree by December 2020.  Equivalent combination of education and demonstrated related experience may be accepted in lieu of preferred level of education

Preferred Disciplines:  IT Cyber Security or related specialization/track highly desirable

 

Other Preferred Disciplines: Information Systems, Computer Science, Computer Engineering
 

Other disciplines may be substituted for the preferred discipline(s) listed above.

Licenses, Certifications, or Quals Description
 
Working Conditions
Office Work Environment 76 -100%
Travel Up to 25%
Other Working Conditions
 
Test Description

No Testing Required

 

Export Control


Certain positions at Dominion Energy may involve access to information and technology subject to export controls under U.S. law.  Compliance with these export controls may result in Dominion Energy limiting its consideration of certain applicants.

 

Other Information


We offer excellent plans and programs for employees. Employees are rewarded with a competitive salary and comprehensive benefits package which may include: health benefits with coverage for families and domestic partners, vacation, retirement plans, paid holidays, tuition reimbursement, and much more.   To learn more about our benefits, click here dombenefits.com.

Dominion Energy is an equal opportunity employer and is committed to a diverse workforce. Qualified applicants will receive consideration for employment without regard to their protected veteran or disabled status.  

You can experience the excitement of our company – it's the difference between taking a job and starting a career.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
FireEye

Associate Security Consultant - Entry Level

New York, NY
SOC / Threat Intel
FULL-TIME
Oct 23
Premier

 

 

Associate Security Consultant - Entry Level 2021

Company Description

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 9,000 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.

Job Description

Do you love the challenge of figuring out solutions to intricate technology puzzles? 

Do you like to help others solve their network and information security issues? 

If you answered YES, then consider a career at Mandiant as an Associate Consultant! 

We have the expertise and experience in information security. This is our focus.

You’re not just a number and you won’t get lost in the shuffle. 

You will be working on challenging technical projects that make an impact. You’ll be visible.

You’ll be exposed to many different environments and technologies.

You’ll learn from our best incident responders and red teamers.

We investigate breaches that make headlines (and many more that don’t), as well as break into applications and systems to identify security gaps for our clients.  We find evil and solve crime, and are seeking candidates who possess the ability to think like an attacker and stay one step ahead of the game. 

Find your niche among the cool projects you'll be involved with, such as:

  • Incident Response
  • Host and network forensics
  • Network traffic analysis
  • Malware analysis and reverse engineering
  • Penetration testing and Red Team
  • Network, web and mobile application security assessments
  • Source code reviews
  • And more...

Responsibilities:

  • Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations
  • Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
  • Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments and social engineering assessment
  • Build internal scripts, tools and methodologies to enhance our capabilities
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Work with security and IT operations at clients to implement remediation plans

Qualifications

Requirements:

  • Technical skills in at least two of the following areas: 
    • Strong knowledge of Windows OS and networking protocols
    • Basic knowledge of tools used for forensic collection and analysis
    • Knowledge of application testing and network security concepts
    • Experience with programming/scripting languages such as Python
  • A technical security-related internship or other professional experience
  • Must be able to travel 20-30%
  • Must be eligible to work in the US without sponsorship

Additional Qualifications:

  • Strong technical acumen and ability to quickly assimilate new information
  • Ability to successfully interface with clients (internal and external) and manage expectations of others
  • Ability to document and explain technical details in a concise, understandable manner

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. Requests for accommodation due to disability can be sent directly to HR-Accommodations@FireEye.com.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Blackbaud

Red Team Security Engineer

New York, NY
SOC / Threat Intel
FULL-TIME
Oct 23
Premier

The NYC Red Team Security Engineer reports to the Senior Manager of Information Security and is responsible for testing and validating all facets of information security controls including networks, servers and web applications. The Red Team Security Engineer carries out attacks and perform security assessments to uncover vulnerable areas of systems and applications and to test defensive security measures using common as well as unique methods and practices.

What You’ll Do

  • Participate in Red/Blue Team exercises on a periodic basis so that management can assess effectiveness of security controls.
  • Conduct penetration testing for the red team which includes network, system, application, mobile, traditional web and wireless penetration testing.
  • Writing exploit code for local testing.
  • Perform thorough penetration testing that includes the identification, reporting, and recommendations for security vulnerabilities while adhering to management driven scope and deadlines.
  • Identify, prove, and report vulnerabilities that cannot be identified by scanners or tools
  • Develop, extend, or modify exploits, shellcode or exploit tools.
  • Develop applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE).
  • Reverse engineering malware, data obfuscators, or ciphers.
  • Source code review for control flow and security flaws.
  • Develop attack vectors, conduct reconnaissance, collect Open-source intelligence, enumeration, and foot printing of target networks and services, and develop exploit payloads and system backdoors.
  • Simulate malicious tactics of a motivated adversary with the intent of achieving a specific goal or access.
  • Develop on-going Technology Risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
  • Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise.
  • Obtain threat intelligence from white hat sources and stay up to date on the latest exploits and security trends
  • Advise Incident Response on defensive and monitoring process design.
  • Deliver clear and coherent written reporting and remediation guidance.

What We’ll Want You To Have

  • College degree in Computer Information Systems, Computer Science, Information Systems Management, or equivalent professional experience.
  • 5+ years (in excess of degree requirements stated above) of experience with technical Cyber Security and 3+ years with Red Team or penetration testing experience.
  • Demonstrates broad subject matter expertise of web, network, and system security.
  • Certification in highly technical information security disciplines such as: CISM, CISSP, CCSP, CCNP, CCDE, CCIE Security, GIAC, CEH, GPEN, GWAPT, GXPN or OSCP certification(s)
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Palo Alto Networks

Security Systems Engineer - Intern

Santa Clara, CA
SOC / Threat Intel
INTERN
Sep 28
Premier

Your Career

As a Systems Engineer Intern, you will quickly ramp on Palo Alto Networks technology and will be assigned to multiple SEs. You will work together to complete critical work that supports customers in the pre-sales process. In this role, you will also work with sales on customer engagements and establish relationships with customers with the goal of helping them detect and prevent advanced cyberattacks and breaches. 

Upon completion of your summer internship, you will be required to do a final presentation on your contribution to getting a successful technical sell  (i.e. collect customer environment information, heat map, POC deployment, success criteria definition, recommended architecture/solution, and much more). 

Our global internship program trains the next generation of cybersecurity talent across a range of specializations, from threat intelligence to information security, engineering, and marketing. Interns and recent graduates can learn about the network security industry from leading thinkers, grow their professional networks, and be part of a career-defining experience.

Our Summer Internship Program from May-August or June-September provides you: 

  • 1:1 mentorship

  • Fun and engaging events that inspire your intellectual curiosity

  • The opportunity to expand your knowledge and work on challenging projects

  • Connections to other recent grads, and employees across the company as well as our leaders

Your Impact

  • Establish yourself as a trusted team member to SE leadership and colleagues and contribute to sales wins throughout the program 

  • Architect and propose solutions which address the identified cybersecurity problems in each customer’s unique environment 

  • Ensure ongoing customer happiness, support, and adoption of cybersecurity solutions

  • Act as the customer advocate for any issues that require technical assistance and follow up with the customer until the issue is resolved 

  • Continuous self-improvement and learning to maintain technical leadership of applicable technologies (data center, SDN, public cloud, security, networking, etc.) 

Your Experience

  • BS in Computer Science, technical cybersecurity or networking program

  • Experience with systems installation, UNIX/Linux, and Windows-based systems 

  • Experience with cloud networking services such as AWS, Azure, GCP is a plus – not required.

  • Understand and effectively present complex technical concepts to technical and non-technical audiences 

  • Strong analytical skills to evaluate complex problems and a systematic approach to create solutions

  • Mature and effective time-management skills

  • Knowledge and desire to learn of modern network threats and malware, network forensics, automation tools and technologies, and endpoint security technologies

Requirements – To apply, you must be pursuing a 4-year Undergraduate Degree with a GPA of 3.0 or above, a 2-year Master’s Degree or a Doctorate degree and returning to school in the fall. You must have the authorization to work within the United States.

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Varonis

Security Analyst

New York, NY
SOC / Threat Intel
FULL-TIME
Sep 7
Premier

Summary

The Varonis Security Analyst will develop solutions for customers and prospects to assist in gaining visibility into security events affecting their environment. They will have intimate knowledge of Varonis products and knowledge of other Security products, specifically SIEM products.  They will develop expertise in security domains to build new/develop existing integrations.  They will analyze and respond to threats, report on their impact, develop remediation capabilities, and educate both customers and employees. 

 

Responsibilities

  • Consult with customers to ensure that Varonis products are a major component in their Security Operations Center and Incident Response Methodologies.
  • Simultaneously drive revenue growth and the maturity of customer security programs
  • Integrate Varonis products with SIEM technologies.
  • Analyze both Varonis metadata streams and streams from other product for use in incident response.
  • Develop Security expertise in at least one domain (Network, Host, Windows, Cloud, Mobile, etc.)

 

Qualifications

  • 1+ Years of working with Varonis
  • Experience with SIEM tools performing deployment, configuration, and maintaining operations, content development.
  • Experience with security tool administration (e.g. firewalls, IDS, end-point protection, content filtering, IAM, DLP).
  • Experience with operational information security disciplines (e.g. incident response, security infrastructure management or monitoring services).
  • Proven experience in Cyber Security Operations (Monitoring, Detection, Incident Response, Forensics).
  • Experience with a diverse range of customers including financial, manufacturing, chemical, healthcare, and state and local government.
  • Proven success in contributing to a team-oriented environment.
  • Proven ability to work creatively and analytically in a problem-solving environment.
  • Excellent communication (written and oral) and interpersonal skills.

Requirements

  • Proven success in contributing to a team-oriented environment.
  • Sales oriented.
  • Proven ability to work creatively and analytically in a problem-solving environment.
  • Excellent communication (written and oral) and interpersonal skills.
  • Demonstrated leadership in professional setting; e
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Gieco

Cybersecurity Intern - Summer

Chevy Chase, MD
SOC / Threat Intel
INTERN
Sep 2
Premier

 During your paid 10-week internship, you will:

  • Have the unique opportunity to utilize your skills through individual assignments and team projects
  • Work on systems that defend GEICO, attend meetings, and give presentations to senior management
  • Receive mentoring and coaching from members of Cybersecurity management
  • Interact with associates at all levels of our cybersecurity organization-even our CISO!
  • Develop your technical, project management, communication, and leadership skills

GEICO's Cybersecurity teams have positioned our company as a leader amongst its peers in the Cybersecurity space.  Being a summer intern at GEICO has the potential to lead to a full-time IT career upon graduation.

 

Check out this video to see what it's like: GEICO’s IT Internship.

 

Required Candidate Qualifications

  • Currently pursuing a Bachelor's degree in Information Security, Cybersecurity, Computer Science, Computer Engineering, Business Information Technology, Information Systems, or a related major
  • Current junior or senior status (i.e., class of December 2020 or May 2021)
  • GPA of at least a 3.0 both overall and in major
  • Coursework or related work/internship experience using various Cybersecurity technologies.  Experience with programming and scripting languages like Python, Bash, Java, .NET, or C# technologies with well-rounded experiences outside of the classroom
  • Strong analytical, problem-solving, and communication skills
  • Preferred candidates will have demonstrated leadership potential
  • Ability to live and work in the Washington DC area

 

About GEICO 
 
For more than 75 years, GEICO has stood out from the rest of the insurance industry! We are one of the nation's largest and fastest-growing auto insurers thanks to our low rates, outstanding service and clever marketing. We're an industry leader employing thousands of dedicated and hard-working associates. As a wholly owned subsidiary of Berkshire Hathaway, we offer associates training and career advancement in a financially stable and rewarding workplace.

Our associates' quality of life is important to us. Full-time GEICO associates are offered a comprehensive Total Rewards Program*, including:

  • 401(k) and profit-sharing plans
  • Medical, dental, vision and life insurance
  • Paid vacation, holidays and leave programs
  • Tuition reimbursement
  • Associate assistance program
  • Flexible spending accounts
  • Business casual dress
  • Fitness and dining facilities (at most locations)
  • Associate clubs and sports teams
  • Volunteer opportunities
  • GEICO Federal Credit Union

* Benefit offerings for positions other than full-time may vary.

GEICO is an equal opportunity employer. GEICO conducts drug screens and background checks on applicants who accept employment offers.
 
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Home Depot

Cybersecurity Intern

Atlanta, GA
SOC / Threat Intel
INTERN
Sep 1
Premier

The goal of this 12-week summer internship program is to recruit and attract top talent to The Home Depot in order to provide a best-in-class experience for students of our company, our business and our culture. Our goal at the end of the internship is to extend full-time offers to top-performing interns upon receiving undergraduate and post-graduate degrees.

As part of the 12-week summer internship program, interns will have the opportunity to work on value-add business projects, have assigned managers, teams and mentors, learn from the executive leadership team during mentoring sessions, present to leadership on their project, gain exposure to the in-store environment, tour distribution facilities, and network with other Home Depot interns and associates through various social and business networking events.  

MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUNTABILITIES

  • Use strategic thinking to approach problems and create solutions
  • Responsible for the accuracy and quality of work performed
  • Develop and implement project plans; determine requirements, deliverables, resources, timing/milestones, and risks
  • Communicate findings and project status clearly and professionally through presentations
  • Make recommendations to upper management
  • Provide comprehensive report out to senior leaders on assignments and other related projects
  • Partner cross-functionally to achieve goals


NATURE AND SCOPE

  • Typically reports to Manager or Sr. Manager in the Home Depot PRO Organization
  • No direct responsibility for supervising others.

ENVIRONMENTAL JOB REQUIREMENTS
ENVIRONMENT: 
Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.
TRAVEL: 
Typically requires overnight travel less than 10% of the time.

MINIMUM QUALIFICATIONS

  • Must be eighteen years of age or older.
  • Must be legally permitted to work in the United States.

EDUCATION REQUIRED:
The knowledge, skills and abilities typically acquired through the completion of a high school diploma and/or GED.

YEARS OF RELEVANT WORK EXPERIENCE: 0 years

PHYSICAL REQUIREMENTS:
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.

PREFERRED QUALIFICATIONS:

  • Strong analytical skills
  • Process/detail oriented
  • Excellent communication skills (written and verbal)
  • Time Management
  • Planning, organization
  • Ability to multi-task and prioritize in a fast paced environment
  • Proven leadership abilities
  • Currently pursuing a Bachelor’s degree in Cybersecurity, Engineering, Management Information Systems

KNOWLEDGE, SKILLS, ABILITIES AND COMPETENCIES:

  • Ability to communicate issues and recommend solutions in a timely manner.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
IBM

Cyber Security Apprentice, NYC

New York, NY
SOC / Threat Intel
FULL-TIME
Aug 29
Premier

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Cyber Security Apprentice, you will be an advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest-growing enterprise security business in the world.


Your Role and Responsibilities
What is an Apprenticeship?
IBM Apprenticeship Program is an official registered apprenticeship recognized by the Department of Labor (DOL). Every graduate of a Registered Apprenticeship program receives a nationally-recognized credential from the DOL.

During the apprenticeship duration, you will be required to complete specific learning hours and on the job training that has been outlined to ensure you are developing the skills and competencies essential to the role. You will be able to learn and grow at your own pace, but we expect most apprentices will complete their learning within 12 months. Once you graduate and receive your certificate from our apprentice program, you will be eligible to apply to available full-time roles at IBM.

Who you are
An apprenticeship is about learning. We’re seeking candidates who have the following requirements, but we know you’re just getting your career started, and we’re committed to helping you learn and grow. If you’ve had some experience with data analysis or simply working in a team oriented environment in the past, you’re exactly the type of candidate we’re looking for.

To be successful, you need:

  • Drive and eagerness to learn
  • Ability to work independently, and in an efficient and organized manner
  • Ability to work collaboratively as part of a team
  • Strong verbal communication skills
  • Attention to detail
  • Strong troubleshooting
  • Knowledge or some experience in any one of the following:
    • Operating Systems like Windows, Linux
    • General networking and infrastructure fundamentals
    • Cyber security fundamentals
    • Perl, PHP, Python and/or other scripting languages
    • Ability to obtain and maintain a DoD Secret Clearance

What’s the experience?
As an apprentice, you'll join with other apprentices in a local cohort. You'll go through your first few weeks together, learning about IBM and the skills you'll be attaining throughout your apprenticeship. Then, you'll work with your managers and mentors to progress through your personal skills roadmap, learning and demonstrating new knowledge and competencies through hands-on application with your project teams.

No relocation is available for this position.


Required Technical and Professional Expertise

 
  • Willingness to complete the requirements of the apprenticeship program
  • Some knowledge or experience with any of the following:
    • Operating Systems like Windows, Linux
    • General networking and infrastructure fundamentals
    • Perl, PHP, Python and/or other scripting languages
    • Cyber security fundamentals
    • Ability to obtain and maintain a DoD Secret Clearance

Preferred Technical and Professional Expertise

  • Successful completion of an IBM Pre-Apprenticeship Program and/or approved equivalent prior to start date
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
EY

Cyber Threat Intelligence Analyst

New York, NY
SOC / Threat Intel
FULL-TIME
Aug 25
Premier
The opportunity
 As a CTI analyst in the Cyber Threat Intelligence team in Cyber Defense, the candidate will identify, research, and report on emerging threats to EY to strategically shape and guide the approach the firm takes to protect its people and assets.  The position offers a unique opportunity to inform and influence leadership with creative, thought provoking approaches to detect and defeat complex threats facing the firm. This position requires a balance of traditional analytical skills and developing technical skills to encourage the greatest potential for success for the candidate and the team.
 
Your key responsibilities
This role will be responsible for providing analytic expertise and critical feedback on team reporting to assure proper analytical tradecraft is applied. The analyst will conduct independent collection, analysis, and production of finished Cyber Threat Intelligence in support of EY Cyber Defense, EY Technology, and additional lines of business.  CTI analysts maintain awareness of the global threat landscape to influence a strong EY security posture.  The CTI analyst will review open source, third-party, and proprietary threat information and enrich it with contextual analysis that will result in finished strategic intelligence.  Significant time will be spent conducting strategic, predictive analysis around emerging trends and threat actor developments to aid senior decision makers.
 
Skills and attributes for success
  • Strong technical writing skills
  • Extensive experience with analytical tradecraft
  • Thorough understanding of cybersecurity principles
  • High degree of proficiency with Microsoft Excel and PowerBI
  • Expert use of estimative language
  • Attention to detail
  • Proofreading skills
  • Critical thinking skills 
To qualify for the role you must have
  • 7+ years of intelligence community experience collecting, analysing, proofing, and/or producing intelligence OR
  • 5+ years producing written products in a security related discipline.
  • A background in international relations with an emphasis in global economics.
  • Extensive experience conveying complex information in simple, succinct explanations.
  • Proven experience reviewing large data sets such as Intelligence Information Report repositories and enterprise-wide metrics to derive analytical conclusions.
  • A thorough understanding of the intelligence lifecycle.
  • An expert understanding of analytical bias.
  • An interest in conducting detailed trend analysis. 
Ideally, you’ll also have
  • Experience in Cyber Threat Intelligence.
  • Experience in Information Security.
  • Experience as a Reports Officer, Intelligence Officer, or Intelligence Analyst.
  • Exposure and understanding of the Diamond Threat Model. 
What we look for

We are looking for an experienced, self-driven analyst that can operate independently and improve the team as a whole.  The ideal candidate will seek to improve others while continuously learning and identifying ways to strengthen the team’s analytical tradecraft and advance our Cyber Threat Intelligence Program.

