Total 495 accounting analyst job vacancies in Legal / Public / Security category in The United States of America

Role: Penetration Tester / Pen Tester 

Location: Bangalore

Expeirence Range: 6-8 Years 

Roles & Responsibilities:

As a Pen Tester/ Information Security Consultant at Resillion, your key responsibilities include:

1. Performing manual penetration tests on IT Systems, including applications and infrastructure, by defining test procedures, executing tests, creating test reports, and following up on reported weaknesses.
2. Assessing the security status of individual applications and the infrastructure landscape.
3. Developing automatic test environments and automatic tests as needed.
4. Providing support to other Information Security functions such as Vulnerability Management (e.g., assessing vulnerabilities) and Incident Management (in a consulting capacity).
5. Delivering various engagements for customers in and the UK, contributing as a technical point of contact in meetings, advising on project scoping, and conducting peer reviews of consultants' output.
6. Representing Resillion at trade shows and events, including giving presentations based on experience.

 

Security Operation Team supports Security Systems and processes to secure our clients IT Application systems and infrastructure .The team is responsible for Security system administration,security processes .

• You should have experience managing following security tools such as Email Security Solutions, Firewalls, Privileged Access Management (PAM), Anti-virus, HIPS/HIDS and Endpoint Detection and Response (EDR), and Multi-factor Authentication, will be helpful in your role and learn the rest on the job.
• Experience with deployment of cybersecurity solutions, including Firewalls, Email Security, Internet content filtering and endpoint protection solutions.
• Articulate systems and methodologies as well as reply to security-related events and support in remediation efforts
• Liaise with other support teams, or product teams as required to resolve requests/issues in a timely manner
• Conduct IT security incident investigation on the IT environment.
• Develop and support emergency procedures and oversee incident responses as well as the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as required.
• Support the development and implementation of security standards, guidelines and processes to ensure the ongoing maintenance of logical security

To apply please click the Apply button or send us your updated profile to recruit@percept-solutions.com

EA Licence No.:18S9405 / EA Reg. No.:R1330864

Percept Solutions is undergoing a growth phase and are on the lookout for talent. Applicants are encouraged to follow Percept Solutions on LinkedIn @ https://www.linkedin.com/company/percept-solutions/ to stay up to date on our upcoming roles and events.

Job Responsibilities:

1. Promote the construction and optimization of the security and security operation center system, including but not limited to log collection, analysis, alarms, SOAR, and BAS;

2. Responsible for tracking and analyzing security issues and promoting the completion of closed-loop processing of security incidents;

3. Enrich and optimize existing alarm scenarios and rules to improve alarm quality;

4. Participate in daily emergency response to security incidents and security system maintenance;

5. Participate in building security testing capabilities for office networks, production networks, and cloud environments;

6. Participate in the company’s office security offensive and defensive confrontation to improve office security capabilities;

job requirements:

1. More than 10 years of security-related work experience, and those who have engaged in Web3-related work are preferred;

2. Be familiar with vulnerability management, writing and maintaining security baseline detection rules, understand the principles of common vulnerabilities, and have the ability to write POC and EXP codes for vulnerabilities;

3. Familiar with at least one language such as Python and Java, and have API system integration development capabilities;

4. Familiar with big data development tools such as SQL, ELK, Kafka, etc., have log analysis and processing capabilities, and can be combined with security risk data;

5. Be familiar with the threat detection operation ideas in office networks, production networks and other environments, and can set up systematic detection solutions according to scenarios;

6. Familiar with the configuration management and rule writing of common security products such as Sysmon, Osquery, and Wazuh; familiar with the main tactics and techniques of the ATT&CK attack matrix and able to convert them into detection rules;

7. Have experience in intrusion detection and emergency response, and be able to quickly locate, block, and defend security incidents;

8. Have the ability to discover vulnerabilities and be able to complete the entire penetration testing process independently.

Bonus Point:

1. Responsible for the complete R&D cycle of security defense products

2. Have in-depth understanding of offense and defense, and experience in actual combat with APT

3. Ability to analyze the behavior of malware samples in Windows/macOS/Linux environments

4.Able to communicate in different Language with teams based in Europe or China

Accounts / Tax Executive

Working Days: 5 days (Mon to Fri)

Working Timing: 9am - 6pm

Working address: The Adelphi - City Hall
Salary: Up to $3500
Other remark: VB | Medical benefits up to $300 per year.

Job Responsible:

• The Accounts/Tax Executive shall be responsible for the accounting and tax requirements of the clients which have outsourced their accounting and tax functions to the Company.
• Able to complete full set of accounts.
• Knowledge of GST.
• Knowledge of tax regulations.

Requirement:

• Degree in Accountancy / ACCA / Diploma in accounting.
• At least 2 years of relevant experiences.

✅✅ Interested applicants kindly contact via WhatsApp: +65 8656 3696 (JOHN).

No Charges will be incurred by Candidates for any service rendered.

Email：supreme.johnlau@gmail.com

Lau Zhao Rui Reg.No: R22109652

14C7279 The Supreme HR Advisory Pte Ltd

*Company name and address will only be disclosed once shortlist for interview.

My client, an Asian bank is looking to hire an AVP, Senior SOC Analyst to be part of their IT team. In this dynamic role, you'll lead the charge in actively hunting and analyzing potential threats, leveraging your expertise to support SOC investigations and prevent attacks before they occur.

As a Senior SOC Analyst (Tier-2) and dedicated threat hunter, you'll be actively searching for vulnerabilities and identifying stealthy attackers. Your duties will include conducting thorough vulnerability assessments and managing the results. Moreover, you'll be responsible for addressing significant incidents escalated by Security Analysts (Tier-1), evaluating their impact, determining the affected systems' scope, and gathering data for further analysis.

It's a full time and a permanent position, office is located at Changi Business Park (East)

Role

Key Responsibilities:

• Lead the Hunt: Spearhead proactive threat detection & analysis, sifting through data (alerts, logs, etc.) and conducting reverse engineering when needed.
• Deep Dive & Solve: Dive deep into security incidents, uncovering trends and root causes. Create and maintain processes to ensure future preparedness.
• Stay Ahead of the Curve: Conduct in-depth research on threats, vulnerabilities, and attack vectors. Collaborate with diverse teams to refine prevention and detection methods.
• The Go-To Guru: Become the trusted expert for SOC-related topics and guide incident response.
• Process Pro: Develop and document SOC procedures based on industry best practices and internal requirements.
• Continuous Improvement Champion: Lead or support projects to enhance SOC effectiveness, keeping us ahead of ever-evolving threats.
• Collaborate & Conquer: Work seamlessly with incident response, threat intelligence, and the overall security strategy teams.

What You Bring:

• Bachelor's in IT (or equivalent) and 5+ years of experience, including 3 leading a SOC team.
• Deep understanding of networking, major internet protocols, and security concepts.
• 3+ years of experience in cyber incident response and/or enterprise SOC operations.
• 2+ years using standard security tools (SIEM, EDR, etc.).
• 2+ years of operational experience with Splunk or similar platforms.
• Expert investigative skills for uncovering incident impact and root cause.
• Strong foundation in security threats and countermeasures.
• Analytical, problem-solving, and multitasking skills for a fast-paced environment.
• Hands-on experience with SIEM, intrusion detection, and application layer protocols.
• Security experience, especially in incident detection and threat intelligence.
• Bonus points for expertise in various operating systems, web technologies, and professional security certifications.
• Experience in multiple IT/Information Security domains like IAM, IT infrastructure, etc.
• Meticulous, team-oriented, flexible, proactive, and positive attitude.
• Strong sense of responsibility, initiative, and communication skills.

We regret to inform that only shortlisted candidates would be notified.
Chiam Lee Ping Dayna
Consultant
Reg. No: R1764404
Stellar- Link Partners Pte Ltd (EA License: 21S0698)

Role and Responsibilities

1. Analysing documents (e.g., design, requirements, architecture, diagrams, flowcharts) to obtain an understanding of the requirements.

2. Identifying the required test scenarios, test case preparation, test data preparation and document traceability matrix to ensure sufficient test coverage.

3. Execute test cases and test plans to support the quality assurance activities throughout the software lifecycle.

4. Defect reporting and verifying fixes.

5. Participate in continuous improvement in quality of test process.

6. Participate in peer reviews of test plans and cases to ensure consistency and adequate coverage.

7. Coordinate large scale testing projects and improve testing efficieny for programme roll out

Requirements / Qualifications

- At least 5-6 years experience in testing IT systems

- must have project management skill.

- In-depth knowledge and experience in Test Plan, Test Strategy, Test Estimation and Test Methodologies

- Experiences in Load Testing and Performance Testing are required.

- Strong written and verbal communication skills.

- able to manage stakeholders, chair meeting and carry out presentation.

- fast learner, able to multi-task, prioritize tasks and quickly adjust in a rapidly changing environment.

- Experience in Healthcare domain and Test Automation is an advantage

Job Description and Requirements

Information Security Assurance Administrators strengthen the organization's information security posture through the construction, socialization and performance measurement of policies and procedures based on best practices, adopted frameworks, and risk assessment activities. 

Essential Functions and Responsibilities:

• Contribute to the strategic and tactical initiatives involving activities associated with managing IT Risk.
• Assist with auditing systems, processes and users to ensure compliance with the organization's information security policies and procedures.
• Assist in the creation and analysis of information security reports on the performance of controls across the enterprise.
• Assist with documenting an organization’s information security requirements in a business context and participate in high-level discussions to identify and respond to business risks.
• Assist with security reviews with stakeholders throughout the organization, identifying gaps and developing risk mitigation plans.
• Provides ongoing support of an effective disaster recovery/incident response program. Works with management to ensure that disaster recovery/incident response plans drive proper strategy and procedures.
• Assist with the development and execution of testing processes utilized to validate the disaster recovery/incident response plans. Schedule and lead all tabletop exercises.  Develop and understand all testing necessary for a successful execution.
• Works with the IT staff to ensure that disaster/incident response solutions are adequate, in place, maintained, and tested as part of the regular operational life cycle.
• Assist with the development and deployment of training documentation and communication of incident procedures to the organization.
• Assist with vendor risk assessments.
• With guidance, produce deliverables, specifically process flows, procedure documentation, writing specialized assessment reports, related to process, tools, and metrics and communication activities.
• All other duties as assigned (note: essential functions and responsibilities may change or new ones may be assigned at any time with or without notice).

Requirements:

• High School Diploma or GED. Bachelor’s degree in information technology preferred
• Minimum of 3 years’ experience in IT Operations, Security, Risk, and/or Audit
• Technical Project Management and/or Business Analysis experience desired
• Understanding of technical concepts including system, application and network functions and design
• Understanding of financial institution governance and regulations including SSAE16/18, FFIEC, GLBA and NCUA
• Must have high level of communications skills to communicate with all levels of management
• Experience supporting technical projects with technical and non-technical participants
• Experience directly supporting an organization's information security program through development and implementation of policies, standards and procedures

Skills and/or Certifications/Licensing

• Strong oral/written communication, organization, time management and interpersonal skills
• Highly proficient with Microsoft Office software
• Highly self-motivated, able to multi-task and manage deadlines well
• Security certificates, CISA other IT governance related certifications preferred
• Knowledge of regulations and best practices for information security including guidance published by NIST, FFIEC, and CIS

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.

Let's Write Africa's Story Together!

Old Mutual is a firm believer in the African opportunity and our diverse talent reflects this.

Job Description

The Information Security Analyst (ISA) will provide information security risk support and cybersecurity expertise to the business segments. The support will take the form of operational risk analysis and assessments through the demand management and request tracking tools, consultancy, policy and standards best practice guidance, and process improvements. The ISA will be required to work with project teams, service providers, and business units internal and external to the IT function. The candidate is expected work with leadership and guidance from the Information Security Officer’s and/or the Lead Information Security Analyst, to support and influence technology and business personnel regarding the value and methods of safeguarding information, applications, systems, infrastructure, and work practices are optimized so that the information risks are properly managed.
The Information Security Analyst provides support to the Information Security Officer in managing the organisation-wide Technology, Governance, Risk and Compliance function (IT GRC) within the Office of the Chief Information Security Office.

Location: Hybrid - Cape Town | Johannesburg | Durban

• To support and shape the Information/Cybersecurity initiatives and support business segments in the implementation and execution of the Information/Cybersecurity framework, policies, and reporting of all segment specific Information/Cybersecurity elements.
• Analyse business impact and exposure based on emerging security threats.
• Work closely with information security officers, architects, functional area specialists, and other security staff to ensure adequate security solutions are in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements.
• Support and document security assessments relating to IT security and risk management compliance, driven by the Lead Information Security Analyst.
• Support the integration of the business-related security risk requirements into the broader governance structures, by initiating relevant discussions, and ensuring the evidencing of key risk-related decisions.
• Log, track and manage risks and report risk trends, opportunities and remediation status monthly.
• Create, log requests and report tasks necessary to continuous improvement and evolution of security services.
• Manage stakeholder requests ensuring strong relationships are built and maintained. Instil confidence across the business that information security risks are identified and mitigated.
• Assist with the creation of processes and process improvement to ensure smooth execution of risk processes with minimal burden on stakeholders..

Role Requirements

• Relevant tertiary (3yr) qualifications in a IT risk discipline required
• A certification from ISACA (CISA), ISC2 (SSCP) is advantageous
• 2 - 4 years relevant industry experience IT risk management or security role.
• Experience within the Insurance and /or financial services sector advantageous
• Knowledge of IT risk management principles and practices
• Understanding of IT Governance, and technology and life cycle development processes (SDLC, technology operations, business continuity, etc).
• Broad knowledge of range of standards, frameworks and methodologies— for example, International Standards Organization (ISO) 27001/2, NIST Cyber Security Framework, IT Infrastructure Library (ITIL), COBIT
• Excellent Written and oral communication skills
• Strong facilitation, negotiation and conflict resolution skills
• Strong Analytical and problem solving skills

Skills

Education

Closing Date

26 March 2024

The appointment will be made from the designated group in line with the Employment Equity Plan of Old Mutual South Africa and the specific business unit in question.

Old Mutual Limited is pro-vaccination and encourages its workforce to be fully vaccinated against Covid-19.

All prospective employees are required to disclose their vaccination status as part of the recruitment process.

Please refer to the Old Mutual’s Covid-19 vaccination policy for further detail. Kindly note that Old Mutual reserves the right to reinstate the requirement to vaccinate at any point if it is of the view that it is imperative to do so.

The Old Mutual Story!

Are you looking to support innovative web-based applications and other solutions that improve the way in which Federal agencies analyze public feedback on current and emerging policy and regulatory issues?  ICF is seeking a detail-oriented data processing analyst to fill a full-time position to contribute to our area of business that focuses on the review, processing, and analysis of public comments on highly scrutinized and often controversial public policy topics. This position is available immediately and can be filled either as a fully remote position or as a position primarily located in Reston, VA (i.e., in the DC Metro area) with flexibility for telework considered.    

Job responsibilities:

This position will join our multidisciplinary team of regulatory specialists, policy analysts, and attorneys who support a wide variety of major federal rulemaking efforts by processing and analyzing comment submissions and preparing written technical support documentation. You will assist on engagements for federal government clients who develop and implement regulatory programs affecting energy, the environment, homeland security, public health, nutrition and food/drug safety, employment and training, trade, transportation, and other national priorities.

What you will do…

• Using ICF’s web-based public comment management application and associated utilities to process public comment documents and their associated metadata
• Performing imports/exports from a comment processing system and generating reports
• Performing bulk data management activities programmatically using APIs
• Performing comment data consistency reviews and data entry/cleanup tasks
• Reading and analyzing public comments and assigning comments to topical categories
• Identifying and processing mass mail campaigns
• Providing verbal and written progress updates to project staff
• Preparing written technical documentation
• Assisting in testing and conducting trainings/demonstrations of ICF’s web-based comment management system and associated utilities

What you will need (minimum qualifications):

• Bachelor's degree with minimum GPA of 3.0
• U.S. Citizenship is required per federal contracts
• Ability to obtain and maintain a moderate-level government security clearance

What we would like you to have (preferred qualifications):

• Thorough understanding of and significant experience using Microsoft Excel
• Experience supporting high-volume document processing tasks and/or data processing projects/applications
• Bachelor’s degree in computer science or related field
• Eagerness and ability to learn new skills and technologies quickly
• Strong analytical, problem-solving, organizational, time management, and decision-making skills
• Ability to prioritize and work on multiple projects under strict deadlines in a fast-paced environment
• Excellent written and oral communications skills
• Detail-oriented and team-oriented collaborative approach
• Proficiency in Microsoft Office (Word, Excel, Outlook, PowerPoint) and Adobe

Why you’ll love working here:

• Comprehensive health benefits and corporate wellness program
• Competitive vacation and retirement plans
• Flexible work arrangements.
• A diverse workforce that values equity and inclusion
• Employee community networks to support a diverse, inclusive workplace
• Ongoing learning and development opportunities to meet your professional goals.

Working at ICF

ICF is a global advisory and technology services provider, but we’re not your typical consultants. We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future.

We can only solve the world's toughest challenges by building an inclusive workplace that allows everyone to thrive. We are an equal opportunity employer, committed to hiring regardless of any protected characteristic, such as race, ethnicity, national origin, color, sex, gender identity/expression, sexual orientation, religion, age, disability status, or military/veteran status. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO & AA policy.

Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation please email icfcareercenter@icf.com and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

Read more about workplace discrimination rights, the Pay Transparency Statement, or our benefit offerings which are included in the Transparency in (Benefits) Coverage Act.

 

Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position. The pay range for this position is:

$44,680.00 - $75,956.00

Virginia Remote Office (VA99)

What if the work you did every day could impact the lives of people you know? Or all of humanity?

At Illumina, we are expanding access to genomic technology to realize health equity for billions of people around the world. Our efforts enable life-changing discoveries that are transforming human health through the early detection and diagnosis of diseases and new treatment options for patients.

Working at Illumina means being part of something bigger than yourself. Every person, in every role, has the opportunity to make a difference. Surrounded by extraordinary people, inspiring leaders, and world changing projects, you will do more and become more than you ever thought possible.

The Vulnerability Management Analyst will lead in driving the strategy, evaluation, process, execution, and operations of the vulnerability management program at Illumina.  S/he will be responsible for vulnerability detection, analysis, prioritization, reporting, remediation, and validation against common vulnerabilities.  This role is accountable for collecting, processing, monitoring, and disseminating potential threat intelligence and security vulnerabilities.  This role will also partner with each functional area to overlay vulnerability and threat data with system knowledge to identify where compensating controls (or deep system knowledge) can be applied to lower (or raise) the effective risk ratings.

Responsible for successfully executing enterprise-wide Information Security Operational controls and processes related to vulnerability management that protect the company’s data and functions across all business areas.  Adhering to data protection standards, procedures, regulatory oversight, and technical solutions for the Information Security department.  

Lead vulnerability management investigations, establish and improve monitoring processes, analysis of vulnerability events, validation via manual testing of patch effectiveness, cyber-security-based awareness and education, and vulnerability management requests. Point of escalation for zero-day vulnerabilities triage and response for junior staff. 

Performs all duties in accordance with the company’s policies and procedures, all state, federal, and country laws and regulations, wherein the company operates.

In accordance with regulatory and audit requirements, this position will perform analysis of systems and programs, including the cyber-security related programs and initiatives.  Delivery of activity reporting, including metrics, environment impact, effectiveness progress, and performance, and risk indicators.

Duties

• Configure and manage vulnerability management tools, creating scan schedules, reporting and metrics generation and documentation
• Monitors, tracks, responds, investigates, and reports in compliance to vulnerability policies and works with the responsible parties to drive timely results and remediation of vulnerabilities
• Generates and monitors effective and actionable vulnerability management reporting across the enterprise 
• Research and assess current vulnerability threats
• Practices applicable procedures and standards that meet existing and newly developed policy and regulatory requirements (i.e., PCI-DSS, SOX, GDPR, CCPA)
• Keeps abreast of the latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities pertaining to the organization
• Review, triage, and respond to service requests and alerts related to vulnerability management
• Response to vulnerability findings as primary or a point 
• Assist in the administration and removal of unsanctioned software
• Liaison between internal teams to improve overall enterprise risk
• Act on improving processes and procedures

Skills

• Strong oral and written communication skills appropriate for consultation with all levels of management
• Strong problem-solving and analytical skills
• Proficient, or able to gain proficiency with, vulnerability management applications and tools
• Previous risk-based vulnerability management experience
• Knowledge of vulnerability management lifecycle (familiar with CVEs, CVSS, and MITRE) 
• Experience in collaboration amongst multiple lines of business and geographic theaters
• Strong experience and architecture comprehension of vulnerability management environments preferred
• The ability to thrive in a fast-paced, dynamic environment
• Understanding of threat intelligence best practices
• Overall Networking understanding and principles
• Successfully implemented and delivered projects involving a variety of cybersecurity functions
• Team oriented and skilled in working in a collaborative environment
• The ability to influence and drive change within teams and the organization
• A self-starter with a hands-on style, high level of energy, stamina, and drive 
• A strong team player who is proactive and driven to achieve results 
• Commendable organizational and time management skills
• Previous experience working as part of an enterprise Information Security team
• Monitors, tracks, responds, investigates, and reports in compliance to vulnerability policies, and works with the responsible parties to drive timely results and remediation
• Research and track current security vulnerabilities and related projects
• Keeps abreast of the latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities pertaining to the organization
• Understanding of threat actors with the ability to articulate how they operate and demonstrate how they subvert common security controls
• Ability to validate vulnerability findings through manual testing

Experience/Education

• 5+ years’ experience in multiple Cybersecurity domains (i.e., Vulnerability Management, Identify & Access Control, Network Security, Firewalls, Enterprise Directory Systems, Encryption, Data Loss Prevention {DLP}, Comprehensive Endpoint Protection, Infrastructure & Information Security Operations)
• 3+ years of vulnerability management experience
• Experience working with a wide range of stakeholders to perform vulnerability assessments on systems or applications
• Experience creating useful metrics that will help various stakeholders (asset owners and executives)
• Experience triaging vendor patch releases as well as security bulletins and make recommendations on required remediations
• Experience with patch management processes across network, OS, database, workstations, IoT, virtual, cloud
• Experience with Microsoft, Linux, Mac operating systems
• Experience using MITRE/CVSS calculations to define vulnerable and impacted components to clarify the severity
• Experience collecting, processing, and disseminating threat intelligence
• Successfully implemented and delivered projects involving a variety of cybersecurity functions
• Bachelor’s degree in Computer Science, Information Systems, or equivalent work experience

Nice to Have

• Previous experience in engineering, architecture, application development, information security operations
• Understanding of Cloud and Container Vulnerability Management (AWS, GCP, Azure)
• Webapp vulnerability management experience
• Understanding of DevSecOps best practices
• Knowledge of PCI, HIPAA, NIST 800-53, CIS Benchmark, STIG
• Security Certifications (i.e., AWS Security, Azure Security Engineer, Security+, CISSP, CEH, SANS, etc.)
• Incident Management, Monitor and Response experience in a Cybersecurity operation-based environment 
• Forensic and eDiscovery skills
• Penetration Test/Validation Experience
• OT/Manufacturing Vulnerability Management Experience

Illumina believes that everyone has the ability to make an impact, and we are proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, color, gender, religion, marital status, domestic partner status, age, national origin or ancestry, physical or mental disability, medical condition, sexual orientation, pregnancy, military or veteran status, citizenship status, and genetic information.

Job description
We are seeking a highly skilled and experienced Senior Cyber Security Analyst to join our team. As a Senior Cyber Security Analyst, you will play a pivotal role in safeguarding our organization's systems, networks, and data from cyber threats. Your expertise in cybersecurity frameworks, risk assessment, incident response, and security operations will be crucial in protecting our assets and ensuring compliance with industry regulations. This is an exciting opportunity to lead and contribute to our cybersecurity initiatives while mentoring junior team members.

Responsibilities:
• Lead the development and implementation of comprehensive cybersecurity strategies and initiatives.
• Conduct regular security risk assessments, identify vulnerabilities, and recommend appropriate controls and countermeasures.
• Monitor and analyze security events, alerts, and logs to detect and respond to potential threats and breaches.
• Lead incident response efforts, including investigation, containment, eradication, and recovery, ensuring timely and effective resolution.
• Collaborate with cross-functional teams to design and implement secure infrastructure, systems, and applications.
• Conduct security assessments and penetration testing to identify and address vulnerabilities.
• Provide guidance and support in the development and implementation of security policies, standards, and procedures.
• Stay up-to-date with the latest cybersecurity threats, trends, and technologies, and recommend proactive measures to enhance our security posture.
• Mentor and provide guidance to junior members of the cybersecurity team, promoting professional growth and development.
• Ensure compliance with relevant industry regulations and frameworks (e.g., ISO 27001, NIST, GDPR).

