2,422 Cyber Security jobs in the United States

Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.

As a Senior Cybersecurity Engineer at Peloton, you will be responsible for supporting the
ongoing security operations and overall security strategy at Peloton. The ideal candidate must
demonstrate in-depth knowledge of and experience in vulnerability and patch management,
networking, cloud technology, incident response and automation. This person will develop,
optimize, and operate the security tools used throughout Peloton's infrastructure and contribute
to the overall security strategy across the entire organization.
Responsibilities:
Architect, deploy, and maintain Peloton's security infrastructure
Evangelize security throughout Peloton and empower end users to do their jobs
securely without creating additional friction
Research and analyze potential new threats, attack vectors and risks and identify
mitigation efforts
Examine output from security tools and software and report on findings
Collaborate with Peloton engineering teams to define and implement remediating
controls to improve security.
Work with cyber analysts and security engineers to develop threat models,
detections, incident response playbooks, and maintain tooling to enrich security
intelligence.
Manage EDR, DNS security and vulnerability management tools.
Requirements:
5+ years experience working in a security role
You know how to identify security gaps / areas of risk and are able to effectively put
together a plan for remediation
Ability to work cross functionally between technical and business teams,
evangelizing security best practices, policies, and procedures
Effective communication skills
Demonstrated knowledge of enterprise-scale security technologies which may
include EDR, SIEM, vulnerability management, incident response, PKI, user
behavior analytics, SSO, IAM, Privileged Access Management.
Experience building reports and dashboards and obtaining data with standard SQL.
Demonstrated proficiency with scripting (Bash, Python, etc)
Experience with developing infrastructure as code (Terraform, Cloudformation)
Deep hands on security experience with cloud providers such as AWS, GCP
Experience with Google Workspaces and Amazon Workspaces
Familiarity with development processes and environment tools such as Git and Jira
Flexibility to cover US EST working hours.
Great to Have:
Cybersecurity Certifications (CISSP, CEH, Security+, etc.)
Experience with Nucleus, Splunk, Snowflake, Crowdstrike, Umbrella, Rapid 7 and
Cisco Attack Surface Management.

Role- Cyber Security
Location- Westborough, MA
Job Type- Contract

Participate in review of legacy vulnerabilities and provide input as to priority.• Understand existing security posture and challenges that we currently face (ATO/Stolen rewards)• Evaluate current controls (WAF, Ping Identity, Riskified) and recommend improvements.• Evaluate existing vulnerability scanning tools (Whitehat and Sonatype) against other tools being used in the industry. Recommend a first in class tool that can be used as single source of truth. • Evaluate existing penetration testing (requires working with IT Sec team) recommend testing that could augment or replace existing testing.• Stay abreast of latest 0 day or emerging threats propose mitigations.• Participate in architectural and design reviews, ensuring that security is built into the processes from the start. • Evaluate new projects and provide feedback as to the security of the new features. Meet with IT Security and compliance teams and help answer questions or concerns that they have about the new projects.

Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.

Monitor, triage, and escalate security alerts? Execute playbooks and document incidents? Collaborate with global GSOC teams and follow the MUFG GSOC operating model? Experience in financial services or regulated environments preferred? Familiarity with NIST, MITRE Telecommunication&CK, and GSOC workflows? Ability to work hybrid in USA (Tempe, or Tampa) offices preferred but willing to discuss other options (including but not limited to Tokyo)? Business Operations Transfer (BOT) models preferred? Both English and Japanese language skills as well as cultural fluency are strongly required.

• Risk management, Access control, Cryptography, Security architecture and design, Application and Database Security, and Key Management/Tokenization Security architecture.
• Cyber Security - GRC - Vendor Risk Assessment
• Vendor Security Assessor is responsible for ensuring Vendor security architecture and design meets firms policies, external guidelines, regulatory expectations and security controls Review the controls related to Application (SaaS), Mobile Security, API controls and Cloud Security Coordinate with internal and external stake holders to initiate, scope, plan controls assessments of new and existing vendor engagements Assess completed questionnaire and supporting documentation to validate vendor implementation of information security controls Produce detailed documentation of assessments Communicate vendor information security issues to the stakeholders, ensuring their understanding of associated risks and actions needed to remediate those risks Validate evidence before remediation plans are closed

• Develop, execute and track the performance of security measures to protect information and network infrastructure and computer systems.
• Design computer security strategy and engineer comprehensive cybersecurity architecture.
• Identify, define and document system security requirements and recommend solutions to management.
• Configure, troubleshoot and maintain security infrastructure software and hardware.
• Install software that monitors systems and networks for security breaches and intrusions.
• Monitor systems for irregular behavior and set up preventive measures.
• Plan, develop, implement and update company's information security strategy.
• Educate and train staff on information system security best practices.

Job Description

Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients.

Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time.