 
What working at EY offers
We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer: 
  • Support, coaching and feedback from some of the most engaging colleagues around.
  • Opportunities to develop new skills and progress your career.
  • The freedom and flexibility to handle your role in a way that’s right for you. 
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
FireEye

Information Security Consultant

Remote
SOC / Threat Intel
FULL-TIME
Aug 24
Premier
Company DescriptionFireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 9,000 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.

Job Description

FireEye is seeking a Senior Information Security Consultant to join our Mandiant Consulting team .  As part of the Mandiant Security Consulting Services team, you will ensures the long-term success of our clients by providing specialized security monitoring, threat intelligence, and incident management consulting expertise. We are looking for motivated and experienced consultants with great customer service skills to help customers assess, design, and build their own advanced threat detection capability and help to continually improve our own program methodology. The successful candidate will possess strong consulting skills, be adept in leading multiple projects under tight deadlines, and possess in-depth experience in security event monitoring, cyber threat intelligence, and/or computer incident response.

What You Will Do:

  • Provide guidance on building and/or maturing information security programs, detecting and responding to computer security incidents, and implementation of tools and technologies used for enterprise security
  • Evaluate client needs, coordinate design for a solution, and clearly communicate the value proposition of complex and highly technical subjects
  • Implement and/or assess existing security controls
  • Provide expert level knowledge of tools and technologies used for enterprise security
  • Interface with clients to address concerns, issues or escalations; track and drive to closure any issues that impact the service and its value to clients
  • Provide expert in-depth knowledge in collecting, analyzing, and escalating security events; responding to computer security incidents, and/or collecting, analyzing, and disseminating cyber threat intelligence
  • Quickly master, simplify, and communicate the value proposition of complex subjects to clients
  • Use formal project management skills in planning, tracking, and reporting on project progress
  • Codify customer needs across accounts and use them to drive FireEye Mandiant Strategic Solutions methodology

Qualifications

  • Experience with the critical tools used in security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations. 
  • Thorough understanding of cyber security operations, event monitoring, and SIEM tools
  • Fundamental understanding of network protocols
  • Familiarity with Unix and Windows operating systems and administrative tools
  • Understanding of security controls for common platforms and devices, including Windows, Unix, Linux, and network equipment
  • Minimum of three years of experience in information security
  • Must be eligible to work in the US without sponsorship
Additional Qualifications:
  • Ability to travel up to 50%
  • Provide expert level knowledge of tools and technologies used for enterprise security
  • Proven ability and understanding of the components that comprise a successful information security program
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Realogy

Remote Threat Analyst

Remote
SOC / Threat Intel
FULL-TIME
Aug 24
Premier
Position Summary:

We are currently seeking an Analyst, Threat & Vulnerability Management. This position will report to the Manager, Threat & Vulnerability Management of Realogy’s Cyber Security & Incident Response Team.
 
 
The Analyst, Threat & Vulnerability Management will ensure that vulnerabilities are properly and timely identified with the goal of keeping Realogy’s infrastructure secure. This includes monitoring Vulnerability Management processes for performance, coordinating scanning schedules, risk acceptances, and serving as an administrator of the Vulnerability Management tool.
 
 
Responsibilities: 
  • Understands and advises on enterprise policies and technical standards with specific regard to vulnerability management and secure configuration.
  • Able to successfully partner with other security and IT infrastructure professionals to assess potential impact from vulnerabilities specific to Realogy’s environment and determine appropriate mitigating controls.
  • Using a risk based approach, analyze Realogy’s vulnerability data against open / closed information sources to best prioritize vulnerability hygiene activities.
  • Identify and recommend appropriate measures to manage and remediate vulnerabilities with the focus on reducing potential impacts on information resources to a an acceptable level based upon Realogy’s policies and standards.
  • Understands basic network terminology and common protocols.
  • Assist the team with Application and Penetration Testing coordination.
  • Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner; across traditional infrastructure and in cloud environments.
  • Ability to fully understand business requirements and work with business partners to define appropriate solutions; meeting both security mandates and business needs.
  • Review and/or escalate exception requests submitted to the TVM team.
  • Develop and improve KPIs, metrics, and trend analysis for vulnerability management functions.
  • Assist the team to maintain appropriate documentation that defines the Threat & Vulnerability Management Program, policies, and procedures.
 
 
 
Qualifications:
  • B.S. in Computer Science or equivalent field.
  • CISSP, GCTI, or similar industry certification.
  • 3-5 years of experience in Vulnerability Management or related field.
  • Strong knowledge of Qualys, including configuration and maintenance, scan execution, cloud agent deployment and oversight.
  • Detailed knowledge of the Vulnerability Management process including vulnerability identification, false negative/positives identification & elimination.
  • Knowledge of industry standards relating to Vulnerability Management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and Open Web Application Security Project (OWASP).
  • Basic knowledge of Security Standards/Controls specified under various IT governance and compliance models (NIST, HIPAA, PCI, GDPR, ISO 27001&27002).
  • Knowledge of technology and security topics including operating systems, network security, protocols, application security, infrastructure hardening and security baselines.
  • Knowledge of Cloud technologies such as AWS and Azure a plus.
  • Previous experience working in large scale environments with diverse technologies is a plus.
  • Knowledge of applicable scripting languages desired.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
VMware

Entry-Level Security Solutions Engineer

Waltham, MA
SOC / Threat Intel
FULL-TIME
Aug 24
Premier

As part of a highly collaborative sales team, the Solutions Engineer works closely with sales, marketing, and product management to demonstrate product capability, inspire confidence, and effectively communicate the power of Carbon Black solutions. A majority of time will be spent delivering product demonstrations to remote prospective clients to illustrate how Carbon Black’s solutions provide direct value to their business and technical requirements.

What You’ll Do
Evangelize and demonstrate Carbon Black's products via presentations and product demos
Involvement in prospect evaluation process
Build and maintain prospect and partner relationships
Ensure a smooth and successful transition (externally and internally) from sales process to service delivery
Assist in developing and evolving standard methodologies for Sales Engineering activities
Provide product feature input to product management
Apprise Sales Engineering management of overall health of prospects (technical, organizational, operational and sponsorship)

What You’ll Bring
Technical degree from four year college (or equivalent)
Entry-level (0- 2 years of experience) with technical experience gained through recent Security-related employment, classwork, or internships
Ability to influence cross-functional teams without formal authority
Ability to present to technical audiences and be able to gracefully handle objections
Ability to effectively and quickly assess client/prospect needs
Dedication to quality work, attention to detail and sense of urgency and ownership of work deliverables
Experience with endpoint and server security
Experience with Windows 2000, XP,7, 8, 2003/2008/2012 application server and supporting technologies/products
Knowledge of Microsoft Windows configuration and management
Shown technical track record with securing Windows, Linux, and Mac operating systems

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
BlueVoyant

Remote SOC Tech Advisor

Remote
SOC / Threat Intel
FULL-TIME
Aug 22
Premier

BlueVoyant is looking for a Security Operations Center (SOC) Technical Advisor / Security Engineer to help our global customers manage their IT security utilizing Microsoft solutions. You will be part of a fast-paced team that helps customers to reduce the impact of security incidents and ensures that critical business operations continue unhindered. This position is fully remote.

 

Key Responsibilities

•    Provide security and technical leadership to the SOC team and provide senior support to help respond and remediate security incidents utilizing BlueVoyant toolset.
•    Provide the SOC with realistic scenarios and simulations for the purpose of advanced training, understanding, and practice, in the following areas:
o    Red vs blue scenarios
o    Purple teaming concepts
o    Tools / capabilities exploration
•    Contribute to technical strategy, draft requirements for product and engineering teams for SOC specific toolset needs.
•    Contribute to technical strategy and technical thought leadership
•    Delivery of functional value resulting from the research in the form of queries, signatures, rules, and contextual information (knowledge base articles)
•    Serve as a technical liaison on behalf of the SOC for matters involving other BlueVoyant teams
•    Provide (and coordinate) the SOC with deep technical and low-level training
•    Serve as a Technical SOC SME in support to customers (customer facing) and support to sales and marketing
•    Provide technical leadership to the SOC, as well as to BlueVoyant leadership
•    Lead technically challenging projects with complex technology stacks across multiple modalities
•    Supplemental in-depth research of exploits and vulnerabilities which have a high likelihood of occurring within BlueVoyant customer environments
•    Serve as an active participant within the security community for the purpose of capturing bleeding edge research around exploits, vulnerabilities, and operations
•    Provide technical feedback on the needs of the SOC and technical thought leadership
•    Participate in the response, investigation, and resolution of security incidents
•    Create knowledge base articles for handling medium and high severity incidents
•    Assist in the advancement of security policies, procedures, and automation
•    Develop incident response reporting and policy updates as needed
•    Serve as the technical escalation point and mentor for lower-level analysts and SOC team members
•    Regularly communicate with customer IT teams to inform them of issues, help them remediate, and ensure that they continue to operate business as usual
•    Assist with advancing security standard operating procedures and incident response reporting.

 

Qualifications

•    Excellent teamwork skills
•    Hands-on experience with Microsoft Azure Sentinel, Defender ATP, O365 ATP, and other Microsoft security suites.
•    Hands-on experience with Microsoft Azure Sentinel, Microsoft Threat Protection suite of security solutions (Defender ATP, Azure ATP, Office 365 ATP, Microsoft Cloud Application Security), Azure Active Directory, Azure Security Center, Azure Log Analytics, and M365 suite of solutions.
•    Hands-on experience for the following:
o    Configure data digestion types and connectors
o    Analytic design and configuration of the events and logs being digested
o    Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events
o    Create incident categorization and threat management plan
o    Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks
o    Support ongoing development and troubleshooting of Azure Sentinel
o    Advise and develop Azure Sentinel adoption migration roadmap for clients
o    Ability to advise customers on the Microsoft Cloud Security capabilities across the Azure platform.
o    Kusto Query Language (KQL).
•    Strong experience with scripting languages (Python, PowerShell, others)
•    Familiarity with other high level languages (C, C++, Go, Java, other)
•    Strong experience with digital forensic analysis (host, network, other) and blue team operations
•    A thorough understanding of purple team operations and the ability to conceptually apply this in an advanced manner
•    Advanced knowledge and understanding of network protocols and devices.
•    Advanced experience with Mac OS, Windows, and Unix systems.
•    Ability to analyze event logs and recognize signs of cyber intrusions/attacks
•    Ability to handle high pressure situations in a productive and professional manner.
•    Ability to work directly with customers to understand requirements for and feedback on security services
•    Advanced written and verbal communication skills and the ability to present complex technical topics in clear and easy-to-understand language
•    Strong teamwork and interpersonal skills, including the ability to work effectively with a globally distributed team
•    Skilled in the creation of signatures for security tools
•    Familiarity with tools such as Wireshark, TCP Dump, Security Onion, and Splunk
•    Strong knowledge of the following:
o    SIEM
o    Packet Analysis
o    SSL Decryption
o    Malware Detection
o    HIDS/NIDS
o    Network Monitoring Tools
o    Case Management System
o    Knowledge Base
o    Web Security Gateway
o    Email Security
o    Data Loss Prevention
o    Anti-Virus
o    Network Access Control
o    Encryption
o    Vulnerability Identification

Preferred Qualifications

•    Experience in network/host vulnerability analysis, intrusion analysis, digital forensics, penetration testing, or related areas
•    10+ years of experience in information technology or information security, 4 of which were spent dealing directly with Security Operations or in a Security Operations Center (SOC)
•    Microsoft 365 Certified: Security Administrator Associate and GCFA, GCFE, or OSCP required. Certifications (2 or more of): OSCE, GCFA, GCFE, GNFA, GREM preferred
•    Familiarity with tools such as IDA Pro, PEiD, PEview, Procmon, Snort, Bro, Kali Linux, Metasploit, NMAP, and Nessus
•    Familiarity with Azure, AWS, and GCP cloud environments.

Education

•    Minimum bachelor’s degree in Information Security, Computer Science, or other IT-related field. Master’s degree in cyber security, computer science, information assurance, or similarly technical degree preferred. Exceptional candidates with proven experience in security/network operations will also be considered.

About BlueVoyant

BlueVoyant combines world-class cyber defense talent with unique threat intelligence data to provide real-time, external, threat-monitoring services and comprehensive Managed Security Services. BlueVoyant’s distinctive Managed Security Service combines advanced endpoint protection, network monitoring, and remote remediation. In addition, BlueVoyant’s Managed Security Service are closely linked to its uniquely comprehensive and actionable real-time Threat Intelligence data, which combines internet traffic, Dark Web intelligence, and host-based threat data.