Requirements:
• Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent experience).
• Must have at least 2 years of proven work experience as a Cyber Security Analyst, with a focus on security operations, incident response, and risk assessment.
• In-depth knowledge of cybersecurity principles, frameworks, and best practices.
• Experience with security monitoring tools, SIEM solutions, and threat intelligence platforms.
• Familiarity with penetration testing methodologies, vulnerability assessment tools, and secure coding practices.
• Strong understanding of network security, firewall configuration, intrusion detection systems, and endpoint protection.
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation and security tool integration.
• Familiarity with cloud security principles and technologies (e.g., AWS, Azure).
• Excellent analytical and problem-solving skills, with the ability to analyze complex security issues and recommend effective solutions.
• Strong written and verbal communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders.
• Relevant certifications such as CISSP, CISM, CEH, or GIAC certifications are highly desirable.
• Proven leadership skills, with the ability to lead and mentor junior team members.

Additional Information:
We offer competitive compensation packages, a collaborative work environment, and opportunities for professional growth and development. If you are a highly skilled and motivated Senior Cyber Security Analyst looking to make a significant impact in a forward-thinking organization in Australia, we would love to hear from you. Apply today with your resume, cover letter, and any relevant certifications.

Permanent Residents (PR), Australian / Citizens are eligible to apply Job Type: Full-time Salary: $80,000 to $120,000 per year (inclusive of super)

What if the work you did every day could impact the lives of people you know? Or all of humanity?

At Illumina, we are expanding access to genomic technology to realize health equity for billions of people around the world. Our efforts enable life-changing discoveries that are transforming human health through the early detection and diagnosis of diseases and new treatment options for patients.

Working at Illumina means being part of something bigger than yourself. Every person, in every role, has the opportunity to make a difference. Surrounded by extraordinary people, inspiring leaders, and world changing projects, you will do more and become more than you ever thought possible.

Position Summary:

The Sr.IT Security Risk & Compliance Analyst will work within the security certifications team to support and mature a strong security certifications program. With an immediate goal to provide operation support in maintaining ISO:27001 certification for Illumina’s cloud-based analytics products. The role will bring the necessary subject matter expertise in the ISO Security certification space and work with the program manager based in AMR region to meet future business needs. The position requires ability to operate with remote supervision, with high customer satisfaction, efficiency, and accountability towards the success of the program. This position interacts with all tiers of staff and management and must possess good project and organizational skills.

Responsibilities:

• Responsible for ensuring various process owners maintain the required ISO:27001 security controls.
• Documenting evidence that supports compliance with security requirements
• Coordinates data gathering, logging and upkeep of periodic activities as defined within the security management process.
• Develops and maintains periodic review of ISMS program based polices.
• Advises project teams and internal GIS customers on ISO certification scope, and compliance approach.
• Assist and lead process improvement projects to enhance control strength.
• Operate independently to manage end to end compliance activities within projects.
• Develops and maintains metrics to demonstrate security controls health throughout the year.
• Assist in maintaining ISO security risks, open action items and drive them for closure.
• Support internal security audits conducted as part of ISO program.
• Schedule, maintain and facilitate SME walkthroughs during external and internal audits.
• Work within the GRC audit tool to maintain audit schedules, control strength ratings and SME ownership assignments.
• Facilitate and maintain ISO program non-conformance actions including root-cause analysis and investigation status.

Listed responsibilities are an essential, but not exhaustive list, of the usual duties associated with the position. Changes to individual responsibilities may occur due to business needs.

Requirements:

• Experience with ISO:27001 requirements and security regulations within other frameworks – e.g., 21 CFR Part 820/11, ISO 13485, FDA, SOX, HIPAA and GAMP.
• Strong organizational skills to maintain and manage activities around ISO certification projects.
• Experience working within a distributed team in multiple geographical locations.
• Strong oral and written skills to persuade, direct and advise stakeholders on security compliance processes.
• Understanding of cloud infrastructure and general IT controls
• Ability to articulate security & compliance requirements & strategy and provide tailored approach to meet the business needs.
• Experience and leadership in fast-paced project implementations.
• Excellent customer service and communication skills.
• Experience with software development lifecycle activities, methodologies, testing and validation.
• Experience with common IT infrastructure and applications, e.g., virtualization, directory services, storage, DBMS.

All listed requirements are deemed as essential functions to this position; however, business conditions may require reasonable accommodations for additional task and responsibilities

Experience/Education:

• Typically requires a Bachelor’s degree and a minimum of 5 years of related experience.

#LI-HYBRID

#illuminacareers

Illumina believes that everyone has the ability to make an impact, and we are proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, color, gender, religion, marital status, domestic partner status, age, national origin or ancestry, physical or mental disability, medical condition, sexual orientation, pregnancy, military or veteran status, citizenship status, and genetic information.

What if the work you did every day could impact the lives of people you know? Or all of humanity?

At Illumina, we are expanding access to genomic technology to realize health equity for billions of people around the world. Our efforts enable life-changing discoveries that are transforming human health through the early detection and diagnosis of diseases and new treatment options for patients.

Working at Illumina means being part of something bigger than yourself. Every person, in every role, has the opportunity to make a difference. Surrounded by extraordinary people, inspiring leaders, and world changing projects, you will do more and become more than you ever thought possible.

Responsible for successfully executing enterprise-wide Information Security Operational controls and processes that protect the company’s data and functions across all business areas. Adhering to data protection standards, procedures, regulatory oversight, and technical solutions for the Information Security department.

Lead Security Incident Response investigations, establish and improve monitoring processes, analysis of security events, cyber-security-based awareness and education, phishing email analysis, response to alerts, investigation of suspicious activity, cyber-related requests. Point of escalation for security event triage and response for junior staff.

Performs all duties in accordance with the company’s policies and procedures, all state, federal, and country laws and regulations, wherein the company operates.

In accordance with regulatory and audit requirements, this position will perform analysis of systems and programs, including the cyber-security related programs and initiatives. Delivery of activity reporting, including metrics, environment impact, effectiveness progress, and performance, and risk indicators.

Duties

• Hardening of systems in Operational Technology (OT) and corporate environments
• Create and enforce security policies for OT and Corporate systems
• Document change management of OT structures
• Configure and manage SIEM, creating notable events, correlations and documenting playbooks for response efforts
• Monitors, tracks, responds, investigates, and reports in compliance to security requirements, and works with the responsible parties to drive timely results and remediation
• Generates and monitors effective and actionable Information Security reporting across all Information Security technical landscape
• Research and track current security threats
• Participates in the global distribution of the enterprise Cyber-Security Operations Security Awareness training and campaigns
• Practices applicable procedures and standards that meet existing and newly developed policy and regulatory requirements (i.e., PCI-DSS, SOX, GDPR, CCPA)
• Keeps abreast of the latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities pertaining to the organization
• Review, triage, and respond to service requests and alerts.
• Level 2 response to security alerts as primary or a point of escalation to junior team members
• Level 2 response to datal loss prevention (DLP) investigations, and assisting with eDiscovery tasks
• Perform detailed incident response related to security events
• Participate in on-call efforts on a rotational basis
• Act on improving processes and procedures

Skills

• Strong oral and written communication skills appropriate for consultation with all levels of management
• Knowledge of OT network segmentation best practices
• Strong understanding of OT specific network protocols
• Strong problem-solving and analytical skills
• Proficient, or able to gain proficiency with, security software applications and tools
• Experience in collaboration amongst multiple lines of business and geographic theaters
• Information Security-based certification preferred (i.e., CompTIA, Network+/Security+, CEH, GIAC GSE, SANS Academy certs, or similar)
• The ability to thrive in a fast-paced, dynamic environment
• The ability to influence and drive change within teams and the organization
• A self-starter with a hands-on style, high level of energy, stamina, and drive
• A strong team player who is proactive and driven to achieve results
• Commendable organizational and time management skills
• Previous senior team experience working as part of an enterprise Information Security team

Experience/Education

• 5+ years’ experience in multiple Cybersecurity domains (i.e., Identify & Access Control, Network Security, Firewalls, Enterprise Directory Systems, Encryption, Data Loss Prevention {DLP}, Comprehensive Endpoint Protection, & Information Security Operations)
• 5+ years experience with Level 1 security event triage and escalation
• 5+ years experience in phishing triage and response
• 3+ years’ Incident Management, Monitor and Response experience in a Cybersecurity operation-based environment a must
• 3+ years’ Investigation within Operational Technology (OT) environments
• 1+ Threat Hunting and Assessment
• In-depth familiarity with enterprise workflow tools, scripting, and ability to develop and improve tool utilization, and promote process efficiency
• Bachelor's degree in Information Systems, Computer Science, Information Security, and/or related work experience

#LI-HYBRID
#illuminacareers

Illumina believes that everyone has the ability to make an impact, and we are proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, color, gender, religion, marital status, domestic partner status, age, national origin or ancestry, physical or mental disability, medical condition, sexual orientation, pregnancy, military or veteran status, citizenship status, and genetic information.

Are you ready to keep the data of 49 million global customers safe?

Groupon’s Information Security team is seeking a Security Compliance Analyst who will support

enterprise adherence to information security controls, regulations and industry best practices by leading various initiatives to protect the confidentiality, integrity and availability of our data and information systems assets

This involves an understanding of Groupon’s business requirements and a thorough understanding of regulatory requirements (such as GDPR,PCI) for both outsourced providers and internally developed solutions and how best to meet those requirements. The Analyst will develop strong partnerships with internal business partners and external vendors to ensure customer, employee, and company information is protected at the appropriate level.

Primary responsibilities include assisting in third party vendor management reviews, implement data loss prevention policies and procedures, and provide support for PCI compliance.

Does this sound like you?

