ABOUT OPORTUN

Oportun (Nasdaq: OPRT) is a mission-driven financial services company that puts its members’ financial goals within reach. With intelligent borrowing, savings, and budgeting capabilities, Oportun empowers members with the confidence to build a better financial future. Since inception, Oportun has provided more than $21.3 billion in responsible and affordable credit, saved its members more than $2.5 billion in interest and fees, and helped its members set aside an average of more than $1,800 annually.

WORKING AT OPORTUN

Working at Oportun means enjoying a differentiated experience of being part of a team that fosters a diverse, equitable and inclusive culture where we all feel a sense of belonging and are encouraged to share our perspectives. This inclusive culture is directly connected to our organization’s performance and ability to fulfill our mission of delivering affordable credit to those left out of the financial mainstream. We celebrate and nurture our inclusive culture through our employee resource groups.

POSITION SUMMARY

The Information Security Governance & Awareness Senior Analyst supports and advances the organization’s information security governance and security awareness programs through policy lifecycle management, governance analysis, regulatory mapping, metrics reporting, and targeted security education initiatives.

This role is responsible for coordinating and contributing to the development, maintenance, review, approval, and publication of information security policies, standards, procedures, and related governance documentation. The Senior Analyst applies critical thinking and sound judgment to assess governance documentation against regulatory and framework requirements and helps identify potential gaps, inconsistencies, or improvement opportunities.

The ideal candidate possesses strong technical writing and analytical skills, excellent English language comprehension, attention to detail, and the ability to translate complex security and regulatory concepts into clear, actionable governance documentation and awareness communications.

This role also supports organizational security culture initiatives through audience-appropriate awareness content, phishing simulation activities, and security education support aligned to organizational risks and business objectives.

RESPONSIBILITIES

Security Governance & Policy Management

• Manage and support the lifecycle of information security policies, standards, procedures, and related governance documentation.
• Coordinate document reviews, stakeholder collaboration, approvals, renewals, attestations, and publication timelines.
• Track policy review schedules, exceptions, approvals, versioning, and governance workflow activities.
• Interpret and map regulatory and framework requirements to organizational governance documents and controls.
• Support governance alignment efforts related to:
  • PCI-DSS v4.0.1
  • NIST Cybersecurity Framework (CSF) 2.0
  • SOC 2
  • SOX
  • FTC Safeguards Rule and related FTC requirements
• Review governance documentation for clarity, consistency, completeness, enforceability, and alignment with regulatory and organizational requirements.
• Identify potential governance gaps, conflicting requirements, outdated language, or process inconsistencies and recommend improvements.
• Ensure governance documentation appropriately distinguishes between policies, standards, procedures, guidelines, and supporting controls.
• Draft, edit, and maintain governance documentation using concise, professional, and active-voice writing principles.
• Support audit, assessment, and compliance activities through governance documentation review and evidence coordination.
• Maintain governance repositories, templates, and document management systems.

Security Awareness & Education

• Support the organization’s security awareness and education initiatives for technical and non-technical audiences.
• Develop and maintain targeted awareness communications, training materials, and educational content aligned to organizational risks and emerging threats.
• Apply adult learning and communication principles to tailor awareness messaging to intended audiences and business contexts.
• Coordinate and support phishing simulation campaigns, including reporting, trend analysis, and user follow-up activities.
• Assist with measuring awareness participation, phishing resilience, and program effectiveness metrics.
• Collaborate with stakeholders to identify awareness gaps and support awareness improvement initiatives.

Metrics, Reporting & Program Support

• Develop and maintain governance and awareness program dashboards, recurring reports, and operational metrics.
• Produce reporting related to:
  • Policy lifecycle compliance
  • Review and approval timeliness
  • Governance exceptions
  • Security awareness participation
  • Phishing simulation trends
  • Governance process effectiveness
• Analyze governance and awareness trends to identify operational risks, recurring issues, or process improvement opportunities.
• Build and maintain reusable governance templates, reporting assets, and process documentation.
• Support governance committee preparation, leadership reporting, and cross-functional governance initiatives.
• Contribute to governance process improvement and operational efficiency efforts.

REQUIREMENTS

• Bachelor’s degree in Information Security, Cybersecurity, Information Systems, Risk Management, English, Communications, or related field; or equivalent practical experience.
• 3–5 years of experience in information security governance, compliance, policy management, technical writing, security awareness, or related areas.
• Strong working knowledge of security and regulatory frameworks including PCI-DSS, NIST CSF, SOC 2, SOX, and FTC requirements.
• Demonstrated ability to read, interpret, and map regulatory requirements to governance documentation and organizational controls.
• Excellent technical writing, editing, and English language comprehension skills.
• Strong critical thinking and analytical skills, including the ability to identify governance gaps, inconsistencies, or improvement opportunities.
• Strong understanding of the distinctions between policies, standards, procedures, guidelines, and controls.
• Experience developing metrics, dashboards, and recurring governance or compliance reporting.
• Familiarity with phishing simulation platforms and security awareness practices.
• Strong organizational, stakeholder coordination, and project management skills.
• Ability to manage multiple priorities and deadlines in a cross-functional environment.

Preferred Qualifications

• Experience supporting governance, risk, and compliance (GRC) programs in regulated industries.
• Understanding of adult learning principles and audience-based communication strategies.
• Experience supporting audits, assessments, and evidence collection activities.
• Familiarity with GRC platforms, workflow management tools, or document management systems.
• Experience in financial services, fintech, or highly regulated environments preferred.
• Relevant certifications such as:
  • Security+
  • CISSP
  • CISA
  • CRISC
  • PCI ISA

#LI-REMOTE

#LI-SS1

We are proud to be an Equal Opportunity Employer and consider all qualified applicants for employment opportunities without regard to race, age, color, religion, gender, national origin, disability, sexual orientation, veteran status or any other category protected by the laws or regulations in the locations where we operate.

California applicants can find a copy of Oportun’s CCPA Notice here:  https://oportun.com/privacy/california-privacy-notice/.

We will never request personal identifiable information (bank, credit card, etc.) before you are hired. We do not charge you for pre-employment fees such as background checks, training, or equipment. If you think you have been a victim of fraud by someone posing as us, please report your experience to the FBI’s Internet Crime Complaint Center (IC3).

Company Description

CREATIVITY IS OUR SUPERPOWER. It’s our heritage and it’s also our future. Because we don’t just make toys. We create innovative products and experiences that inspire fans, entertain audiences and develop children through play. Mattel is at its best when every member of our team feels respected, included, and heard—when everyone can show up as themselves and do their best work every day. We value and share an infinite range of ideas and voices that evolve and broaden our perspectives with a reach that extends into all our brands, partners, and suppliers.

The Team:

Job Description

About the Role

The Sr Security Engineer – Endpoint & Identity Threat Protection (EDR / ITP) is responsible for engineering, deploying, and optimizing advanced detection and response technologies that safeguard Mattel’s global enterprise. This senior technical role focuses on proactive endpoint detection, response automation, and identity threat protection, helping to strengthen the organization’s cyber defense posture. The position requires deep technical expertise across endpoint and identity protection technologies, strong collaboration skills, and a commitment to continuous improvement through automation, analytics, and security modernization initiatives.

Roles and Responsibilities

• Engineer, deploy, and maintain enterprise Endpoint Detection and Response (EDR) and Identity Threat Protection (ITP) platforms across Mattel’s environments.
• Develop, tune, and optimize behavioral analytics and detection logic to identify, prevent, and respond to malicious activity targeting endpoints and identities.
• Collaborate with Security Operations and Incident Response teams to investigate, contain, and remediate security incidents effectively and efficiently.
• Integrate EDR and ITP technologies with SIEM, SOAR, and threat intelligence platforms to improve visibility, automation, and response capabilities.
• Contribute to the architecture, implementation, and continuous enhancement of endpoint and identity threat protection strategies in alignment with Mattel’s cybersecurity goals.
• Partner with IT, Infrastructure, and Security Architecture teams to support secure configuration management, policy enforcement, and system hardening across all endpoints.
• Ensure endpoint and identity protection controls align with corporate security policies, compliance mandates, and global regulatory standards.
• Perform advanced telemetry analysis, detection validation, and post-incident investigations to improve detection fidelity and reduce false positives.
• Collaborate with Engineering, Cloud, and Infrastructure teams to ensure endpoint tools operate effectively across hybrid and cloud environments.
• Develop and maintain documentation, operational standards, and playbooks for endpoint and identity threat protection workflows.
• Participate in post-incident reviews to identify gaps, lessons learned, and opportunities to enhance security processes.
• Evaluate emerging endpoint and identity threat protection technologies and contribute to technical proof-of-concept initiatives to support security modernization.

Qualifications

Required:

• 5–7+ years of experience in cybersecurity engineering, with a focus on endpoint and identity threat protection in enterprise environments.
• Demonstrated expertise managing enterprise-grade EDR and ITP platforms such as CrowdStrike, SentinelOne, Defender for Endpoint, or similar solutions.
• Strong technical knowledge of endpoint operating systems (Windows, macOS, Linux) and adversary tactics, techniques, and procedures (TTPs).
• Experience designing and optimizing detection logic, behavioral rules, and custom correlation within EDR and identity systems.
• Proficiency in integrating endpoint and identity threat protection solutions with SIEM, SOAR, and automation platforms.
• In-depth understanding of identity and access management (IAM) frameworks such as Azure AD, Okta, SSO, and MFA.
• Experience in IOC and IOA analysis, enrichment, and use of threat intelligence for proactive defense and detection tuning.
• Hands-on experience in scripting or automation using PowerShell, Python, or equivalent languages for workflow orchestration and data enrichment.
• Strong understanding of endpoint configuration, policy management, application allowlisting, and device control.
• Excellent communication and collaboration skills with the ability to work effectively across global and cross-functional teams.