Responsibilities:

• Engineer, implement and monitor security measures for the protection of computer systems, networks and information
• Develop and implement security policies and controls to support the Cyber Security framework
• Manage the existing cyber security training program across global, multilingual business
• Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements
• Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained
• Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity
• Continuous improvement in the areas of Information Security technologies, techniques and processes
• Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard
• Ability to interpret penetration test results and describe issues and fixes to non-security expert
• Responsible for leading an accurate & comprehensive status reporting to the executive steering committee
• Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap

Skills & Experience

• Bachelor’s degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree.
  Certified Information Systems Security Professional (CISSP)
• 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts
• Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps
• Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology.
• Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications
• Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes
• Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment.
• Vulnerability Assessment testing and/or Penetration Testing (preferred)
• Robotic Process Automation/Intelligent Automation (preferred)
• Business case development supporting security technology solutions (preferred)
• Additional certifications demonstrating cybersecurity/technical mastery (preferred)

Job Description

Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients.

Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time.

Responsibilities:

• Engineer, implement and monitor security measures for the protection of computer systems, networks and information
• Develop and implement security policies and controls to support the Cyber Security framework
• Manage the existing cyber security training program across global, multilingual business
• Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements
• Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained
• Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity
• Continuous improvement in the areas of Information Security technologies, techniques and processes
• Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard
• Ability to interpret penetration test results and describe issues and fixes to non-security expert
• Responsible for leading an accurate & comprehensive status reporting to the executive steering committee
• Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap

Skills & Experience

• Bachelor’s degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree.
  Certified Information Systems Security Professional (CISSP)
• 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts
• Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps
• Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology.
• Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications
• Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes
• Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment.
• Vulnerability Assessment testing and/or Penetration Testing (preferred)
• Robotic Process Automation/Intelligent Automation (preferred)
• Business case development supporting security technology solutions (preferred)
• Additional certifications demonstrating cybersecurity/technical mastery (preferred)

Req ID: RQ204666

Type of Requisition: Regular

Clearance Level Must Be Able to Obtain: Secret

Public Trust/Other Required: None

Job Family: Cyber and IT Risk Management

Skills:

Cybersecurity,Information Security,Information Technology Security

Experience:

8 + years of related experience

US Citizenship Required:

Yes

Job Description:

GDIT is the leading systems integrator in the Zero Trust Defense sector market-developing and delivering innovative solutions to government customers. Our Zero Trust business continues experiencing rapid growth, and this is an opportunity to join our team and be a part of creating Cybersecurity solutions that make a real impact.

As a Cyber Security Architect on an Enterprise Zero Trust Program for a DoD client, your responsibilities will include:

• Develop and implement long-term cybersecurity strategies and plans, ensuring alignment with business goals and regulatory requirements.

• Leading RMF efforts for a large distributed system in order to obtain an ATO

• Identify, analyze, and assess security risks, developing and implementing mitigation strategies.

• Create and enforce security policies, procedures, and guidelines to ensure compliance and maintain a secure environment.

• Support incident response efforts, including detection, containment, eradication, and recovery, in the event of security breaches or incidents.

• Support vulnerability assessments, penetration testing, and other security tests to identify weaknesses and vulnerabilities in systems and networks.

• Collaborate with other IT professionals, business stakeholders, and external vendors to ensure security requirements are met.

• Remain up to date on the latest cybersecurity threats, technologies, and best practices.

• Provide guidance and mentoring to junior security professionals and trains employees on security best practices.

Basic Qualifications:

• Understanding of security principles involved in Zero Trust Network Architecture and tools required to implement it

• Understanding of how networks function, including protocols, devices, and security measures like firewalls and VLANs.

• Knowledge of data protection methods, including encryption, pseudonymization, and data masking.

• Understanding of risk assessment, analysis, and mitigation techniques.

• Skills in identifying, analyzing, and responding to security incidents.

• Ability to analyze problems, troubleshoot security issues, and develop effective solutions.

• Capacity to learn and adapt to new technologies and evolving threats.

• Ability to clearly explain complex technical concepts to both technical and non-technical audiences.

• Ability to work effectively with other teams and stakeholders.

• Detail oriented.

Required Skills/Knowledge:

• 5-10 years of experience in IT security and IT risk management is recommended.

• Current Secret clearance.

• DoD 8570 IAT Level III certification.

• Advanced IT security certifications (like CISSP, CEH, GIAC).

• Bachelor's degree in field like Computer Science, Information Technology, or a related field.

• Strong foundation in information security frameworks and IT risk management practices.

• Expertise in DoD RMF Controls and how to correlate the various aspects of the systems, networks, and applications to ensure controls are closed and/or mitigated, and documented in furtherance of obtaining ATO

• Expertise in security audits, compliance requirements, and regulatory standards.

• Deep understanding of enterprise architecture principles and how to integrate security into the overall IT landscape.

• Knowledge of secure coding practices, vulnerability assessment, and penetration testing.

• Knowledge of common operating systems (Windows, Linux, Unix) and their security configurations.

• Proficiency in various zero trust security tools and technologies, such as intrusion detection systems, data loss prevention (DLP) solutions, identity and access management (IAM) systems, firewalls, and ZTNA.

GDIT IS YOUR PLACE:

• Full-flex work week to own your priorities at work and at home

• 401K with company match

• Comprehensive health and wellness packages

• Internal mobility team dedicated to helping you own your career

• Professional growth opportunities including paid education and certifications

• Cutting-edge technology you can learn from

• Rest and recharge with paid vacation and holidays

The likely salary range for this position is $119,000 - $161,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year. Paid leave and paid holidays are prorated based on the employee's date of hire. The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans