Jobs Posted on the Whova Community Board of WiCyS Cleveland 2022
If you know anyone in the job market, feel free to share with them
Senior Strategic Consultant
Vantage Technology Consulting Group Vantage Technology Consulting Group is seeking candidates for a full-time position working in our higher education strategic technology consulting practice with a special focus on... information security and network architecture. This is a remote work position with occasional travel to client sites, conferences, and the company offices in Concord, MA, and Los Angeles, CA. Experience working at higher education institutions greatly preferred.
Link:https://www.vantagetcg.com/about-us/careers/senior-strategic-consultant/See More >>
Senior Security Engineer
Grainger Position Details: As a Security Engineer III, you protect Grainger information assets by implementing advanced security tools, automating and integrating Grainger security proc... esses, collaborating across the organization, and making smart long-term decisions. You will be based in Lake Forest, IL and will report to the Director, Information Security.
H&R Block Designed to land top talent and help them take off in the Computer Engineering space. Applicants do not need prior work experience but must have a Bachelor’s degree in a related f... ield, such as Computer Science, Cyber Security, Information Security, Software Engineering, etc.
H&R Block Are you an IT student wanting real-life work experience that directly correlates to your field of study? Are you also interested in making a valuable contribution to a top company... in the Kansas City area? As an intern, you will be on a full-time basis for 8-10 weeks beginning the first week of June. Throughout the summer program, you will have the opportunity to connect with senior leadership, work on meaningful projects, collaborate with other interns, and attend a variety of professional and social events such as executive round tables, professional skills trainings, Royals games, networking events, and much more!
Must be: Pursuing degree in Computer Science, Engineering, Information Technology, or related field GPA of 3.0 + Knowledge of software concepts, business analytics, and other technical skills C#, .NET, Angular
**When applying, please indicate interest in the Information Security space - Operational Engineering or Security Engineering. We would love to have you!**
Arctic Wolf Are you a student and want to finally combine the theory and practice you’ve learned from university? Do you want to work hands-on and trace cyber criminals? Are you interested in... IT security, and do you already have knowledge in the field of IT security or IT administration? If you are looking for a job alongside your studies, an internship, or a bachelor/master thesis, then you are right for us. Join our "Arctic Wolf Pack" in our San Antonio, TX, Provo, UT, Eden Prairie, MN, or Waterloo, Ontario Security Operations Center sand fight against cyber criminals!
Link:https://arcticwolf.com/company/careers/career-detail/?gh_jid=5781831002See More >>
Concierge Security Engineer (CSE)
Arctic Wolf The Concierge Security Engineer (CSE) is critical to delivering world-class Arctic Wolf security services. The CSE owns the technical relationship with their assigned customers a... nd leverages their cross-domain expertise to fulfill key responsibilities. The CSE role combines aspects of an IT Security Analyst, a Security Architect, and an Incident Response Consultant. A successful CSE possesses strong and an ability to communicate, educate, and share information effectively with non-technical people.
Starbucks Coffee As an enterprise security architect within Starbucks Technology you lead architecture development for global Starbucks Technology solutions across multiple business domains from a... Cybersecurity lens. Architects represent Cybersecurity leadership for their aligned business domains and are accountable for business consultations. As a leader, you are expected to actively participate in the technology community and lead the development of security best practices, approved patterns, and champion Starbucks Cybersecurity principles globally.
IS (Cyber) Security Manager - Corporate Campus (Cleveland, OH)
Third Federal Savings and Loan This position and the members of the IS Security Operations Department are responsible for the following:
Identify, setup and monitor cybersecurity alerts in order to deter... mine active or potential threats to the company’s information systems
Manage in-house and outsourced (MSSP) monitoring program
Work with fellow IS managers to develop IT standards, best practices and securely designed architecture
Ensure compliance with industry regulatory and best practice cyber security standards
Evaluate technology projects for security risk and propose solutions to meet business needs and balance cybersecurity risk.