• Excellent verbal, interpersonal, and written communication skills
• Excellent analytical, problem-solving and decision-making capabilities
• Can effectively work self-sufficiently across a geographically distributed team environment with integrity
• Is a results oriented, high energy person who takes pride in their work

Professional Skills & Responsibilities

• Perform information security due diligence on third party vendors to determine the effectiveness of their controls to protect the Company’s data, identify any discrepancies and escalate all issues to management.
• Review completed SIG questionnaires based on vendor risk and evaluate responses received from security questionnaires that align with ISO and NIST standards
• Assisting in the risk and compliance program’s design, process re-engineering or enhancements and tool and technology implementations as applicable
• Maintain and develop policies and procedures
• Working directly with key business leaders to facilitate risk analysis and risk management processes, identifying acceptable levels of risk and establish roles and responsibilities with regards to risk management for both service providers and internal solutions
• Assist in the development of third party due diligence policies and standards which set the vendor requirements based on risk. 
• Maintain knowledge of the latest active security threats in order to understand current risks and articulate those risk to the business and vendor
• Support various PCI Compliance initiatives
• Support security awareness training, including phishing campaigns.
• Ability to continually improve awareness training – provide a feedback loop, analyze input, create action plans to address gaps and increase training effectiveness

Qualifications:

• 3+ years of experience in an IT Risk, Third Party Vendor Assessment or Information Security organization with a general understanding of Compliance, Audit, Security and Risk.
• An understanding of Privacy regulations such as GDPR
• Proven analytical problem-solving skills with a demonstrated ability to research problems and proactively suggest ways to better a process
• Highly motivated with demonstrated experience managing multiple projects in a fast-paced, deadline-oriented work environment

Groupon’s purpose is to build strong communities through thriving small businesses. To learn more about the world’s largest local ecommerce marketplace, click here. You can also find out more about us in the latest Groupon news as well as learning about our DEI approach. If all of this sounds like something that’s a great fit for you, then click apply and join us on a mission to become the ultimate destination for local experiences and services.

Beware of Recruitment Fraud: Groupon follows a merit-based recruitment process without charging job seekers any fees. We've noticed an increase in recruitment fraud, including fake job postings and fraudulent interviews and job offers aimed at stealing personal information or money. Be cautious of individuals falsely representing Groupon's Talent Acquisition team with fake job offers. If you encounter any suspicious job offers or interview calls demanding money, recognize these as scams. Groupon is not responsible for losses from such dealings. For legitimate job openings, always check our official careers website at grouponcareers.com.

About The Role

• We are looking for a colleague to join our Global Security, Privacy, and Resilience Services team.
• The goal of the team is to support the entire global Morningstar business, break down silos between the different functional areas, and improve customer service for internal stakeholders.
• The role will cover several domains like Information Security, Privacy, IT Compliance, Governance, Resilience (Business Continuity, IT Disaster Recovery). The successful candidate will have knowledge and hands-on experience in a minimum of 2 of the above domains.

Job Responsibilities

• Respond to customer Resilience, Privacy, and Security questionnaires.
• Perform Third Party Vendor Reviews for potential Security, Resilience, and Privacy risks.
• Work and communicate with broad range of global employees and provide support for any interactions with the Security, Privacy, and Resilience teams.
• Work with business units and product teams to assist in completing Business Continuity and IT Disaster Recovery Plans.
• Support Morningstar’s compliance related responsibilities (SOX, SOC2, PCI-DSS, SEC) by managing collection of audit evidence.
• Support application security related processes.
• Assist with documenting and regularly reviewing security processes and procedures.
• Training and Awareness – support training and awareness programs.
• Advise business partners, on policies and standards.
• Respond to daily operational tickets following defined SOPs.
• Train, mentor and guide junior colleagues.

Qualifications

• A bachelor’s degree in computer science or related field.
• Strong communication skills.
• Verbal and written English skills at a professional level.
• Strong organizational skills and the ability to multitask and switch priorities with short notice.
• Previous experience in information security (3+ years).
• Familiarity with security and resilience frameworks (ISO 27001, ISO 22301, NIST, etc.) and general security and resilience concepts.
• Familiarity with IT audits and risk assessments.
• Understanding of enterprise-scale infrastructure, technologies, and applications, both on-premises and in the public cloud.
• Strong business analysis, research, and analytical skills.
• Enthusiasm to learn and gain hands-on experience across different domains.

Nice to have

Any of the skills below.

• Previous experience in Resilience, including Risk Assessments, Business Impact Analysis, Business Continuity and IT Disaster Recovery planning and testing (1+ years).
• Previous experience in ethical hacking (1+ years).
• Previous experience in Data Privacy (documenting privacy policies, processes and procedure, Data privacy impact assessments, assessment of 3rd party risks, etc. (1+ years).

 

315_Sustainalytics SRL Legal Entity

Morningstar’s hybrid work environment gives you the opportunity to work remotely and collaborate in-person each week. We’ve found that we’re at our best when we’re purposely together on a regular basis, at least three days each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you’ll have tools and resources to engage meaningfully with your global colleagues.