Preferred:

• Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).
• Certifications such as GSEC, SSCP, GCED, GCIA, or CompTIA CySA+.
• Experience supporting hybrid endpoint environments across on-premises, cloud (AWS, Azure, GCP), and virtualized systems.
• Familiarity with the MITRE ATT&CK framework for mapping detections, validating coverage, and improving response maturity.
• Hands-on experience with SOAR or orchestration platforms to enhance threat detection and response workflows.
• Knowledge of modern endpoint protection trends, AI/ML-based detection models, and zero-trust security principles.

Shift Timings:

This position operates during 05:00 – 14:00 PST (17:30 – 02:30 IST), Monday through Friday, with emergency on-call duties as required.

Additional Information

Don’t meet every single requirement? At Mattel, we are dedicated to an inclusive workplace and a culture of belonging. If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we still encourage you to apply. You may be just the right candidate for this or other roles.

How We Work:

We are a purpose driven company aiming to empower generations to explore the wonder of childhood and reach their full potential. We live up to our purpose employing the following behaviors:

• We collaborate: Being a part of Mattel means being part of one team with shared values and common goals. Every person counts and working closely together always brings better results. Partnership is our process and our collective capabilities is our superpower.
• We innovate: At Mattel we always aim to find new and better ways to create innovative products and experiences. No matter where you work in the organization, you can always make a difference and have real impact. We welcome new ideas and value new initiatives that challenge conventional thinking.
• We execute: We are a performance-driven company. We strive for excellence and are focused on pursuing best-in-class outcomes. We believe in accountability and ownership and know that our people are at their best when they are empowered to create and deliver results.

Our Approach to Flexible Work:

We embrace a flexible work model designed to empower a culture of growth, optimism, and wellbeing, where every employee can reach their full potential. Combining purposeful in-person collaboration with flexibility, our focus is to optimize performance and drive connection for moments that matter.

Who We Are:

Mattel is a leading global toy and family entertainment company and owner of one of the most iconic brand portfolios in the world. We engage consumers and fans through our franchise brands, including Barbie, Hot Wheels, Fisher-Price, American Girl, Thomas & Friends, UNO, Masters of the Universe, Matchbox, Monster High, MEGA and Polly Pocket, as well as other popular properties that we own or license in partnership with global entertainment companies. Our offerings include toys, content, consumer products, digital and live experiences. Our products are sold in collaboration with the world’s leading retail and ecommerce companies. Since its founding in 1945, Mattel is proud to be a trusted partner in empowering generations to explore the wonder of childhood and reach their full potential.

Mattel’s award-winning workplace culture has been recognized by Forbes, Fast Company, Newsweek, Great Place to Work, TIME, and more.

Visit us at https://jobs.mattel.com/ and www.instagram.com/MattelCareers.

Mattel is an Equal Opportunity Employer where we want you to bring your authentic self to work every day. We welcome all job seekers, and all applicants will receive consideration for employment.

Videos to watch:

The Culture at Mattel

Corporate Philanthropy

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Position Summary

The Security Consultant will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. They will work closely with Project Managers, Senior Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.

What You’ll Do

• Provides advice to customers on issues affecting the scope of work in a manner that provides additional value
• Develop documentation and author recommendations associate with your findings on how to improve the customer’s security posture in accordance with appropriate controls
• Leads audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
• Maintains strong depth of knowledge in one or more cybersecurity frameworks.
• Prepare, review and approve  assessment reports.
• Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets.
• Ensures quality products and services are delivered on time.
• Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue
• Provide mentorship to team members in areas of audit, assessment, technical review and writing.
• Interfaces with clients through entire engagement, interacting with all levels of client organizations
• Establish and maintain positive collaborative relationships with clients and stakeholders
• Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.
• Collaborates with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
• Establishes account relationships and identifies upsell and cross sell opportunities and escalates to sales.
• Draft audit programs that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment
• Leads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements
• Assess security vulnerabilities against the appropriate security frameworks
• Pursues and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured
• Offline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification
• Educate and interpret compliance activities for clients
• Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable
• Remote work environment
• Travel 20%

What You’ll Bring

• Bachelor’s degree (four-year college or university) in IT or business, or equivalent combination of education and work experience
• Five to ten (5-10) years of experience as a consultant within professional IT services
• Deep experience with government compliance, including FISMA, FedRAMP, and DoD RMF
• Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53
• Experience with every step within the delivery of Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages that have obtained and maintained full authorization to operate (ATO)
• Experience with virtualization or cloud technologies
• Familiarity with statutes and regulations across multiple industries relevant to IT (e.g. SOX 404, HIPAA, FedRAMP, GLB, Patriot Act)
• Knowledge of information security related solutions, tools, and utilities
• Excellent verbal and written skills
• Willing to travel up to 20%

Must have an active CISSP and one of the following certifications:

• Cisco Certified Network Associate Security (CCNA Security)
• Cisco Certified Network Associate Cyber Security Operations (CCNA Cyber Ops)
• Cybersecurity Analyst (CySA+)
• GIAC Certified Incident Handler (GCIH)
• GIAC Systems and Network Auditor (GSNA)
• GIAC Certified Intrusion Analyst (GCIA)
• Certified Information Systems Auditor (CISA)
• Certified Information System Security Professional or Associate (CISSP or Associate)
• Certified Secure Software Lifecycle Professional (CSSLP)
• Certified Information Systems Security Officer (CISSO)
• CyberSec First Responder (CFR)
• CompTIA Advanced Security Practitioner Continuing Education (CASP+) Continuing Education (CE)
• CompTIA Cloud+ (Cloud+)
• Global Industrial Cyber Security Professional (GICSP)
• Securing Cisco® Networks with Threat Detection Analysis (SCYBER)
• BCR Cyber Technical Proficiency Testing Activity

Bonus Points

• Hold Cloud Security focused certifications (AWS, Azure, CCSK, etc.)

$86,000 - $148,000 a year

The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.

Why You’ll Want to Join Us

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at [email protected].

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Position Summary

The Security Consultant will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. They will work closely with Project Managers, Senior Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.

What You’ll Do

• Provides advice to customers on issues affecting the scope of work in a manner that provides additional value
• Develop documentation and author recommendations associate with your findings on how to improve the customer’s security posture in accordance with appropriate controls
• Leads audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
• Maintains strong depth of knowledge in one or more cybersecurity frameworks.
• Prepare, review and approve  assessment reports.
• Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets.
• Ensures quality products and services are delivered on time.
• Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue
• Provide mentorship to team members in areas of audit, assessment, technical review and writing.
• Interfaces with clients through entire engagement, interacting with all levels of client organizations
• Establish and maintain positive collaborative relationships with clients and stakeholders
• Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.
• Collaborates with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
• Establishes account relationships and identifies upsell and cross sell opportunities and escalates to sales.
• Draft audit programs that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment
• Leads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements
• Assess security vulnerabilities against the appropriate security frameworks
• Pursues and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured
• Offline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification
• Educate and interpret compliance activities for clients
• Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable
• Remote work environment
• Travel 20%

What You’ll Bring

• Bachelor’s degree (four-year college or university) in IT or business, or equivalent combination of education and work experience
• Five to ten (5-10) years of experience as a consultant within professional IT services
• Deep experience with government compliance, including FISMA, FedRAMP, and DoD RMF
• Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53
• Experience with every step within the delivery of Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages that have obtained and maintained full authorization to operate (ATO)
• Experience with virtualization or cloud technologies
• Familiarity with statutes and regulations across multiple industries relevant to IT (e.g. SOX 404, HIPAA, FedRAMP, GLB, Patriot Act)
• Knowledge of information security related solutions, tools, and utilities
• Excellent verbal and written skills
• Willing to travel up to 20%

Must have an active CISSP and one of the following certifications:

• Cisco Certified Network Associate Security (CCNA Security)
• Cisco Certified Network Associate Cyber Security Operations (CCNA Cyber Ops)
• Cybersecurity Analyst (CySA+)
• GIAC Certified Incident Handler (GCIH)
• GIAC Systems and Network Auditor (GSNA)
• GIAC Certified Intrusion Analyst (GCIA)
• Certified Information Systems Auditor (CISA)
• Certified Information System Security Professional or Associate (CISSP or Associate)
• Certified Secure Software Lifecycle Professional (CSSLP)
• Certified Information Systems Security Officer (CISSO)
• CyberSec First Responder (CFR)
• CompTIA Advanced Security Practitioner Continuing Education (CASP+) Continuing Education (CE)
• CompTIA Cloud+ (Cloud+)
• Global Industrial Cyber Security Professional (GICSP)
• Securing Cisco® Networks with Threat Detection Analysis (SCYBER)
• BCR Cyber Technical Proficiency Testing Activity

Bonus Points

• Hold Cloud Security focused certifications (AWS, Azure, CCSK, etc.)

$86,000 - $148,000 a year

The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.

Why You’ll Want to Join Us

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at [email protected].

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Position Summary

The Security Consultant will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. They will work closely with Project Managers, Senior Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.