By working with BlueVoyant, companies can gain unique and far-reaching visibility into malicious activity on their networks, in the dark web and across the internet, as well as real-time, automatable remediation services. Through our unique real-time external threat monitoring, predictive human and machine-sourced intelligence, and proactive managed security and incident response, BlueVoyant offers the private sector exceptional cyber defense capabilities.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
HP

Cybersecurity Intern

Spring, TX
SOC / Threat Intel
INTERN
Aug 20
Premier

HPinvents. We never stand still. We look for new things to do, and new ways to do things we've done before. Cybersecurity enables HP's businesses by optimizing the balance between business priorities and effective security posture to support HP's position as industry leader. Excellence is the minimum standard acceptable. Job Description/Responsibilities This opportunity will entail the exploration and deployment of appropriate automation within Cybersecurity GRC process and tool sets, potentially including scripting/programming, utilization of API's, RPA. and other technologies. Also included is contribution to structured data management and analytics. Exploration of other areas of Cybersecurity will also be considered. Through this assignment the successful candidate will gain exposure and contribute to key elements of a successful cyber security program. Education and Experience Required: • Pursing a Bachelor's (undergraduate) degree or Masters (graduate) degree in Computer Science, Information Systems, Electrical Engineering, or equivalent experience • Good communication and collaboration skills • Strong technical abilities with some experience in application development • Ability to quickly adapt to new technology and apply learnings • Possess creative ability, consulting skills, leadership qualities, credibility, and self-confidence

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Optiv

Cyber Security Compliance Analyst

Denver, CO
Risk & Compliance
FULL-TIME
Nov 6
Premier

Company Description

At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest growing companies in a truly essential industry.

In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients, and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.

Job Description

Optiv is the leading security solutions integrator creating confidence for a more connected world. Optiv’s corporate security team is tasked with protecting company resources and client data in a dynamic industry with expanding threats. To meet the challenging needs of Optiv’s growing business, the corporate security team is expanding their information security governance and compliance program. The security compliance analyst will report directly to the Director of Governance and Compliance. This position is responsible for assisting with the collection and analysis of key performance metrics, conducting internal audits and assessments, assisting with third-party assessments and internal risk management reviews to help ensure the confidentiality, integrity, and availability of Optiv data and systems.  The security compliance analyst must possess strong analytical skills, research capabilities, and an attention to detail to ensure Optiv can efficiently and effectively handle its compliance requirements. This position is highly business-facing, with frequent collaboration and interaction with all Optiv business units.

PRIMARY DUTIES AND RESPONSIBILITIES

  • Participate in all phases of internal and external assessments and audits.
  • Respond to client third-party assessment requests to facilitate business transactions and maintain strategic business relationships.
  • Positively interact with multiple internal Optiv business units to develop standardized assessment responses for external clients.
  • Perform compliance assessments to determine if business systems are aligned with regulatory requirements, industry standards, best practices and all corporate information security policy, procedures, and standards.
  • Actively review, test, analyze and report on the effectiveness and state of all required controls.
  • Monitor and report on the status of compliance activities and remediation efforts escalating potentially risky situations as needed.
  • Provide recommendations to improve the effectiveness and efficiency of our risk-based audit program to ensure that it is repeatable, sustainable and cost effective.
  • Establish ongoing relationships with business managers and key functional stakeholders.
  • Stay informed of new compliance regulations, assist in the assessment of the impact to the organization, and collaborate to ensure compliance.
  • Share experience, knowledge, and ideas with management and co-workers to maintain a kind and respectful team-based environment.
  • Promote a corporate culture that is committed to Governance, Risk, and Compliance and information security best practices.

SUPERVISORY RESPONSIBILITIES

Will not have direct reports

Qualifications

Education and Experience

  • An undergraduate degree preferably in IT or STEM discipline.
  • Proficient working with a variety of technology platforms (Microsoft, Apple) and common business applications such as MS Office, Teams, Zoom and so forth.
  • Excellent interpersonal, verbal and written communication, presentation, and problem-solving skills.
  • Passionate about security, client satisfaction and process improvement.
  • Ability to balance being flexible and collaborative with following the rules.
  • Able to work with minimal supervision, take initiative and follow through on assignments.
  • Capable of working multiple tasks of varying priorities while maintaining tight deadlines.

Desired Qualifications:

  • A cybersecurity degree or graduate degree.
  • An additional 1-3 years of related work experience.
  • Any cybersecurity related certification such as A+, CISSP, CISA, SANS-GSEC or so forth.
  • Good understanding of security governance, compliance, and risk management principles.
  • Possesses and demonstrates a strong understanding of controls assessment techniques.
  • Solid business acumen and judgment to evaluate issues/problems of high complexity.
  • Able to function independently and perform routine task such as:
    • Facilitate meetings, organize conference calls, deliver presentations and so forth
  • Familiarity with common standards, frameworks and regulations such as:
    • NIST, ISO, COBIT, SIG, CCM, SOC-2, FAIR, HITRUST, PCI, GDPR.
  • Ability to travel (minimal travel anticipated).

#LI-CP1

Additional Information

Why you'll love it here:

If you are seeking a culture that supports growth, fosters success and moves the industry forward, find your place at Optiv! As a market-leading provider of cyber security solutions, Optiv has the most comprehensive ecosystem of security products and partners to deliver unparalleled services. Our rich and successful history with our clients is based on trust, serving more than 12,000 clients of varying sizes and industries, including commercial, government and education. We have the proven expertise to plan, build, and run successful security programs across Risk Management, Cyber Digital Transformation, Threat Management, Security Operations ? Managed Services and Identity and Data Management. Optiv remains committed to championing Diversity, Equality and Inclusion within our organization and throughout the industry.

With Optiv you can expect:

• Work/life balance. We offer "Recharge", a flexible, time-off program that encourages eligible employees to take the time they need to recharge

• Professional training resources, including tuition reimbursement

• Creative problem-solving and the ability to tackle unique, complex projects

• Volunteer Opportunities. "Optiv Chips In" encourages employees to volunteer and engage with their teams and communities.

• The ability and technology necessary to productively work remote/from home (where applicable).

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
JPMorgan Chase

Cyber Risk Associate

Plano, TX
Risk & Compliance
FULL-TIME
Nov 2
Premier

Technology & Cybersecurity Operational Risk Management – Cybersecurity Engineer - Associate

 

The Cybersecurity Engineer within Operational Risk Management is responsible for the identification, monitoring, testing, and governance of cybersecurity processes and controls risks inherent in JPMorgan Chase technology environment. This position will be highly engaged with the firm-wide Cybersecurity team who provides high quality security solutions to detect and monitor for threats and vulnerabilities and manage security incidents to keep ahead of threats. 

 

We are looking for a multi-disciplined forward-looking technologist with diverse backgrounds and experiences including in areas such as cybersecurity, big data,  compliance and oversight, cloud security, cryptography, rights management, networking technologies (e.g Cisco, Bluecoat, Juniper), and data security architectures. Knowledge of emerging technical trends and cyber threats will be required.