Work with IS Governance to identify and share top and emerging cyber threats with appropriate departments
Implement security tools to create a layered security approach that uses multiple security controls to protect the most vulnerable areas of our technology environment
Coordinate Security Exams with Risk/IS Governance
Maintain cybersecurity incident response program
Assist as a cybersecurity subject matter expert for the vendor management process
Remain active in industry cybersecurity groups
Required Qualifications:
Minimum 5 years of experience managing in the Information Services field
Strong experience collaborating with IT and Business Leaders to promote and drive alignment with security and compliance goals
Experience with security technologies and tools (e.g., vulnerability scanners, firewalls, identity management, security information and event management, IDS/IPS)
Technical understanding of a range cloud-based architectures and technologies such as virtualized infrastructure, containerization, and infrastructure as code
STR The Cybersecurity Analyst will be responsible for reviewing and analyzing cybersecurity events, providing recommendations, performing remediation, and escalating to other staff. T... he Analyst will correlate threat information from various sources, such as phishing emails, malware outbreaks, and unauthorized access attempts. This role will require researching and assessing new threats and security alerts, as well as providing recommendations for remedial actions
Link:https://apply.workable.com/str/j/F42F5DF389/See More >>
Computer Network Defense Analyst - National Security Agency
NSA Join NSA and explore one of the most exciting career paths it has to offer. Come find us at booth 300 for more information!
As a Computer Network Analyst on the offensive s... ide you will: - analyze all-source data to evaluate foreign target opportunities - understand and evaluate foreign target network - develop strategies against those foreign target networks.
As a Computer Network Analyst on the defensive side you will: - identify cyber threats and anomalies by conducting research and analysis on data collected from numerous sources - identify vulnerabilities and their impact to customers - build and integrate defense response capabilities against these threats.
Job Summary:
NSA is in search of top-notch cyber professionals with technical expertise and driving desire at the forefront of their field. We have positions in penetration testing, defensive operations, identifying cyber threats and vulnerabilities and building defensive capabilities, designing, developing, deploying, sustaining and monitoring state-of-the-art network solutions (WAN, CAN, LAN, DCN and Satellite communications networks) that are deployed across NSA worldwide. Help protect national security interests as part of the world’s most advanced team of cyber professionals!
Entry is with a Bachelor’s degree and no experience. The following may also be considered for individuals with in-depth experience that is clearly related to the position: an Associate’s degree plus 2 years of relevant experience; or at least 18 semester hours of military coursework/training in networking, computer science, or cyber topics plus 2 years of relevant experience.
Degree must be in Network Engineering, Systems Engineering, Information Technology or related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Computer Science, Computer Forensics, Cyber Security, Software Engineering, Information Assurance, or Computer Security).
Link:https://apply.intelligencecareers.gov/job-description/1175930See More >>
Senior Information Security Engineer
Zebra Technologies At Zebra, we’re reinventing how businesses operate at the enterprise edge - helping them run faster, smarter, and more connected than ever before.
A dynamic community ... of builders, doers and problem solvers, we each play a unique role - shaping new technologies, bringing solutions to market, and partnering with companies on the front line of business.
Being a part of Zebra means making your mark as we make digital transformation a reality.
It means growing into a leader at a leading company that makes a distinct difference - because together, we’ve only just begun.
Join the Security Architecture team at Zebra Technologies! We are looking for an experienced security engineer looking to lead while being in an individual contributor. Be involved in defining security strategy, solving security challenges, and leading initiatives to improve the organization’s security posture.
This is a remote position as long as the candidate can work central standard time.
Responsibilities
Investigate and provide solution options to solve security challenges
Contribute to the definition of the security investment roadmap
Lead small to large implementation projects to achieve security objectives
Serve as an internal security consultant to teams looking to make IT investments; ensure systems are designed in accordance with, and are aligned to, Zebra's security policies and standards
Understand business drivers and processes to evaluate risk and recommend solutions with a balanced result
Execute advanced risk and threat analyst activities, demonstrating findings from external and internal cyber trends and incidents
Lead discussions, assessments, tracking, and overall reporting of technology security risks
Zebra Technologies As the Information Security Engineer - GRC, you are responsible for day-to-day operational risk management security tasks. You will have the passion for information security, prob... lem solving, documentation, communication, organization, collaboration and attention to detail. The individual must possess strong technical knowledge in a range of technology areas and be able to use that knowledge to analyze, research, and resolve security related issues efficiently with limited supervision. The individual should also have an understanding of information security frameworks, data privacy and compliance requirements.
Responsibilities
Manages policy exceptions throughout its lifecycle ensuring risk is contained or mitigated by establishing compensating controls
Leverage the risk management framework to escalate High or Critical risk to the organization
Responsible for continuous improvement of information security policy framework and perform Risk assessments, risk evaluation and maintain risk register
Provide traceability between policy exceptions and risks identified in the risk register
Conduct compliance audits, which will include liaising with internal and external auditors, manages audits hardware, software and network firewalls and encryption protocols
Educate key stakeholders on program and risks (risk owners) and support continuous improvement of security metrics and measures
Ensure excellent consistency, documentation, and process across all programs and advise the business on how to maintain compliance with appropriate regulatory or industry best practices
Actively support an Information Security Committee and working group to prioritize efforts, shed light on issues, and work to resolve identified security risks
Milwaukee Tool The Senior Firmware Security Engineer will contribute to a team of security specialists driving security strategy on closed products and bare metal embedded systems. As the Senior... Embedded Security Engineer, you will work within a collaborative team environment with executive leadership, engineering, marketing, quality, agency/safety teams, suppliers, IT, and global manufacturing operations.
Link:https://www.milwaukeetool.jobs/Jobdetails?reqNumber=R11062See More >>
Incident Response Consultant
ConnectWise Description General Summary:
The Incident Response Consultant is responsible for leading, managing and maintaining proactive contact during an incident response scenari... o to guide and assist in the identification, escalation and remediation of threats and incidents. This individual is also actively involved in the maintenance of processes around our incident notification and response capabilities.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Accountable and responsible for Incident Response, Partner Communication, and Resolution. Primary lead in Incident Response Processes maintaining excellent communication skills, both oral and written, with various audiences. Work cross functionally and adhere to escalation procedures with other parts of the Organization. Ability to situationally adapt and understand new technology/processes as per the business/partner requirement. Ability to mentor, guide and direct SOC analysts & IR specialists, and serve as an escalation point while working collaboratively and independently to resolve issues. Ability to research, analyze, and document findings, including root cause analysis. Maintain patience and thoughtful communication to facilitate client interactions. Excellent organizational skills: ability to prioritize and manage multiple tasks. Other duties as assigned by management and team leads. Knowledge, Skills, and/or Abilities:
To excel in this role, an individual should be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Relevant professional experience including working knowledge or high-level awareness of the following technologies:
Connectwise Posting is not approved yet, will be posted soon and I can share specifics then.
... Link:
None
See More >>
Threat Researcher
ConnectWise Description General Summary:
The Threat Researcher will work with the Security Content, Automation, Research, and Intelligence (SCARI) team to provide the expertise need... ed to generate threat research and intelligence content used for internal threat detection and public marketing content used to establish Perch/ConnectWise as a leader in the security industry. This role will work closely with the Global SOC as well as the Incident Response team and assist with the vision and requirements of the Global SOC Team.