What You’ll Do

• Provides advice to customers on issues affecting the scope of work in a manner that provides additional value
• Develop documentation and author recommendations associate with your findings on how to improve the customer’s security posture in accordance with appropriate controls
• Leads audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
• Maintains strong depth of knowledge in one or more cybersecurity frameworks.
• Prepare, review and approve  assessment reports.
• Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets.
• Ensures quality products and services are delivered on time.
• Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue
• Provide mentorship to team members in areas of audit, assessment, technical review and writing.
• Interfaces with clients through entire engagement, interacting with all levels of client organizations
• Establish and maintain positive collaborative relationships with clients and stakeholders
• Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.
• Collaborates with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
• Establishes account relationships and identifies upsell and cross sell opportunities and escalates to sales.
• Draft audit programs that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment
• Leads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements
• Assess security vulnerabilities against the appropriate security frameworks
• Pursues and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured
• Offline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification
• Educate and interpret compliance activities for clients
• Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable
• Remote work environment
• Travel 20%

What You’ll Bring

• Bachelor’s degree (four-year college or university) in IT or business, or equivalent combination of education and work experience
• Five to ten (5-10) years of experience as a consultant within professional IT services
• Deep experience with government compliance, including FISMA, FedRAMP, and DoD RMF
• Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53
• Experience with every step within the delivery of Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages that have obtained and maintained full authorization to operate (ATO)
• Experience with virtualization or cloud technologies
• Familiarity with statutes and regulations across multiple industries relevant to IT (e.g. SOX 404, HIPAA, FedRAMP, GLB, Patriot Act)
• Knowledge of information security related solutions, tools, and utilities
• Excellent verbal and written skills
• Willing to travel up to 20%

Must have an active CISSP and one of the following certifications:

• Cisco Certified Network Associate Security (CCNA Security)
• Cisco Certified Network Associate Cyber Security Operations (CCNA Cyber Ops)
• Cybersecurity Analyst (CySA+)
• GIAC Certified Incident Handler (GCIH)
• GIAC Systems and Network Auditor (GSNA)
• GIAC Certified Intrusion Analyst (GCIA)
• Certified Information Systems Auditor (CISA)
• Certified Information System Security Professional or Associate (CISSP or Associate)
• Certified Secure Software Lifecycle Professional (CSSLP)
• Certified Information Systems Security Officer (CISSO)
• CyberSec First Responder (CFR)
• CompTIA Advanced Security Practitioner Continuing Education (CASP+) Continuing Education (CE)
• CompTIA Cloud+ (Cloud+)
• Global Industrial Cyber Security Professional (GICSP)
• Securing Cisco® Networks with Threat Detection Analysis (SCYBER)
• BCR Cyber Technical Proficiency Testing Activity

Bonus Points

• Hold Cloud Security focused certifications (AWS, Azure, CCSK, etc.)

$86,000 - $148,000 a year

The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.

Why You’ll Want to Join Us

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at [email protected].

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

About ProArch:

At ProArch, we partner with businesses around the world to turn big ideas into better outcomes through IT services that span cybersecurity, cloud, data, AI, and app development.

We’re 400+ team members strong across 3 countries (we call ourselves ProArchians)—and here’s what connects us all:

• A love for solving real business problems
• A belief in doing what’s right

What’s it like to work here?

• You’ll keep growing. You’ll work alongside domain experts who love to share what they know.
• You’ll be supported, heard, and trusted to make an impact.
• You’ll take on projects that touch industries, communities, and lives.
• You’ll have the time to focus on what matters most in your life outside of work.

At ProArch, you’ll be part of teams that design and deliver technology solutions solving real business challenges for our clients. With services spanning AI, Data, Application Development, Cybersecurity, Cloud & Infrastructure, and Industry Solutions, your work may involve building intelligent applications, securing business‑critical systems, or supporting cloud migrations and infrastructure modernization.

Every role here contributes to shaping outcomes for global clients and driving meaningful impact. You’ll collaborate with experts across data, AI, engineering, cloud, cybersecurity, and infrastructure—solving complex problems with creativity, precision, and purpose. You’ll join a culture rooted in technology, curiosity, and continuous learning. A place where we move fast, trust you to make an impact, encourage innovation, and support your growth.

About Position:

At ProArch, a leader in IT security consulting with presence in the US, UK, and India, we are looking for a skilled L3 SOC Analyst / Incident Response Analyst to join our Security Operations Center (SOC) team. In this critical role, you will be responsible for advanced incident detection, investigation, and response to complex cybersecurity threats. Leveraging your extensive experience and expertise, you will lead incident response activities, perform deep-dive analysis, and coordinate with cross-functional teams to mitigate risks and strengthen our security posture. If you thrive in a dynamic, fast-paced environment and are passionate about defending organizations against sophisticated cyber threats, this position is ideal for you.Role Summary

ProArch are seeking a highly skilled and technically strong L3 SOC Analyst / Incident Response Analyst to operate within a Managed Security Services Provider (MSSP) environment, supporting multiple customer environments across diverse industries.

This role is heavily focused on:

• Incident Response
• Threat Investigation
• Detection Engineering
• DFIR Operations
• SOC Automation
• Threat Hunting
• Security Platform Engineering
• Response Workflow Optimization

The ideal candidate combines strong incident response expertise, deep Microsoft security platform knowledge, hands-on detection engineering capability, and SOC automation experience within a fast-paced MSSP environment.

This is not a traditional alert-monitoring SOC Analyst role. The position requires strong investigative, analytical, and response-oriented cybersecurity capabilities.

Key Responsibilities

1. Incident Response & Threat Investigation

• Lead and support advanced security incident investigations across multiple customer environments

Perform:

• Threat triage and validation
• IOC analysis and threat correlation
• Endpoint and identity investigations
• Email security investigations
• Cloud security incident analysis
• Root cause analysis

Investigate and respond to:

• Account compromise incidents

• Business Email Compromise (BEC)

• Malware and ransomware activity

• Privilege escalation

• Lateral movement activity

• Suspicious cloud and identity-based attacks

• Advanced phishing and social engineering campaigns

• Coordinate containment, remediation, and recovery activities with customer and internal teams

• Support high-severity incident escalation handling and response coordination

• Provide detailed investigation findings, timelines, impact assessments, and response recommendations

• Conduct proactive threat hunting and threat validation activities where required

• Support digital forensics and evidence collection activities when applicable

2. Detection Engineering & SIEM Operations

Design, develop, and maintain advanced detection rules across:

• Microsoft Sentinel
• Microsoft Defender XDR

Develop and optimize:

• KQL queries
• Analytics rules
• Correlation logic
• Detection use cases

Perform:

• Detection tuning

• False positive reduction

• Behavioral baselining

• Threat-based detection improvements

• Build and maintain reusable detection content and query libraries

• Support proactive detection engineering initiatives aligned with emerging threats and attacker techniques

• Leverage threat intelligence and MITRE ATT&CK mapping to improve detection coverage

3. SOC Automation & SOAR Engineering

Design and implement SOC automation workflows using:

• Microsoft Sentinel Playbooks
• Logic Apps
• SOAR platforms
• API-driven integrations

Build workflows for:

• Alert enrichment

• Incident routing

• Automated containment actions

• Threat intelligence enrichment

• Ticket synchronization

• Investigation acceleration

• Develop scalable automation frameworks to improve SOC operational efficiency

• Support continuous optimization of SOC workflows and automation coverage

• Create automation standards and reusable workflow templates across customer environments

4. Microsoft Security Platform Operations

Provide hands-on operational support, investigation, tuning, administration, and engineering for:

• Microsoft Defender for Endpoint (MDE)
• Microsoft Defender XDR
• Microsoft Defender for Identity (MDI)
• Microsoft Defender for Office 365 (MDO)
• Microsoft Defender for Cloud Apps (MDCA)
• Microsoft Purview
• Microsoft Identity Protection / Entra ID
• Microsoft Sentinel

5. AI Security & Modern Threat Operations

Support detection and response activities related to:

• AI-orchestrated attacks

• Identity-based attacks

• Cloud-native threats

• Advanced phishing and social engineering campaigns

• Leverage AI-assisted SOC operations and automation capabilities where applicable

• Support modern detection strategies aligned with evolving attacker techniques

• Evaluate opportunities to integrate AI-driven efficiencies into detection, investigation, and response workflows

6. Client & Operational Support

• Participate in customer incident discussions and escalation calls when required

• Support onboarding of new customer environments and security integrations

• Maintain:

• Investigation playbooks

• SOPs

• Workflow documentation

• Operational runbooks

• Detection documentation

Collaborate closely with:

• SOC Operations

• Security Engineering

• Vendors

• Consulting teams

• Customer stakeholders

• Support operational improvement initiatives across SOC and DFIR functions

Required Qualifications

Education

• Bachelor’s Degree / Graduation in: Computer Science/Information Technology/Cybersecurity or related technical field is mandatory
• Relevant cybersecurity and automation-focused certifications will be considered an added advantage.

Experience

• 6-9 years of overall cybersecurity experience

Strong hands-on experience in:

• Incident Response

• Threat Investigation

• SOC Operations

• Detection Engineering

• DFIR activities

• Prior Incident Response Analyst experience is highly preferred

• Experience working within MSSP environments preferred

• Experience supporting or collaborating with US-based teams/vendors preferred

• Proven hands-on experience with SOAR platforms in enterprise or MSSP environments

• Strong experience designing and implementing SOC automation workflows from scratch

• Experience supporting enterprise Security Operations Center (SOC) environments

• Experience with detection engineering and SIEM rule development

Required Technical Skills

Security Platforms & Technologies

Strong hands-on experience with:

• Microsoft Defender for Endpoint (MDE)
• Microsoft Defender XDR
• Microsoft Defender for Identity (MDI)
• Microsoft Defender for Office 365 (MDO)
• Microsoft Defender for Cloud Apps (MDCA)
• Microsoft Purview
• Microsoft Identity Protection / Entra ID
• CrowdStrike Falcon
• Threat Intelligence platforms
• Microsoft Sentinel (Mandatory)
• Defender XDR SIEM operations (Mandatory)
• Graph API
• Datto Autotask or equivalent ticketing systems
• Email security solutions
• Endpoint Detection & Response (EDR) platforms
• Identity and authentication platforms
• Cloud security technologies
• Detection Engineering & Automation

Strong experience creating:

• Detection rules
• Analytics rules
• KQL queries
• Detection tuning and fine-tuning

Experience with:

• SOC workflow design
• SOC automation
• SOAR engineering
• API integrations
• Workflow orchestration

Understanding of:

MITRE ATT&CK

• Threat detection methodologies
• Threat hunting methodologies
• AI-driven attack techniques
• AI use cases in SOC operations

Scripting & Technical Skills

Preferred experience with:

• PowerShell
• Python
• REST APIs
• Logic Apps
• KQL (Mandatory)

Preferred Certifications

• Microsoft SC-200
• Microsoft SC-401
• Microsoft AZ-500
• Microsoft SC-900
• Microsoft SC-100
• CISSP
• Security Automation / SOAR Automation / SOAR Certifications

Soft Skills & Work Style

• Strong verbal and written communication skills with the ability to work effectively across technical and non-technical teams
• Excellent collaboration and stakeholder coordination skills across SOC Operations, Engineering, Consulting, Vendors, and Leadership teams
• Strong documentation and technical writing capabilities for investigations, workflows, SOPs, and operational procedures
• Ability to work independently in a remote-first, multicultural, and fast-paced MSSP environment
• Self-driven, proactive, and highly organized with strong ownership and accountability
• Strong analytical, troubleshooting, and problem-solving skills
• Comfortable managing multiple projects, priorities, and operational initiatives simultaneously
• Team-oriented mindset with the ability to operate effectively as an individual contributor
• Professional communication and coordination skills for working with US-based teams and vendors
• Adaptable and flexible to evolving operational and business requirements

Working Model

• Rotational Shift (US Business Hours or After Hours)
• Remote-first operational model
• Participation in on-call escalation rotation for critical incidents when required

What Success Looks Like

• High-quality incident investigations and response handling
• Improved detection fidelity and reduced false positives
• Increased SOC automation coverage and operational efficiency
• Faster containment and response coordination
• Consistent and high-quality incident response across customer environments
• Strong collaboration across SOC, Engineering, and Customer teams
• Continuous improvement of detection, automation, and DFIR capabilities

Life @ ProArch

• At ProArch, we believe our people are the key to our success. That’s why we foster an environment where every employee—known proudly as a ProArchian—can grow, thrive, and make a meaningful impact.
• We empower employees to develop at their own pace through Career Pathways, a clear and supportive guide to professional progression.
• Our culture is one of positivity, inclusivity, and respect. Titles don’t define how we treat each other— every ProArchian is valued equally, and collaboration across roles and teams is the norm.
• We understand that great work starts with balance. That’s why we prioritize work-life harmony, offering flexible work schedules and encouraging time for what matters most.
• Beyond the workplace, ProArchians actively give back—organizing volunteer efforts and charitable initiatives that empower the communities we call home.
• And because we know that extraordinary efforts deserve recognition, we celebrate those who go above and beyond with appreciation programs.
• At ProArch, we’re not just using technology to transform businesses— we’re using it to create a better experience for our people, our clients, and our communities.

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

About GuidePoint Security

GuidePoint Security is a leading cybersecurity solutions and services firm enabling federal government organizations to make smarter security decisions that minimize risk. With more than 800 vetted technology vendor partnerships and deep practitioner expertise across every major cybersecurity domain, GuidePoint serves more than half of the U.S. Government’s cabinet-level agencies across Civilian, DoD, and Intelligence Community segments, as well as Federal System Integrators and major defense prime contractors. We are growing our federal presales engineering team and looking for technically exceptional engineers who thrive at the intersection of federal mission and cybersecurity technology.

The Senior Network Security Engineer will engineer, design, and sustain Comply-to-Connect (C2C) deployment support to migrate and maintain critical services across unclassified and classified environments.

Key Responsibilities

• Engineering, designing, and implementing C2C deployment support while managing the appliances, servers, and supporting infrastructure.
• Coordinating with the network service provider to develop and maintain comprehensive network architecture diagrams.
• Evaluating and recommending technology upgrades to address performance, standardization, and industry best practices.
• Monitoring and investigating C2C performance and faults to recommend and implement necessary improvements.
• Interacting with team members and customers at multiple levels to gather and coordinate vital technical information.
• Supporting Assessment and Authorization (A&A) activities related to cybersecurity technologies and system accreditation.

Requirements

• An active TS/SCI with Polygraph is required.
• Bachelor’s degree or 4+ years of additional experience in lieu of a degree.
• 5+ years of experience in Information Systems Security and/or Cyber Engineering.
• Experience with technologies involved in large-scale enterprise deployments and data center environments.
• Experience deploying enterprise security software products such as firewalls, IPS, Anti-Virus, and network management systems.
• Knowledge of Windows and Linux systems, TCP/IP networking, 802.1x, and general network security concepts.
• IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification or the ability to obtain it within 6 months of hire.

Preferred Qualifications

• Certified Information Systems Security Professional (CISSP) certification.
• Experience implementing vendor-agnostic C2C capabilities and services within DoD engineering and sustainment environments.
• Proficiency with Cisco Identity Services Engine (ISE) and tools such as Nmap, Nessus, and tcpdump.
• Knowledge of Shell, Perl, and XML Scripting to automate security tasks.

Physical Qualifications

• Must be able to remain in a stationary position 50%.
• Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
• Frequently communicates with co-workers, management, and customers, which may involve delivering presentations.
• Must be able to exchange accurate information in these situations.

“ Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.”

We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don’t miss updates on your application.

Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 6,200 customers.

Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.

This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.

Some added perks….

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option

At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

So, what’s the role all about?

The ideal candidate will be responsible for designing, implementing, and maintaining security measures to protect our organization’s computer systems, networks, and SaaS products. This role requires a hands-on approach to identifying vulnerabilities, implementing solutions, and staying abreast of the latest security trends and technologies. The Senior Information Security Engineer will collaborate closely with cross-functional teams to ensure the confidentiality, integrity, and availability of our systems and data.

How will you make an impact?

• Security Tooling: Deploy, maintain, integrate, and perform initial configuration of security tools.
• Vulnerability Management: Coordinate and conduct regular security assessments, penetration testing, and vulnerability scans to identify and address security weaknesses proactively.
• Incident Response: Lead incident response efforts to promptly detect, analyze, and mitigate security incidents and breaches. Develop and maintain incident response plans and procedures.
• Security Operations: Monitor security logs and alerts, investigate suspicious activities, and respond to security events in real-time. Implement and maintain security tools and technologies to enhance our security posture.
• Identity and Access Management: Manage user access controls, authentication mechanisms, and identity management systems to ensure appropriate levels of access and privilege.

Have you got what it takes?

• At least 5 years of experience in information security, with a focus on hands-on security engineering and operations.
• In-depth knowledge of networking protocols, operating systems, and cloud technologies.
• Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001).
• Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools.
• Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP).

You will have an advantage if you also have:

• Relevant certifications such as CISSP, CISM, CEH, or cloud-specific certifications (e.g., AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Professional Cloud Security Engineer) are highly desirable.

What’s in it for you?

Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!

Enjoy NICE-FLEX!

At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere.

About NICE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud and digital, NICE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.

NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.

Requisition ID: 10996

Reporting into: Damon Hefner, Manager Information Security

Role Type: Individual Contributor

About NiCE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.

NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.

Set a new pulse for healthcare!

We are looking for a Senior Security Engineer to join the SecOps team at Doctolib.

Your mission will be to protect the infrastructure, identities, devices and platform that millions of patients and hundreds of thousands of health professionals rely on every day. You will work hands-on across the full corporate IT security perimeter (identity, endpoint, SaaS, network and cloud) in a highly regulated environment (HDS, ISO 27001, C5) where security directly impacts patient safety and trust in the healthcare system.

Working in the tech team at Doctolib means building innovative products and features to improve the daily lives of care teams and patients.

What you’ll do

Your responsibilities include but are not limited to:

• Design and ship security changes as code, reviewed in pull requests like any production change, across our identity, endpoint, SaaS and network security stack
• Build detections, dashboards and automated responses on top of our SIEM (Elastic), writing queries and continuously tuning alert quality
• Drive corporate IT security programs from architecture to enforcement spanning Entra ID, CrowdStrike, Wiz, and Cloudflare
• Investigate security incidents end-to-end and iterate on playbooks with each resolution cycle
• Write proposals and run cross-team change management on major security initiatives, ensuring robust communication with stakeholders
• Mentor junior engineers and contribute to platform security topics when initiatives span both the corporate and product perimeters

Who you are

Before you read on: if you don’t have the exact profile described below, but you feel this job description matches your skill set, we still encourage you to apply.

You’ll be a great fit if you:

• Have 5+ years of hands-on experience in corporate, including at least 2 years at a senior level, with end-to-end ownership of multiple security domains (identity, endpoint, SaaS, network or detection) in production
• Have strong daily mastery of GitHub, Terraform and AI coding assistants (Claude or equivalent) — you ship security work as code reviewed in PRs, and you use AI agents as a structural part of your workflow, not as an occasional helper
• Have a solid detection engineering and SIEM background, and are comfortable writing queries and tuning alerts independently
• Bring a pragmatic mindset and strong written communication skills, with the ability to make decisions under uncertainty and follow through on complex, cross-team initiatives
• Are fluent in English (primary written working language); daily team conversations happen mostly in French, so being a French speaker or willing to learn is a strong plus

It would be fantastic if you:

• Have curiosity for platform security topics (cloud, Kubernetes, supply chain) and a willingness to contribute beyond your core corporate IT perimeter
• Bring prior experience in a regulated industry such as healthcare, fintech or the public sector

Life at Doctolib Tech

• Our solutions are built on a single fully cloud-native platform that supports web and mobile app interfaces, multiple languages, and is adapted to country and healthcare specialty requirements.
• Our stack is composed of Rails, TypeScript, Java, Python, Kotlin, Swift, and React Native.
• We leverage AI ethically across our products to empower patients and health professionals. Discover our AI vision here.

Want to learn more about our tech culture and environment? Visit the Doctolib Tech site .

What we offer

• Free comprehensive health insurance (basic package) for you and your children
• 25 days of paid vacation per year, plus up to 14 days of RTT
• Free mental health and coaching services through our partner Moka.care
• Work from abroad for up to 10 days per year thanks to our flexibility days policy
• Lunch vouchers (Swile card) worth €8.50 per working day, with €4.50 covered by Doctolib
• A subsidy from the work council to refund part of the membership to a sport club or a creative class
• 50% reimbursement of your public transport subscription
• Parent Care Program: receive one additional month of leave on top of the legal parental leave
• Enrollment in Doctolib’s long-term employee value sharing plan called DoctoGrowth
• For caregivers and workers with disabilities, a package including an adaptation of the remote policy, extra days off for medical reasons, and psychological support
• Relocation support in case of international mobility
• Access to the best AI tools for coding, development and dedicated training

Our interview process

• TA Screening
• Technical Deep Dive with a take-home case study and debrief session
• Behavioral Interview
• Final Conversation with the Head of SecOps
• At least one reference check

We want your experience to be clear, respectful, and transparent. Learn more about our hiring process on our candidate experience page.

Job details

• Permanent position
• Tech stack: Elastic, Entra ID, CrowdStrike, Wiz, Cloudflare, GitHub, Terraform
• Full-time
• Paris, France
• Hybrid work setup (up to 2 remote days per week)
• Start date: as soon as possible

We welcome everyone

At Doctolib, we are committed to improving access to healthcare for everyone. This translates into our recruitment process. We evaluate candidates based solely on qualifications and motivation, without any form of discrimination.

The more diverse ideas are heard, the more our product will truly improve healthcare for all. You are welcome to apply to Doctolib, regardless of your gender, religion, age, sexual orientation, ethnicity, or disability.

To ensure equal opportunities, we invite you to exclude personal information (e.g., pictures, age) from your applications. If you require any accommodation, please let us know for support during the hiring process.

Join us in building the healthcare we all dream of!

Your data privacy

All information provided is processed by Doctolib for application management. For data processing details, click here: France . Please contact hr.dataprivacy(at)doctolib.com for inquiries or to exercise your rights.

About the RoleHopper’s Security team is small by design and consequential by impact- and this role sits at the centre of it. As a Senior Security Engineer, you’ll own the...

About the RoleHopper’s Security team is small by design and consequential by impact- and this role sits at the centre of it. As a Senior Security Engineer, you’ll own the...

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

Required Experience:

• Proficiency with the implementation, operationalization, and troubleshooting of Static Application Security Testing (SAST) tools such as Semgrep, Snyk, CodeQL, Checkmarx, Veracode, etc.
• Understanding of Continuous Integration / Continuous Delivery (CI/CD) pipeline tools and processes (e.g. GitHub Actions, GitLab Runners, Azure DevOps, Jenkins, CircleCI, etc.)
• Experience in software engineering, ideally full stack software development, including modern technologies and application architectures
• Strong scripting and automation experience using one or more programming languages
• Solid working knowledge of application security fundamentals including the OWASP Top 10, threat modeling, and implementing secure coding practices throughout the Software Development Lifecycle (SDLC)
• Excellent written and verbal communication skills

Preferred:

• Experience writing or adapting custom SAST rules (Semgrep or CodeQL)

• Familiarity with additional Application Security tools (e.g. Interactive (IAST), Dynamic (DAST) and API security, SCA, etc.)

• Familiarity with API Security tools (e.g., NoName, Traceable, Salt, Cequence)

• Practical hands-on experience validating vulnerabilities and proficiency with Burp Suite

• Strong working knowledge of Secure Development Lifecycles and experience triaging and remediating technical vulnerabilities identified by web application scanning tools

  • Understanding of automated security testing approaches and tools
  • Experience in building and operating security tools within CI/CD pipelines
  • Experience with proactive integration of security into the development process

• Past experience as an application security practitioner or software engineer

Educational & Professional Credentials:

• Bachelor’s degree in a relevant discipline or equivalent experience
• 5-7 years of security engineering experience in the Information Security industry

We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don’t miss updates on your application.

Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 6,200 customers.

Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.

This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.

Some added perks….

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option

We're transforming the grocery industryAt Instacart, we invite the world to share love through food because we believe everyone should have access to the food they love and more time to enjoy it together.

The Company

Cypress Creek Energy is powering a sustainable future, one project at a time. We develop, finance, own and operate utility-scale and distributed solar and storage projects across the country. Fostering a diverse group of innovative thinkers from all backgrounds, Cypress people are drawn to work in a purpose-driven organization. We hope you will join us.

Overview

Cypress Creek Energy is hiring an Information Security Manager to lead the company’s security operations and compliance program. This is a hands-on individual contributor role designed for a senior technical security professional ready to take ownership of a complete program — with the opportunity to grow into a leader of a team as the function scales.

The successful candidate brings a balance of deep technical execution and program-level compliance maturity. You will own the day-to-day security tooling stack, lead the company’s NIST-based compliance program, shape policy in emerging areas including artificial intelligence, and maintain an accurate view of every system in the environment. You will report directly to the Chief Technology Officer and partner closely with IT, Counsels, and business stakeholders across the company.

Responsibilities

Security Operations & Engineering

• Endpoint security: Administer and tune Microsoft Defender across the endpoint estate, including policy configuration, alert triage, response, and reporting.
• Network and access security: Manage the Zscaler platform (ZIA/ZPA), including policy development, traffic inspection, access controls, and integration with identity systems.
• SIEM operations: Own SIEM tuning, detection engineering, log source onboarding, alerting, and incident workflows. Build dashboards and metrics that surface meaningful signals.
• Vulnerability management: Run the vulnerability scanning program across AWS and Azure cloud environments and on-premises infrastructure. Prioritize, track, and verify remediation in partnership with IT and engineering teams.
• Patch management: Maintain endpoint patching cadence and reporting, ensuring coverage, exception tracking, and SLA adherence.
• Digital forensics & incident response: Lead investigations into security events, perform forensic analysis, document findings, and coordinate response with internal teams and external partners as needed.

Compliance & Governance

• NIST-based program: Maintain and continuously improve the company’s NIST Cybersecurity Framework-aligned security program, including controls mapping, evidence collection, and gap remediation.
• Policy management: Own the security policy library — ensure policies and standards are current, reviewed on a defined cadence, approved through the right channels, and communicated to the business.
• AI policy and guidance: Develop and maintain the company’s AI usage policies, acceptable use guidance, and review process for new AI tools, in coordination with Counsels and IT.
• System inventory: Build and maintain an authoritative inventory of systems, applications, data flows, and ownership. Keep it accurate as the environment evolves.
• Audit and assessment support: Lead responses to internal and external audits, customer security reviews, and regulatory inquiries. Manage remediation of identified findings through closure.
• Risk management: Identify, document, and track information security risks; propose mitigations and report on residual risk to leadership.

Leadership & Cross-Functional Partnership

• Stakeholder engagement: Partner with IT, Counsels, HR, and business leaders on security matters, providing clear guidance that balances risk with business needs.
• Operational Technology (OT): Act as a partner and advisor to the OT team coordinating security and compliance initiatives across the company. Manage intersection of IT and OT endpoints, systems, and networks.
• Security awareness: Drive the security awareness program, including phishing simulations, training content, and ongoing communications.
• Vendor and third-party risk: Assess and manage security risk associated with vendors, contractors, and third-party service providers.
• Future team leadership: Lay the groundwork to scale the function. As the program matures, hire, mentor, and lead a team of security professionals.

Education & Experience Required

• Use of AI to enhance and scale security operations – establish AI first Security Ops
• Bachelor’s degree in computer science, information systems, cybersecurity, or related field — or equivalent professional experience.
• 5+ years of progressive experience in information security, with demonstrated depth in security operations, engineering, or a combination of both.
• Hands-on administration and tuning experience with Microsoft Defender (Endpoint, Identity, Cloud).
• Production experience operating Zscaler (ZIA and/or ZPA), including policy management and troubleshooting.
• Strong SIEM experience — building detections, tuning alerts, investigating incidents, and onboarding log sources.
• Vulnerability management experience across cloud environments, specifically AWS and Azure.
• Working knowledge of digital forensics and incident response methodology.
• Demonstrated experience operating a security program aligned to the NIST Cybersecurity Framework or NIST 800-53.
• Track record of writing, maintaining, and operationalizing security policies and standards.
• Clear written and verbal communication, including the ability to explain technical risk to non-technical audiences.
• Ability to work from the Durham, NC or Washington, DC office three days per week.
• Embrace and live by the mission and values of Cypress Creek Energy

Preferred Qualifications

• Industry certifications such as CISSP, CISM, GIAC (GCIH, GCFA, GCIA), or equivalent.
• Experience operating in the energy, utility, or critical infrastructure sector.
• Familiarity with NERC CIP or other regulatory frameworks relevant to the power sector.
• Experience scripting or automating security workflows (Python, PowerShell, KQL).
• Prior experience as a senior technical lead preparing to step into a manager role.

Location: The preferred location for this role is for our offices in Durham, NC and Washington, DC. Our team operates on a hybrid schedule, with in-office schedule of three days per week.

Compensation: The salary range for the position is $140,000 - $170,000 plus bonus and benefits. Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience, and location.

Benefits:

• 15 days of Paid Time Off, accrual up to 20 days, 11 observed holidays.
• 401(k) Match
• Comprehensive package including medical, dental, vision and health insurance
• Wellness stipend, family planning stipend, and generous parental leave
• Tuition Reimbursement
• Phone Bill Reimbursement
• Company Swag

A note to Recruiting Agencies Cypress Creek Energy Human Resources team does not accept unsolicited resumes from third party recruiters, staffing firms, or related agencies. The Human Resources team coordinates all recruiting and hiring at our company. We do not accept resumes from third-party recruiters unless authorized by the Human Resources team and if a signed agreement is in place. Any unsolicited resumes will be considered property of CCE and we are not responsible for any related fees. All communication related to recruiting partnerships should ONLY be directed to the Human Resources team.