 

The successful candidate will use experience and leadership skills to give guidance and best practice advice across the Cybersecurity discipline.  He/she will lead significant event reviews, risk assessments, and perform monitoring of cybersecurity controls. Written and verbal communication of results of risk assessments will be provided by the Cybersecurity Engineer to management, executive directors, managing directors and stakeholders.  The role requires a strong self-starter who can understand program objectives, understand mitigating cybersecurity controls using a logical to independently assess the control environment.  

 

Key responsibilities include:

·         Perform deep inspection of specific technologies in targeted processes or firm-wide evaluation.

·         Keep abreast of current cyber trends, vulnerabilities, and emerging technologies.

·         Engage with cyber teams to gain full understanding of cybersecurity and control environment.

·         Perform significant event reviews.

·         Independently assess technology risk management and controls across the bank 

·         Understand third party risks as related to specific technology area of expertise.

·         Risk assessment of the impact of threats and vulnerabilities on JPMC technology portfolio. 

·         Coordination and key participation in the development of the evolving risk position of new technology.  For each of the technology areas in focus, this person will be charged with escalating and tracking the individual risk items. 

·         Work with appropriate technology areas to identify potentially elevated risk concentrations globally and perform assessments of the corresponding inherent risks and mitigating controls. Recommend any adjustments required to meet JPMC policy, regulatory requirements, and industry best practices. 

·         Develop and perform ongoing analysis of Operational Risk loss, near miss and external events to inform RCSA results, technology assessments and scenario analysis.  Investigate Operational Risk events meeting selection criteria; assist LOB OROs in determining the appropriate consideration of technology risk management and risk events.

·         Participate in key portfolio governance forums.

·         Provide feedback and coordination with the application risk assessment process.

·         Identify risk measures and thresholds for monitoring key risk cybersecurity controls.

·         BS/BA degree in computer science or equivalent experience.

·         2+ years or more proven experience in technology development, engineering or technical architecture with financial services experience

·         Working knowledge and interest of current and emerging technologies

·         Knowledge of Cybersecurity organization practices, operations, risk management processes, principles, architectural requirements, engineering and threats and vulnerabilities, including incident response methodologies

·         Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals

·         Demonstrated verbal and written communication skills and excellent analytical skills

·         Ability to understand complex technical systems and the business processes they support and synthesize the corresponding risks and controls and recommend adjustments if required.

·         Track record of collaboration and relationship building

·         Proven ability to anticipate and identify risks and effective mitigants

·         Excellent analytical and problem-solving skills, inquisitive nature and comfort challenging current practices

·         Proven track record of taking ideas forward without supervision and challenging others, where appropriate

·         Adept at developing relationships with senior business executives with a reputation for partnering across organization lines to mitigate risks

·         Highly disciplined, able to work with limited supervision and make independent decisions

·         Strong organizational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results

·         High level of professionalism, self-motivation, and sense of urgency

About Us

JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.

Equal Opportunity Employer/Disability/Veterans

About the Team

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.
 
Risk Management helps the firm understand, manage and anticipate risks in a constantly changing environment. The work covers areas such as evaluating country-specific risk, understanding regulatory changes and determining credit worthiness. Risk Management provides independent oversight and maintains an effective control environment.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
FireEye

Compliance Analyst Intern

Richmond, VA
Risk & Compliance
INTERN
Oct 31
Premier

Company Description

FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,500 customers across 67 countries, including more than 50 percent of the Forbes Global 2000.

Job Description

Compliance Analyst Intern - Summer 2021

The Governance and Compliance team is a critical part of the larger FireEye Security team. The team is responsible for performance of internal audits and assessments, external audit coordination, policy management, business continuity management and third-party management.

As a Compliance Analyst on the Governance and Compliance team, you will use your acumen, customer service skills, and cybersecurity knowledge to assess the internal control environments within FireEye and participate in vendor management due diligence activities. You will work with a great team of professionals who will provide you the guidance and support you will need to be successful in our shared goal of supporting our internal and external customers to meet today’s complex regulatory and security requirements.

What You Will Do:

·       Interact with our internal customers, internal and external auditors to identify, scope, and evaluate the effectiveness of internal controls

·       Conduct vendor risk assessments

·       Assist with business continuity and disaster recovery documentation and associated testing exercises

·       Be responsible for documenting and tracking your work within internal web-based tools

·       Develop a deep understanding of FireEye products and services

·       Exemplify industry-leading customer support skills and deliver positive customer experience

Qualifications

Requirements:

·       Bachelor’s degree in a technical field or working toward such degree, with at least 3 years of completed post-secondary education

·       Experience with cyber security tools, technology and best practices

·       Experience working in customer facing environment

·       Experience fielding questions and requests from customers, and providing timely and comprehensive responses

 

Additional Qualifications:

·       Demonstrated aptitude and desire to learn new technologies and services

·       Ability to ramp up quickly in learning the portfolio of FireEye services and products

·       Problem solver with keen attention to detail

·       Excellent written and verbal communication skills

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. Requests for accommodation due to disability can be sent directly to HR-Accommodations@FireEye.com.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Boeing

Cyber Security Specialist

Los Angeles, CA
Risk & Compliance
FULL-TIME
Sep 28
Premier

Job Description

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.

Boeing Security is seeking a detail-oriented and self-motivated Mid-Level Cyber Security Specialist to support Department of Defense (DoD) and Special Access Program (SAP) activities. This position will be located in El Segundo, CA, Seal Beach, CA, or Huntington Beach, CA.

Position Responsibilities

  • Contributes to the development and deployment of program information security for assigned systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures.
  • Implements Assessment and Authorization (A&A) processes under the Risk Management Framework (RMF), as well as product development and product maintenance for assigned systems.
  • Performs security compliance continuous monitoring (CONMON).
  • Participates in security assessments and audits.

Additional Responsibilities

  • Prepares and presents technical reports and briefings.
  • Contributes to the identification of root causes, the prioritization of threats, and recommends/ implements corrective action.
  • Provides mentoring and technical leadership within the information security program team.
  • Explores the enterprise and industry for the evolving state of industry knowledge and methods regarding information security best practices.
  • Supports development of enterprise-wide information security policies, standards, guidelines and procedures that may reach across multiple stakeholder organizations.

This position requires an active Secret U.S. Security Clearance. (A U.S. Security Clearance that has been active in the past 24 months is considered active.)

Basic Qualifications (Required Skills/Experience):

  • Current IAM Level 1 DoD 8140.01 (previously 8570.01) compliant certification or higher (i.e. CAP, GSLC, Security+ CE, CISSP, CASP, CISM, GSLC)
  • 1+ years of experience in utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS

Preferred Qualifications (Desired Skills/Experience):

  • Experience working within the National Industrial Security Procedures and Operations Manual (NISPOM)
  • Experience in policies and implementation of Risk Management Framework (RMF)

Typical Education & Experience:

Education/experience typically acquired through advanced technical education (e.g. Bachelor) and typically 5 or more years' related work experience or an equivalent combination of technical education and experience (e.g. Masters with 3 years' related work experience, PhD with 1+ years' related work experience, etc.).

Relocation:

This position does not offer relocation.  Candidates must live in the immediate area or relocate at their own expense.

Employee Referral:

Referral to this job is eligible for bonus.

Drug Free Workplace:

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.


Experience Level
Individual Contributor
Contingent Upon Program Award
No, this position is not contingent upon program award

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Church Mutual Insurance

Cybersecurity Intern

Merrill, WI
Risk & Compliance
INTERN
Aug 30
Premier

Overview

Church Mutual's Internship Program runs the day after Memorial Day through mid August, when students return to school. During the 12 week internship, the Cybersecurity Intern will have the opportunity to work on important assignments, gain insight into the business of Cybersecurity, and use your academic knowledge and match your interests to a job.  As an Cybersecurity intern at Church Mutual, you will work alongside our trained professionals, learning and applying valuable skills. 

 

Responsibilities

The typical Intern is an undergraduate who will handle projects normally performed by an entry-level, professional employee.  Assignments can include: identity governance, security risk analysis and assessment, network boundary defense and intrusion detection, security awareness campaigns, vulnerability assessment, process management, and security incident handling.  As an intern, you will have the opportunity to network with senior leaders and participate in a variety of training and development activities.  Interns are valued members of our team and will make immediate and lasting contributions to our company’s success

Qualifications

  • Working towards a Bachelor's Degree in Computer Science, Computer Engineering, Computer Information Systems, Management Information Systems, Information Technology, Mathematics, or other related technical programs
  • Strong technical, analytical, communication, and organizational skills
  • At least one course in, or equivalent knowledge of, the Java programming language
  • Minimum 3.0 cumulative GPA
  • Preferred candidates will be entering Junior or Senior year status in Fall of 2021
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
FireEye

Compliance Analyst Intern

Reston, VA
Risk & Compliance
INTERN
Aug 29
Premier

Company Description

FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,500 customers across 67 countries, including more than 50 percent of the Forbes Global 2000.

Job Description

The Governance and Compliance team is a critical part of the larger FireEye Security team. The team is responsible for performance of internal audits and assessments, external audit coordination, policy management, business continuity management and third-party management.

As a Compliance Analyst on the Governance and Compliance team, you will use your acumen, customer service skills, and cybersecurity knowledge to assess the internal control environments within FireEye and participate in vendor management due diligence activities. You will work with a great team of professionals who will provide you the guidance and support you will need to be successful in our shared goal of supporting our internal and external customers to meet today’s complex regulatory and security requirements.

What You Will Do:

·       Interact with our internal customers, internal and external auditors to identify, scope, and evaluate the effectiveness of internal controls

·       Conduct vendor risk assessments

·       Assist with business continuity and disaster recovery documentation and associated testing exercises

·       Be responsible for documenting and tracking your work within internal web-based tools

·       Develop a deep understanding of FireEye products and services

·       Exemplify industry-leading customer support skills and deliver positive customer experience

Qualifications

Requirements:

·       Bachelor’s degree in a technical field or working toward such degree, with at least 3 years of completed post-secondary education

·       Experience with cyber security tools, technology and best practices

·       Experience working in customer facing environment

·       Experience fielding questions and requests from customers, and providing timely and comprehensive responses

 

Additional Qualifications:

·       Demonstrated aptitude and desire to learn new technologies and services

·       Ability to ramp up quickly in learning the portfolio of FireEye services and products

·       Problem solver with keen attention to detail

·       Excellent written and verbal communication skills

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Grant Thornton

IT Audit Associate

New York, NY
Risk & Compliance
FULL-TIME
Aug 23
Premier

Description

IT Audit Associate - NYC

Grant Thornton LLP (Grant Thornton) is the U.S. member firm of Grant Thornton International Ltd, one of the world’s leading organizations of independent audit, tax and advisory firms. We’ve never been a typical professional services firm. We put people first, and that is what sets us apart.

As one of the fastest-growing professional services firms in the world, Grant Thornton LLP is continuously seeking top talent. Discover a place where you’ll work with a team of professionals dedicated to providing bold leadership and distinctive client service. Spend each day engaged in meaningful and challenging work. Be supported in your professional growth and recognized for your contributions.


Position Summary

An IT Assurance Associate is responsible for delivering a full range of IT audit services to our clients. Responsibilities include testing and assessment of information systems control review engagements in support of financial statement audits.

Qualifications

 Essential Duties and Responsibilities

  • Evaluate and test IT controls and identify areas of risk.
  • Apply current knowledge of IT trends and systems processes to identify security and risk management issues, as well as other opportunities for overall process improvement.
  • Maintain professionalism and rapport with the client. Proactively interact with key client management to manage expectations, help ensure client satisfaction, meet client deadlines, and resolve any problems.
  • Gain a comprehensive understanding of assigned client operations, processes and business objectives, and then utilize that knowledge on assigned engagements.
  • Participate in recruiting efforts as needed.
  • Meet or exceed IT Assurance metrics (e.g. – billable hours, CPE, time delinquencies, etc…)
  • Participate in other business development activities as appropriate
  • Other duties as assigned.

Experience Requirements

  • Bachelor's degree in Accounting, Finance, Information Technology, MIS or related field. A Master’s degree is a plus.
  • Desire to pursue CPA, CISA, CISSP, CIA or CISM license/certification.
  • Some related work experience in public accounting or equivalent delivering controls based services, auditing Information Technology General Controls (ITGC’s.) in support of financial statement audits to cross-industry clients and technologies. An understanding of generally accepted practices for testing Key Reports, and Application Controls a plus.
  • Information Security experience or information security training is required.
  • Exceptional client service and communication skills.
  • Strong technical aptitude and problem solving skills
  • Excellent analytical, communication (written and verbal) and interpersonal skills.
  • Effective project and time management skills for handling multiple priorities and simultaneous projects
  • Enthusiasm to learn through a combination of structured, on-the-job and self-directed training
  • Ability to work efficiently and effectively in a complex team environment
  • Strong computer skills including proficiency in Microsoft Office suite applications.
  • Ability to work additional hours and/or travel as needed.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.