Essential Duties and Responsibilities:
Stay current on threats, vulnerabilities and exploits across the industry Provide detailed analysis of new threats, vulnerabilities and exploits to the Global SOC Analyze malware and use that analysis to build new detection capabilities Contribute to the SCARI Threat Intelligence database Provide assistance and expertise for the Global SOC as needed for new threats Work with the SCARI team to build automation that supports the Global SOC, including: Alert analysis and escalation Gathering OSINT data for threat hunting New signatures and rules for threat detection Gather intelligence for the purpose of adversary attribution Adhere to relevant policies, procedures, standards and security good/accepted practices Respond in a timely manner to client requests, both internal and external Prioritize customer satisfaction and overall success of US SOC services Performs other work-related duties as assigned Periodic travel may be required Be accountable and responsible for Partner Communication, Resolution, and Escalation for US SOC Interactions Partner in Incident Response Processes maintaining a calm, directive customer service attitude Prioritize work and maintain a high level of professionalism in a highly dynamic work environment Meet performance objects Maintain a high degree of customer service Follow escalation procedures for interfacing with other teams Other duties as assigned Knowledge, Skills, and/or Abilities Requ
Link:https://recruiting.ultipro.com/CON1045CONNE/JobBoard/b6336a2a-0ea6-8191-e065-20ccca5147e1/OpportunityDetail?opportunityId=34d9c80b-701a-4a57-9c0c-1b19668ceb3aSee More >>
Brex Looking for Eng 2 or Senior level folks interested in detection & response, infrastructure security, or security awareness.
... Link:
None
See More >>
Cyber Risk Analyst 3
NJCCIC - NJ Cybersecurity & Communications Integrity Cell Salary: $73,296.13 – $104,363.32 Performing assessments of systems, networks, & applications within the organizational & partner environments. ▪️ Measuring effectiv... eness of defense-in-depth architecture against known vulnerabilities. ▪️ Performing technical & nontechnical risk and vulnerability assessments of relevant technology focus areas. ▪️ Performing cybersecurity risk assessment third party vendors & identifying vulnerabilities in supply chains. ▪️ Making recommendations regarding the selection of security controls to mitigate risk. ▪️ Preparing assessment reports that identify technical & procedural findings & providing recommended remediation strategies/solutions Closing Date: March 25, 2022
Link:http://ow.ly/a8Ag50IkZfGSee More >>
Intern - Triage Security analyst
Arctic Wolf Arctic Wolf is looking to hire a Security Analyst Intern (SAI). The SAI is a 1st level Security Operations Center role, supporting our security services around the world. The ... SAI is an internal triage analyst who assesses inbound security data and communications, dealing with straightforward tasks and escalating to our Security Engineers as needed. This role also leverages network troubleshooting skills to assist customers in finding resolutions to their technical issues.
Responsibilities:
Understand IT infrastructure and networking to be able to identify security incidents with the help and guidance of Senior Security Personnel. Triage customer requests, apply playbook driven solutions, initiate potential incident investigations through assignment to security engineers Attention to process and a willingness to learn are critical assets for the right candidate.
Strong communication skills and easily interact with a variety of different people and personalities. Success in this role depends on the effective dispatch of both security and communication triage events to the correct persons in a timely manner. Understand the processes and systems Arctic Wolf uses, this will be critical in helping the team handle customer requests. Identifying new runbooks required to aid in expanding the knowledge of the team Continuously drive to learn new aspects of the security business. Review customer configurations to ensure that the system is operating effectively. Resolve any issues that you find problematic leveraging documented procedures and playbooks Troubleshoot and resolve operational health of sensors and scanners in customer environments. Investigate end-point agent installation and operational issues. Resolve cloud sensor configuration and communication issues.
Link:https://grnh.se/4ab2f2af2usSee More >>
Intern - Triage Security Analyst
Arctic Wolf Arctic Wolf is looking to hire a Security Analyst Intern (SAI). The SAI is a 1st level Security Operations Center role, supporting our security services around the world. The ... SAI is an internal triage analyst who assesses inbound security data and communications, dealing with straightforward tasks and escalating to our Security Engineers as needed. This role also leverages network troubleshooting skills to assist customers in finding resolutions to their technical issues.