Cypress Creek Energy is an equal opportunity employer and considers all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status. We are committed to providing a workplace that is inclusive and values diversity, and we encourage candidates from all backgrounds to apply.

Please be aware of recruiting scams—official communications will only come from @ccrenew.com, we will never request personal or financial information, and any suspicious activity should be reported to HR@ccrenew.com.

The Company

Cypress Creek Energy is powering a sustainable future, one project at a time. We develop, finance, own and operate utility-scale and distributed solar and storage projects across the country. Fostering a diverse group of innovative thinkers from all backgrounds, Cypress people are drawn to work in a purpose-driven organization. We hope you will join us.

Overview

Cypress Creek Energy is hiring an Information Security Manager to lead the company’s security operations and compliance program. This is a hands-on individual contributor role designed for a senior technical security professional ready to take ownership of a complete program — with the opportunity to grow into a leader of a team as the function scales.

The successful candidate brings a balance of deep technical execution and program-level compliance maturity. You will own the day-to-day security tooling stack, lead the company’s NIST-based compliance program, shape policy in emerging areas including artificial intelligence, and maintain an accurate view of every system in the environment. You will report directly to the Chief Technology Officer and partner closely with IT, Counsels, and business stakeholders across the company.

Responsibilities

Security Operations & Engineering

• Endpoint security: Administer and tune Microsoft Defender across the endpoint estate, including policy configuration, alert triage, response, and reporting.
• Network and access security: Manage the Zscaler platform (ZIA/ZPA), including policy development, traffic inspection, access controls, and integration with identity systems.
• SIEM operations: Own SIEM tuning, detection engineering, log source onboarding, alerting, and incident workflows. Build dashboards and metrics that surface meaningful signals.
• Vulnerability management: Run the vulnerability scanning program across AWS and Azure cloud environments and on-premises infrastructure. Prioritize, track, and verify remediation in partnership with IT and engineering teams.
• Patch management: Maintain endpoint patching cadence and reporting, ensuring coverage, exception tracking, and SLA adherence.
• Digital forensics & incident response: Lead investigations into security events, perform forensic analysis, document findings, and coordinate response with internal teams and external partners as needed.

Compliance & Governance

• NIST-based program: Maintain and continuously improve the company’s NIST Cybersecurity Framework-aligned security program, including controls mapping, evidence collection, and gap remediation.
• Policy management: Own the security policy library — ensure policies and standards are current, reviewed on a defined cadence, approved through the right channels, and communicated to the business.
• AI policy and guidance: Develop and maintain the company’s AI usage policies, acceptable use guidance, and review process for new AI tools, in coordination with Counsels and IT.
• System inventory: Build and maintain an authoritative inventory of systems, applications, data flows, and ownership. Keep it accurate as the environment evolves.
• Audit and assessment support: Lead responses to internal and external audits, customer security reviews, and regulatory inquiries. Manage remediation of identified findings through closure.
• Risk management: Identify, document, and track information security risks; propose mitigations and report on residual risk to leadership.

Leadership & Cross-Functional Partnership

• Stakeholder engagement: Partner with IT, Counsels, HR, and business leaders on security matters, providing clear guidance that balances risk with business needs.
• Operational Technology (OT): Act as a partner and advisor to the OT team coordinating security and compliance initiatives across the company. Manage intersection of IT and OT endpoints, systems, and networks.
• Security awareness: Drive the security awareness program, including phishing simulations, training content, and ongoing communications.
• Vendor and third-party risk: Assess and manage security risk associated with vendors, contractors, and third-party service providers.
• Future team leadership: Lay the groundwork to scale the function. As the program matures, hire, mentor, and lead a team of security professionals.

Education & Experience Required

• Use of AI to enhance and scale security operations – establish AI first Security Ops
• Bachelor’s degree in computer science, information systems, cybersecurity, or related field — or equivalent professional experience.
• 5+ years of progressive experience in information security, with demonstrated depth in security operations, engineering, or a combination of both.
• Hands-on administration and tuning experience with Microsoft Defender (Endpoint, Identity, Cloud).
• Production experience operating Zscaler (ZIA and/or ZPA), including policy management and troubleshooting.
• Strong SIEM experience — building detections, tuning alerts, investigating incidents, and onboarding log sources.
• Vulnerability management experience across cloud environments, specifically AWS and Azure.
• Working knowledge of digital forensics and incident response methodology.
• Demonstrated experience operating a security program aligned to the NIST Cybersecurity Framework or NIST 800-53.
• Track record of writing, maintaining, and operationalizing security policies and standards.
• Clear written and verbal communication, including the ability to explain technical risk to non-technical audiences.
• Ability to work from the Durham, NC or Washington, DC office three days per week.
• Embrace and live by the mission and values of Cypress Creek Energy

Preferred Qualifications

• Industry certifications such as CISSP, CISM, GIAC (GCIH, GCFA, GCIA), or equivalent.
• Experience operating in the energy, utility, or critical infrastructure sector.
• Familiarity with NERC CIP or other regulatory frameworks relevant to the power sector.
• Experience scripting or automating security workflows (Python, PowerShell, KQL).
• Prior experience as a senior technical lead preparing to step into a manager role.

Location: The preferred location for this role is for our offices in Durham, NC and Washington, DC. Our team operates on a hybrid schedule, with in-office schedule of three days per week.

Compensation: The salary range for the position is $140,000 - $170,000 plus bonus and benefits. Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience, and location.

Benefits:

• 15 days of Paid Time Off, accrual up to 20 days, 11 observed holidays.
• 401(k) Match
• Comprehensive package including medical, dental, vision and health insurance
• Wellness stipend, family planning stipend, and generous parental leave
• Tuition Reimbursement
• Phone Bill Reimbursement
• Company Swag

A note to Recruiting Agencies Cypress Creek Energy Human Resources team does not accept unsolicited resumes from third party recruiters, staffing firms, or related agencies. The Human Resources team coordinates all recruiting and hiring at our company. We do not accept resumes from third-party recruiters unless authorized by the Human Resources team and if a signed agreement is in place. Any unsolicited resumes will be considered property of CCE and we are not responsible for any related fees. All communication related to recruiting partnerships should ONLY be directed to the Human Resources team.

Cypress Creek Energy is an equal opportunity employer and considers all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status. We are committed to providing a workplace that is inclusive and values diversity, and we encourage candidates from all backgrounds to apply.

Please be aware of recruiting scams—official communications will only come from @ccrenew.com, we will never request personal or financial information, and any suspicious activity should be reported to HR@ccrenew.com.

The Company

Cypress Creek Energy is powering a sustainable future, one project at a time. We develop, finance, own and operate utility-scale and distributed solar and storage projects across the country. Fostering a diverse group of innovative thinkers from all backgrounds, Cypress people are drawn to work in a purpose-driven organization. We hope you will join us.

Overview

Cypress Creek Energy is hiring an Information Security Manager to lead the company’s security operations and compliance program. This is a hands-on individual contributor role designed for a senior technical security professional ready to take ownership of a complete program — with the opportunity to grow into a leader of a team as the function scales.

The successful candidate brings a balance of deep technical execution and program-level compliance maturity. You will own the day-to-day security tooling stack, lead the company’s NIST-based compliance program, shape policy in emerging areas including artificial intelligence, and maintain an accurate view of every system in the environment. You will report directly to the Chief Technology Officer and partner closely with IT, Counsels, and business stakeholders across the company.

Responsibilities

Security Operations & Engineering

• Endpoint security: Administer and tune Microsoft Defender across the endpoint estate, including policy configuration, alert triage, response, and reporting.
• Network and access security: Manage the Zscaler platform (ZIA/ZPA), including policy development, traffic inspection, access controls, and integration with identity systems.
• SIEM operations: Own SIEM tuning, detection engineering, log source onboarding, alerting, and incident workflows. Build dashboards and metrics that surface meaningful signals.
• Vulnerability management: Run the vulnerability scanning program across AWS and Azure cloud environments and on-premises infrastructure. Prioritize, track, and verify remediation in partnership with IT and engineering teams.
• Patch management: Maintain endpoint patching cadence and reporting, ensuring coverage, exception tracking, and SLA adherence.
• Digital forensics & incident response: Lead investigations into security events, perform forensic analysis, document findings, and coordinate response with internal teams and external partners as needed.

Compliance & Governance

• NIST-based program: Maintain and continuously improve the company’s NIST Cybersecurity Framework-aligned security program, including controls mapping, evidence collection, and gap remediation.
• Policy management: Own the security policy library — ensure policies and standards are current, reviewed on a defined cadence, approved through the right channels, and communicated to the business.
• AI policy and guidance: Develop and maintain the company’s AI usage policies, acceptable use guidance, and review process for new AI tools, in coordination with Counsels and IT.
• System inventory: Build and maintain an authoritative inventory of systems, applications, data flows, and ownership. Keep it accurate as the environment evolves.
• Audit and assessment support: Lead responses to internal and external audits, customer security reviews, and regulatory inquiries. Manage remediation of identified findings through closure.
• Risk management: Identify, document, and track information security risks; propose mitigations and report on residual risk to leadership.

Leadership & Cross-Functional Partnership

• Stakeholder engagement: Partner with IT, Counsels, HR, and business leaders on security matters, providing clear guidance that balances risk with business needs.
• Operational Technology (OT): Act as a partner and advisor to the OT team coordinating security and compliance initiatives across the company. Manage intersection of IT and OT endpoints, systems, and networks.
• Security awareness: Drive the security awareness program, including phishing simulations, training content, and ongoing communications.
• Vendor and third-party risk: Assess and manage security risk associated with vendors, contractors, and third-party service providers.
• Future team leadership: Lay the groundwork to scale the function. As the program matures, hire, mentor, and lead a team of security professionals.