Responsibilities:
Understand IT infrastructure and networking to be able to identify security incidents with the help and guidance of Senior Security Personnel. Triage customer requests, apply playbook driven solutions, initiate potential incident investigations through assignment to security engineers Attention to process and a willingness to learn are critical assets for the right candidate. Strong communication skills and easily interact with a variety of different people and personalities. Success in this role depends on the effective dispatch of both security and communication triage events to the correct persons in a timely manner. Understand the processes and systems Arctic Wolf uses, this will be critical in helping the team handle customer requests. Identifying new runbooks required to aid in expanding the knowledge of the team Continuously drive to learn new aspects of the security business. Review customer configurations to ensure that the system is operating effectively. Resolve any issues that you find problematic leveraging documented procedures and playbooks Troubleshoot and resolve operational health of sensors and scanners in customer environments. Investigate end-point agent installation and operational issues. Resolve cloud sensor configuration and communication issues.
Link:https://grnh.se/b1c7153d2usSee More >>
Cyber Security Analyst III (Forensics/Response)
CME Group Cyber Security - Forensic Analyst
The Cyber Security Analyst III (Forensics/Response) role is a technical position within CME Group’s Cyber Defense Team. In this role, the... analyst will be both a member of the Incident Response Team, as well as a subject matter expert in digital forensics. The analyst will lead Investigations of corporate security breaches, network intrusions, unauthorized access or use of systems, employee compliance and policy violations, intellectual property theft, employee misconduct/threats, etc. The analyst will work closely with groups such as Legal, Human Resources, etc. to provide guidance and support for investigation, forensic and e-Discovery requests.
Personal Attributes: Strong customer-service orientation. Strong analytical and troubleshooting skills High level critical thinking skills. Excellent written and oral communication skills. Excellent listening and interpersonal skills. Ability to communicate ideas in both technical and user-friendly language. Ability to conduct research into network/security issues and products. Comfortable working in a dynamic environment with multiple goals. Highly self-motivated and directed, with keen attention to detail. Able to prioritize and execute tasks in a high-pressure environment. Experience working in a team-oriented, collaborative environment. Ability to deal diplomatically and effectively at all levels of the organization including both technical and non-technical, management and senior leadership
Professional Experience: 3 - 5 years of experience in Forensics or Information Security is typical for this position. Successful candidates should be able to demonstrate a passion for information security through course work/degrees completed, self-study, and/or certifications that have been completed.
Link:https://jobs.cmegroup.com/jobs/8926817-cyber-security-forensic-analystSee More >>
Senior Security Engineer - Red Team
CME Group This is a perfect opportunity for the right person to become a key part of a team of cybersecurity professionals who execute a pivotal role in protecting and defending the nation’... s critical infrastructure. The Sr Cyber Security Engineer – Red Team will be an essential member of the Cyber Threat Simulation Team. This role will be responsible for participating in the execution of network penetration testing of internal and internet facing information systems infrastructure. In addition, the role will require participation in red and purple team activities to identify misconfigurations and cyber security vulnerabilities that could be exploited by an internal or external actor to gain unauthorized access to computer systems and data.
Position Requirements: A minimum of 5 years’ experience with industry standard red teaming tools (Cobalt Strike, Metasploit, Burp Suite, Nmap, Covenant, etc.) Understanding of purple team concepts and tools Expert knowledge of measuring and rating vulnerabilities based on principal characteristics of a vulnerability Expert knowledge in Windows and Linux system hardening concepts and techniques Expert knowledge of modern evasion and bypass techniques Expert knowledge creating custom payloads for red team exercises Experience with at least one scripting language (Python, Ruby, PowerShell, Bash, etc.) Experience with at least one cloud environment (AWS, GCP, Azure) Recognized industry certifications (GPEN, GXPN, GREM, eCPTX, eCPPT, OSCP, OSWE, CISSP, CPSA, CRT etc.) Hands-on experience with cyber security assessment reporting Knowledgeable in Industry Security standards (ie: ISO27002, NIST Cyber Security Framework, etc..) Operating knowledge of ITIL (ITIL Certification a plus)
KLA Reach out to me if you’d like to hear more about this role or KLA. I love working here and I’d love to share my experiences being part of our growing SOC team.
The Cyberse... curity group at KLA is involved in every aspect of the global business. The KLA Cybersecurity group defends against cyber-attacks and provides cybersecurity tools, incident response services and assessment capabilities to safeguard the environments that support the essential operations of KLA. We are passionate about identifying adversarial activities and anticipating a wide variety of threats to strengthen our defenses and the overall protection of KLA Intellectual Property.
GTRI Design solutions and resolve issues related to the application and virtualization of cloud infrastructure projects with a modest level of support. The engineer works closely with ... sponsors on iterative projects in a security sensitive environment supporting a wide array of management tools and system architectures. Key responsibilities are to develop infrastructure as code in environments using the state-of-the-art DevOps solutions. Research and implement custom security based desktop enhancements. Develops and maintains develops code using ansible, git, AWS, and other technologies. Design and test user stories and test cases and act as a code reviewer to ensure coding best practices.
Link:careers.gatech.edu/en-us/job/497243/cloud-engineercipherSee More >>
Associate SOC Analyst
JPMorgan Chase & Co. SOC analyst responsible for analyzing logs and network packet captures using several tools.
Google In this role, you will help ensure that our software and systems are designed and implemented to security standards. You will perform technical security assessments, code reviews,... and vulnerability testing to highlight risk, helping Google teams and partners to improve security.
You will also work closely with other Google Engineers to design and build proactive methods to enhance our security. You will work on a wide variety of software designs and technology stacks. In addition, you will have the option to specialize or perform research in different fields.
Amazon We are looking for an experienced application security engineer to play a key role in ensuring securities built into our applications and services and partnering with developmenta... l teams to maintain a high security bar. You will collaborate with security champions within our engineering teams to drive implementation and validation of security controls prior to product launch. This position is available in Austin Texas Arlington Virginia Seattle Washington and New York City.
Link:amazon.jobs/en/search?base_query=1931023See More >>
Senior Application Security Engineer
Amazon We are looking for an experienced Application Security Engineer to play a key role in ensuring security is built into our applications and services and partnering with development... teams to maintain a high security bar. You will collaborate with security champions within our engineering teams to drive the implementation and validation of security controls prior to launch. This position is available in Austin Texas, Arlington Virginia, Seattle Washington, and New York City.
Link:amazon.jobs/en/jobs/1931022See More >>
Security Engineer, Fitbit Infrastructure, Devices and Services
Google The Devices and Services Product Area develops technically complex software technologies in collaboration with other organizations at Google (e.g., Assistant, Fit, Android, Advanc... ed Technology, and Projects group, etc.). Identifying and improving security architecture not only requires strong technical expertise as a security engineer but also the ability to work with other engineering and product teams to move the needle and reduce security risk.
In this role, you will have an opportunity to become our cloud infrastructure security subject matter expert (SME) and work with closely engineering teams to improve the security of our cloud platforms.
Amazon Are you passionate about learning, sharing your knowledge, and making a difference? Amazon application security is looking for an application security evangelist to cultivate and ... promote a culture of security across all of our engineering teams. You will work directly with security engineers, learning specialists, and developers at Amazon to build and promote developer security excellence programs. You will provide subject matter expertise to develop and implement developer training programs. This position is available in Austin Texas, Arlington Virginia, Seattle Washington, and New York City.
Link:amazon.jobs/en/jobs/1925923See More >>
Google There’s no such thing as a « safe system » - only safer systems. Our Security team works to create and maintain the safest operating environment for Google’s users and ... developers. As a Security Engineer, you help protect network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect highly sensitive data like passwords and customer information. Security Engineers work hands-on with network equipment and actively monitor our systems for attacks and intrusions. You also work with software engineers to proactively identify and fix security flaws and vulnerabilities.
The Infrastructure Protection Security team is a global engineering team which helps Googlers design, build, and use infrastructure securely at scale. Security Engineers work on a broad set of efforts focusing on scaling and automating security infrastructure and processes. We contribute to open source security software, conduct applied research, and implement novel technologies and architecture to deal with enterprise security across a diversity of computing platforms such as mobile and cloud.
Examples include establishing and enforcing perimeters to protect all of Google’s environments, defending a diverse set of clients and servers in hostile environments, from common operating systems to emerging software and hardware platforms, and evolving authentication, access infrastructure, and policy to simplify user experience and keep Google safe.
Amazon Help us protect all Amazon customers, from Prime Now to Fulfillment Centers. We are looking for a security focused technical program manager who wants to make a difference to ensu... re that protecting customer data is at the forefront of all development.
You will work directly with security engineers, learning specialists, and developers at Amazon to build and promote a developer security excellence program. As the technical program manager on the team, you will be responsible for: the definition of education and community programs that support Amazon's security needs, from code review to design, due to design, across a diverse builder ecosystem.
Link:amazon.jobs/en/jobs/1991208See More >>
r2c Our mission is to make world-class software security available to everyone. This means building program analysis tools that are open source, easy to use, powerful, and fast. It al... so means building a team with security expertise and a passion for great developer experiences. Most of all, it means working with honesty and respect in a diverse community of dreamers and builders. We’ve redefined static analysis tooling by committing to all of these, and turned our project, Semgrep, into an essential safeguard for code at Snowflake, Dropbox, and more.
As our Marketing Intern, you will join r2c’s small but mighty marketing team and be given a firsthand glimpse at what it’s like to work at a Series B startup. During this marketing rotation internship, you will have opportunities to work with each of our marketing functions - demand generation, product marketing, technical marketing, and developer relations. You will tackle a variety of projects, with the chance to make a real impact on r2c’s go-to-market efforts. You will thrive in this internship if you are passionate about learning, curious about the security industry, and have some prior experience in marketing (i.e. classes, social media, and/or previous internships). Bonus points if you know how to code. :)
Our paid internships are ideal for ambitious students or recent grads who thrive in ambiguity, like a good challenge, and want a jump start on their career development. We’re open to this summer internship either being in-person in San Francisco or remote in the Americas.
Link:https://jobs.lever.co/returntocorp/2552f728-e2ae-4577-b223-52a894004623See More >>
Senior Data Scientist
r2c About r2c Our mission is to make world-class software security available to everyone. This means building program analysis tools that are open source, easy to use, powerful, an... d fast. It also means building a team with security expertise and a passion for great developer experiences. Most of all, it means working with honesty and respect in a diverse community of dreamers and builders. We’ve redefined static analysis tooling by committing to all of these, and turned our project, Semgrep, into an essential safeguard for code at Snowflake, Dropbox, and more.
About the role You will be the founding scientist for r2c’s data team. Your mission will be to define how an entire company uses data, always striving to best improve our users’ security. You will work on a diverse set of problems, touching every aspect of the startup: extracting product insights from usage metrics, determining business strategy from market data, crafting production data pipelines, and defining where to direct our security research. This is a growth role: while you will start as an individual contributor, you will help grow this team, either by stepping into a management role yourself, or helping us recruit the awesome data-science lead you’ve always wanted.
Along the way, you will work with a dedicated group of full-stack, backend, and infrastructure engineers, as well as security researchers and program-analysis developers. You will learn what it means to have “secure-by-default” code. You will meet and collaborate with security-industry scions. And, as a member of our team, you’ll be a part of the decisions that make a high-growth startup successful. Your work will be critical to our mission. Every feature you build will have a measurable impact on our users’ lives. We’re excited to see what you do.
Link:https://jobs.lever.co/returntocorp/4c5bda9d-5757-4125-b56c-6c9c180ab3f2See More >>
Senior Product Manager
r2c About r2c
Our mission is to make world-class software security available to everyone. This means building program analysis tools that are open source, easy to use, powerful... , and fast. It also means building a team with security expertise and a passion for great developer experiences. Most of all, it means working with honesty and respect in a diverse community of dreamers and builders. We’ve redefined static analysis tooling by committing to all of these, and turned our project, Semgrep, into an essential safeguard for code at Snowflake, Dropbox, and more.
About the role
Your mission will be to turn Semgrep into the world's most popular open-source static analysis tool. As a Senior Product Manager for the Semgrep command line team, you will find and set the north star for this open-source and community-focused work. You’ll collaborate with r2c’s engineers, program-analysis experts, security researchers, and marketing team to drive the success of your product. Semgrep has a vibrant community of external contributors and users who you’ll engage with daily (see our r2c.dev/slack).
Through r2c’s culture of collaboration and impact, you’ll see, and influence, the decisions that make an early-stage startup successful. As a member of a small product team, your contributions and decisions will affect every aspect of what we build and do. You will help mature and grow the product team as it defines “great” in the security and developers tools space.
Link:https://jobs.lever.co/returntocorp/16ed8f5a-9381-4216-a91d-c41ce1a4b04cSee More >>
Information Security IAM Internship
CME Group Have you heard about Least Privilege? Are you curious to know how you can allow the right individuals to access the right resources at the right times for the right reasons? We ar... e looking for a motivated and talented student who wants to help us solve some of the most complex Identity and Access Management (IAM) challenges within the financial services industry. We are focused on designing, building, and deploying customer focused solutions with passion and precision. Work for an intern joining the GIS IAM team could include development on the IAM team’s platforms, automating operational tasks, working with datasets to build useful dashboards, and learning the protocols the team uses daily. Candidate will also get the opportunity to learn more about emerging security topics like Cloud Identity, Cloud transformation, phishing resistant MFA, Customer Identity Access Management and Google Cloud Platform Security.
Interns will participate in several core IAM initiatives, including:
•Helping to implement and support highly automated, reliable, and available IAM solutions •Delivering IAM systems which elevate security and compliance for in-house developed and commercial off-the-shelf applications •Using data to create visualizations that will help drive decision making •Helping in Cyber Hygiene maintenance projects
Link:https://jobs.cmegroup.com/jobs/9406460-information-security-iam-internship-summer-2022?bid=12056See More >>
Information Security – Dev Ops internship
CME Group Have you heard of the CIA Triad? Are you curious how security is built into the software product lifecycle? CME Group is looking for a motivated intern with a deep interest in app... lication security to join in the GIS Application Architecture team.
CME Group’s GIS Application Architecture team works closely with the development, application architecture and other teams across the organization to integrate security into every phase of the software development life cycle (SDLC) using the industry best SSDLC practices, from design through deployment. The team also builds DevSecOps pipeline to automate security tasks, such as vulnerability scans, and shift the security ownership into the hands of the developers. Additionally the team provides security guidance to software development teams.
Information Security - Risk Management/Cyber Exercise Program Internship
CME Group Have you ever wondered what it takes to prepare an organization to respond to cyber-attacks? CME Group is looking for a motivated intern with a deep interest in cybersecurity topi... cs and trends to join the Cyber Exercise Program (CEP) and IT Risk Management Teams.
The intern will split time between two teams in CME Group’s GIS Department. The role will provide experience in two different methods CME Group uses to prepare its technical systems and people for cyber-attacks.
CME Group’s Cyber Exercise Team is responsible for the planning, design, and execution of strategic and operational cyber exercises which can include simulations, workshops, tabletops, and functional exercises. The exercises test CME Group’s incident response plans and the resiliency of CME Group’s people, policies, and processes against realistic, simulated cybersecurity events.
CME Group’s IT Risk Management Team measures the risk of security concerns identified by leadership, cyber intelligence, and IT. The team describes how the concern could manifest at CME Group, defines the impact and likelihood of the concern occurring. The information is documented in a risk assessment that also identifies control gaps and makes recommendations to mitigate the identified gaps.
As a GIS intern, you will coordinate with internal subject matter experts and third parties to support the development of plausible attack scenarios informed by internally and externally researched risks and trends. You will gain firsthand experience in turning those scenarios into either well-documented plans for an exercise or into a risk assessment.