Education & Experience Required

• Use of AI to enhance and scale security operations – establish AI first Security Ops
• Bachelor’s degree in computer science, information systems, cybersecurity, or related field — or equivalent professional experience.
• 5+ years of progressive experience in information security, with demonstrated depth in security operations, engineering, or a combination of both.
• Hands-on administration and tuning experience with Microsoft Defender (Endpoint, Identity, Cloud).
• Production experience operating Zscaler (ZIA and/or ZPA), including policy management and troubleshooting.
• Strong SIEM experience — building detections, tuning alerts, investigating incidents, and onboarding log sources.
• Vulnerability management experience across cloud environments, specifically AWS and Azure.
• Working knowledge of digital forensics and incident response methodology.
• Demonstrated experience operating a security program aligned to the NIST Cybersecurity Framework or NIST 800-53.
• Track record of writing, maintaining, and operationalizing security policies and standards.
• Clear written and verbal communication, including the ability to explain technical risk to non-technical audiences.
• Ability to work from the Durham, NC or Washington, DC office three days per week.
• Embrace and live by the mission and values of Cypress Creek Energy

Preferred Qualifications

• Industry certifications such as CISSP, CISM, GIAC (GCIH, GCFA, GCIA), or equivalent.
• Experience operating in the energy, utility, or critical infrastructure sector.
• Familiarity with NERC CIP or other regulatory frameworks relevant to the power sector.
• Experience scripting or automating security workflows (Python, PowerShell, KQL).
• Prior experience as a senior technical lead preparing to step into a manager role.

Location: The preferred location for this role is for our offices in Durham, NC and Washington, DC. Our team operates on a hybrid schedule, with in-office schedule of three days per week.

Compensation: The salary range for the position is $140,000 - $170,000 plus bonus and benefits. Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience, and location.

Benefits:

• 15 days of Paid Time Off, accrual up to 20 days, 11 observed holidays.
• 401(k) Match
• Comprehensive package including medical, dental, vision and health insurance
• Wellness stipend, family planning stipend, and generous parental leave
• Tuition Reimbursement
• Phone Bill Reimbursement
• Company Swag

A note to Recruiting Agencies Cypress Creek Energy Human Resources team does not accept unsolicited resumes from third party recruiters, staffing firms, or related agencies. The Human Resources team coordinates all recruiting and hiring at our company. We do not accept resumes from third-party recruiters unless authorized by the Human Resources team and if a signed agreement is in place. Any unsolicited resumes will be considered property of CCE and we are not responsible for any related fees. All communication related to recruiting partnerships should ONLY be directed to the Human Resources team.

Cypress Creek Energy is an equal opportunity employer and considers all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status. We are committed to providing a workplace that is inclusive and values diversity, and we encourage candidates from all backgrounds to apply.

Please be aware of recruiting scams—official communications will only come from @ccrenew.com, we will never request personal or financial information, and any suspicious activity should be reported to HR@ccrenew.com.

Basic Function

Lumin Digital is standing up a dedicated Network Security function within its Risk Engineering group to protect a growing product suite that handles sensitive financial data across multiple product lines. This role exists because the landscape has shifted: in a cloud-native, infrastructure-as-code environment, network security is no longer about managing router ACLs—it is about designing identity-aware policy enforcement, automating end-to-end change management, and building real-time visibility into network activity across both workforce and hosted contexts.

As the Network Security Software Engineer, you will be a domain authority who breaks network security out of the existing Security Engineering and SOC functions, building the specialization from the ground up. You will architect and deliver automated, lights-off pipelines—using agentic development practices and tools like Claude Code—that turn around security changes faster, go deeper than port and protocol in our defense-in-depth story, and extend coverage to the agents our teams create, not just the people who create them.

We are looking for a senior practitioner who will teach us what great network security looks like in a modern, highly-automated fintech environment—not someone who needs to be taught.

Essential Functions and Responsibilities:

• Own the architecture, implementation, and continuous improvement of Lumin’s network security program across cloud, SD-WAN, and ZTNA layers—designing identity-aware, policy-driven controls that secure both human and machine (agent) identities.

• Design and deliver fully automated, end-to-end network security change management pipelines that eliminate manual toil, accelerate change velocity, and maintain audit-ready evidence at every step.

• Build and operate real-time network telemetry, monitoring, and alerting systems that provide deep visibility into network activity — integrating threat intelligence feeds, cloud connectivity data, and asset inventories into a unified, automated network defense posture.

• Engineer production-grade tooling and services—including firewall rule lifecycle management, policy drift detection, configuration compliance validation, and telemetry enrichment—using modern backend languages (Python strongly preferred) and infrastructure-as-code.

• Manage and tune network-layer detection capabilities — including IDS/IPS signatures, firewall rules, and WAF configuration — to ensure high-fidelity signals for SOC consumption.

• Operate at the leading edge of AI-assisted development: write precise engineering specifications, direct AI coding agents (e.g., Claude Code, Cursor), and review/validate generated output to build secure, lights-off agentic pipelines that the broader team can learn from.

• Build and maintain API integrations across the network security technology stack (e.g., Cloudflare, Zscaler, cloud-native controls) with reliability, observability, and audit-readiness designed in from day one.

• Support compliance audit and assessment activities — including evidence collection, control testing, and auditor walkthroughs for network security domains; maintain an accurate network diagram inventory documenting topology, segmentation boundaries, and data flows.

• Partner with the Security Operations Center, SRE, and IT to ensure network security controls integrate cleanly with existing infrastructure pipelines, CI/CD workflows, and incident response processes; participate in security architecture reviews and contribute to runbook development and operational documentation—raising the network security bar across the engineering organization.

• Perform other duties as assigned.

Physical Demands:

• While performing the duties of this job, the employee is regularly required to sit; use hands to type, handle, or feel and talk or hear.

• Specific vision abilities required by this job include close vision.

• Ability to occasionally lift/move up to 25 pounds.

• Individuals with a disability who are otherwise able to perform the essential functions of the job may request reasonable accommodation through the Human Resources department.

Supervisory Responsibility:

None.

Position Specifications

Education:

• Bachelor’s degree in Computer Science, Information Security, Network Engineering, or a related technical field, or equivalent combination of education and experience.

• Preferred certifications: CCNP Security, PCNSE (Palo Alto), AWS Solutions Architect, Cloudflare certifications, or equivalent. Relevant certifications are valued but not required if depth of hands-on experience is demonstrated.

Experience:

• 5+ years of progressive experience in network security engineering, with a demonstrated track record of designing, automating, and operating network security controls in cloud-native or hybrid environments.

• Substantive hands-on engineering experience: you write production code, build integrations, and ship tooling—not just policies and diagrams.

• Direct experience with network security platforms such as Cloudflare (WAF, Workers, Rulesets, Terraform provider), Zscaler (ZIA, ZPA), Palo Alto, or equivalent tier-one solutions.

• Experience in fintech, banking, payments, or other regulated financial services environments (PCI-DSS, SOC 2, ISO 27001) strongly preferred.

• Experience with infrastructure-as-code (Terraform, CloudFormation) and CI/CD-driven infrastructure provisioning.

Knowledge, Skills, & Abilities:

Required:

• Deep expertise in network security fundamentals: firewall policy design, micro-segmentation, ZTNA, SD-WAN, DDoS mitigation, traffic analysis, DNS security, and certificate/PKI management.

• Hands-on experience with agentic coding tools and workflows (Claude Code, Cursor, or equivalent)—or demonstrated eagerness and aptitude to adopt them as a primary development methodology.

• Strong proficiency in at least one backend language (Python strongly preferred; Go or similar considered) with the ability to design and build production-grade APIs, automation frameworks, and integration platforms.

• Thorough understanding of identity-aware network security—designing controls that authenticate and authorize not just users but services, workloads, and autonomous agents.

• Demonstrated ability to write clear, precise engineering specifications and technical documentation; comfortable operating on a distributed, async-first team where written clarity drives outcomes.

• Sound engineering judgment: able to evaluate AI-generated code for correctness, security implications, and maintainability; able to architect systems for reliability and observability.

• Strong cross-functional communication skills: able to translate network security requirements into actionable engineering work and influence peers across Security, SRE, and Platform teams.

Preferred:

• Experience building real-time telemetry, monitoring, and threat detection pipelines for network traffic.

• Familiarity with agent-to-agent authentication, service mesh architectures, and securing AI/ML workload communications.

• Experience integrating threat intelligence feeds and automating indicator-of-compromise enrichment into network defense workflows.

Travel:

• Minimal, generally 12 days or less per year (~2 team get-togethers per year).

$145,000 - $175,000 a year

LIFE AT LUMIN DIGITAL

Lumin Digital is a trailblazer in digital banking solutions, driven by a unique approach to technology, service, and people. We empower credit unions and banks by creating cutting-edge digital experiences that continuously serve, engage, and grow their membership base — and as a 100% cloud-native company, we’re purpose-built to unlock the full advantages of the cloud for financial institutions and their users.

At Lumin, we thrive on curiosity and innovation. Our culture is built on trust in our expertise and decisions, respect for diverse perspectives and talents, and boldness in pursuing new ideas. These values shape a workplace where collaboration thrives, ideas flourish, and new possibilities are discovered every day. We encourage our team to explore, experiment, and challenge the status quo — because continuous improvement isn’t just a goal, it’s how we operate.

Benefits Include We take care of our people with medical, dental, and vision insurance, a 401(k) with company match, flexible PTO plus 12 paid holidays, paid sick leave, and paid parental and family leave. We also offer a lifestyle spending account, tuition reimbursement, and a cell phone stipend. Additional details are provided during the interview process.

Lumin Digital is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender identity, or any other legally protected basis. For more information, visit lumindigital.com.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Reports to: Sr. Director of Adversary Tactics

Location: Remote US

Compensation Range: $190,000.00 to $210,000.00  base plus bonus and equity

What We Do:

Cybercrime is growing, and more businesses are getting hit by threats that used to target only the biggest organizations. That pushes defenders like us to operate at the highest level, and it deepens our need for good people who want to make a meaningful impact.

Founded in 2015 by former NSA cyber operators, Huntress is a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. We work closely with security teams and service providers protecting complex environments, often without the time or headcount to handle it all. That’s why we build our technology in-house and back it with a 24⁄7 human-led Security Operations Center (SOC). As a result, our platform is never disconnected from the experts who manage it, ensuring our customers’ protection.

Huntress now secures more than 5M endpoints and 11M identities worldwide. Those numbers keep growing because more businesses rely on us to help carry the load and operate with more confidence. Every day, you can see that commitment in how we stand with our customers and how we show up for each other.

What You’ll Do:

The Huntress Adversary Tactics team has the unique honor of waking up every morning knowing we’re going to make hackers regret targeting our partners and customers. We’re looking for someone who wants to pour their creativity into researching, hunting, and uncovering threats in our customer networks. Competitive candidates have experience leading a team of researchers across the threat intelligence cycle. Candidates should also have experience creating Threat Intelligence reports, advocating for product enhancements, and public speaking.

Threat Intelligence Analysts aggregate threat data from the previous month and build out reports for our customers. These reports may also be used for marketing and help illustrate the value of what Huntress provides to customers and the community. Threat Intelligence Analysts are also responsible for writing blog posts and marketing materials regarding emerging threat trends. They also work closely with Security Researchers and Analysts to obtain more context about threat data.

Familiarity with product management, scripting/development, incident response, malware analysis, configuration management, and antivirus technologies is an additional way to differentiate yourself.

As you can imagine, success doesn’t happen in a vacuum. An effective hunter fosters highly collaborative environments between the Product, Marketing, and Security Operations Center teams to accelerate our mission and secure the 99% of businesses that fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision, ultimately delivering our most impactful features and capabilities.

We defend over 5 million endpoints and 11 million identities, and that number continues to grow each month, across tens of thousands of mid-sized and small business customers. Given this market’s tighter budgets, it’s impossible to assign human analysts to each client. The Adversary Tactics team addresses this challenge head-on by providing input to build and scale highly automated efficiencies—often lightly augmented by our Security Operations Analysts—that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.

Responsibilities:

• Conducts research on emerging adversary tradecraft in the identity space (Microsoft 365, Google) to help scope and conduct hunt missions
• Responsible for aggregating threat data to build out reports for customers to show Huntress’ value, and inform them of various threats that have been seen and reported
• Responsible for creating reports for marketing to show Huntress’ value to the larger community
• Promote Huntress’ reputation through media interaction, public speaking, and blogs
• Works with the Sr. Director of Adversary Tactics, the Security Operations Center, Product, and others to develop the Product and threat operations roadmap
• Provides technical leadership for some members of the Security teams
• Supports the professional development of researchers and others in the organization through coaching and mentorship
• Responsible for enhancing Huntress visibility by ingesting and utilizing IOCs from external threat intel sources
• Responsible for blog posts and other marketing materials regarding threat trends
• Excellent written and verbal communication skills
• Familiarity with utilizing AI in workflows

What You Bring To The Team:

• Minimum of 5 years of experience in the field of Threat Intelligence
• Experience with SIEM tools for scaled log analysis
• Familiarity with detection engineering, detection logic, i.e., Sigma Rules
• Experience researching and scoping threat hunt missions
• Understanding of cybersecurity, threat actors, and end-to-end threat life cycle, including one or more of the following: digital forensics, malware research, incident response, vulnerabilities, and exploits
• Experience with 3rd-party intelligence tools, feeds, and reputation services.
• Experience conducting OSINT gathering and analysis
• Foundational development experience across multiple platforms (e.g., Windows and/or macOS), C/C++, GoLang, and Python (nice to have)
• Proficient knowledge of Windows and/or macOS subsystems and how they interact both at the user and kernel level (nice to have)

What We Offer:

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

We do discriminate against hackers who try to exploit businesses of all sizes.

Accommodations:

If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com . Please note that non-accommodation requests to this inbox will not receive a response.

Huntress uses artificial intelligence tools to assist in reviewing and evaluating job applications, including resume screening, skills assessment, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process, but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our Candidate Privacy Notice for more details on our practices and your data privacy rights.

#BI-Remote

Reports to: Sr. Director of Adversary Tactics

Location: Remote US

Compensation Range: $190,000.00 to $210,000.00  base plus bonus and equity

What We Do:

Cybercrime is growing, and more businesses are getting hit by threats that used to target only the biggest organizations. That pushes defenders like us to operate at the highest level, and it deepens our need for good people who want to make a meaningful impact.

Founded in 2015 by former NSA cyber operators, Huntress is a remote-first team working to make enterprise-grade cybersecurity accessible to businesses of all sizes. We work closely with security teams and service providers protecting complex environments, often without the time or headcount to handle it all. That’s why we build our technology in-house and back it with a 24⁄7 human-led Security Operations Center (SOC). As a result, our platform is never disconnected from the experts who manage it, ensuring our customers’ protection.

Huntress now secures more than 5M endpoints and 11M identities worldwide. Those numbers keep growing because more businesses rely on us to help carry the load and operate with more confidence. Every day, you can see that commitment in how we stand with our customers and how we show up for each other.

What You’ll Do:

The Huntress Adversary Tactics team has the unique honor of waking up every morning knowing we’re going to make hackers regret targeting our partners and customers. We’re looking for someone who wants to pour their creativity into researching, hunting, and uncovering threats in our customer networks. Competitive candidates have experience leading a team of researchers across the threat intelligence cycle. Candidates should also have experience creating Threat Intelligence reports, advocating for product enhancements, and public speaking.

Threat Intelligence Analysts aggregate threat data from the previous month and build out reports for our customers. These reports may also be used for marketing and help illustrate the value of what Huntress provides to customers and the community. Threat Intelligence Analysts are also responsible for writing blog posts and marketing materials regarding emerging threat trends. They also work closely with Security Researchers and Analysts to obtain more context about threat data.

Familiarity with product management, scripting/development, incident response, malware analysis, configuration management, and antivirus technologies is an additional way to differentiate yourself.

As you can imagine, success doesn’t happen in a vacuum. An effective hunter fosters highly collaborative environments between the Product, Marketing, and Security Operations Center teams to accelerate our mission and secure the 99% of businesses that fall below the enterprise poverty line. This collaboration is needed to produce and prioritize a unified technical vision, ultimately delivering our most impactful features and capabilities.

We defend over 5 million endpoints and 11 million identities, and that number continues to grow each month, across tens of thousands of mid-sized and small business customers. Given this market’s tighter budgets, it’s impossible to assign human analysts to each client. The Adversary Tactics team addresses this challenge head-on by providing input to build and scale highly automated efficiencies—often lightly augmented by our Security Operations Analysts—that make intruders earn every inch of their access while maintaining affordability and healthy gross margins.

Responsibilities:

• Conducts research on emerging adversary tradecraft in the identity space (Microsoft 365, Google) to help scope and conduct hunt missions
• Responsible for aggregating threat data to build out reports for customers to show Huntress’ value, and inform them of various threats that have been seen and reported
• Responsible for creating reports for marketing to show Huntress’ value to the larger community
• Promote Huntress’ reputation through media interaction, public speaking, and blogs
• Works with the Sr. Director of Adversary Tactics, the Security Operations Center, Product, and others to develop the Product and threat operations roadmap
• Provides technical leadership for some members of the Security teams
• Supports the professional development of researchers and others in the organization through coaching and mentorship
• Responsible for enhancing Huntress visibility by ingesting and utilizing IOCs from external threat intel sources
• Responsible for blog posts and other marketing materials regarding threat trends
• Excellent written and verbal communication skills
• Familiarity with utilizing AI in workflows

What You Bring To The Team:

• Minimum of 5 years of experience in the field of Threat Intelligence
• Experience with SIEM tools for scaled log analysis
• Familiarity with detection engineering, detection logic, i.e., Sigma Rules
• Experience researching and scoping threat hunt missions
• Understanding of cybersecurity, threat actors, and end-to-end threat life cycle, including one or more of the following: digital forensics, malware research, incident response, vulnerabilities, and exploits
• Experience with 3rd-party intelligence tools, feeds, and reputation services.
• Experience conducting OSINT gathering and analysis
• Foundational development experience across multiple platforms (e.g., Windows and/or macOS), C/C++, GoLang, and Python (nice to have)
• Proficient knowledge of Windows and/or macOS subsystems and how they interact both at the user and kernel level (nice to have)

What We Offer:

• 100% remote work environment - since our founding in 2015
• Generous paid time off policy, including vacation, sick time, and paid holidays
• 12 weeks of paid parental leave
• Highly competitive and comprehensive medical, dental, and vision benefits plans
• 401(k) with a 5% contribution regardless of employee contribution
• Life and Disability insurance plans
• Stock options for all full-time employees
• One-time $500 reimbursement for building/upgrading home office
• Annual allowance for education and professional development assistance
• $75 USD/month digital reimbursement
• Access to the BetterUp platform for coaching, personal, and professional growth

Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are.

We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status.

We do discriminate against hackers who try to exploit businesses of all sizes.

Accommodations:

If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com . Please note that non-accommodation requests to this inbox will not receive a response.

Huntress uses artificial intelligence tools to assist in reviewing and evaluating job applications, including resume screening, skills assessment, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process, but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our Candidate Privacy Notice for more details on our practices and your data privacy rights.

#BI-Remote

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and...