Information Security Specialist

About SonarSourceAt SonarSource, we are dedicated to enhancing code quality and security before it reaches production. By leveraging AI assistants, we empower developers to boost their productivity while streamlining workflows for an improved developer experience. Our comprehensive analysis covers all code—whether authored by your internal team, generated by…

Location: Fully Remote (U.S. or Canada) Type: Full-Time for U.S. Applicants; Independent Contractor for Canadian Applicants About Human Agency At Human Agency, we are experiencing rapid growth and expanding our pipeline of opportunities, necessitating exceptional talent across various disciplines. Our mission is to onboard individuals ranging from innovative producers to technical specialists and entrepreneurial leaders who will contribute to our next chapter of success. We are a company driven by action. Our leaders are hands-on, our teams operate collaboratively, and every member plays a crucial role in our deliverables. We value feedback and encourage open communication, ensuring the best ideas prevail, regardless of their source. Our clients rely on us to achieve outstanding results consistently. We treat our clients' missions, products, and financial outcomes with the utmost respect. By immersing ourselves in their objectives, we become dedicated partners in solving significant challenges. Each strategy, product, or asset we develop is designed to be both aesthetically pleasing and functionally effective, ensuring real-world impact. Our strongest asset is our people, and we are committed to growth by hiring those who inspire us to reach new heights. Across strategy, engineering, design, data, and operations, we seek teammates who elevate our standards and enhance our capabilities. Our philosophy is to always hire up, never down. We collaborate with organizations of all sizes to explore, design, and implement secure, scalable, and human-centered AI strategies. We believe that AI should enhance human potential, not replace it, and this conviction drives every engagement. From advisory services to implementation and education, we assist clients in integrating AI in alignment with their missions and values. Our aim is to empower teams to work smarter, move faster, and unlock new opportunities through responsible innovation. Throughout our journey, we lead with purpose, passion, and a sense of adventure. We engage in meaningful work alongside people we care about, making the journey an exciting one. At Human Agency, our identity and our approach to work are intertwined. The Opportunity This role transcends a conventional enterprise CISO position; it is not about inheriting a legacy infrastructure or merely managing a large team. Instead, this is a hands-on, entrepreneurial builder role where you will be at the forefront of AI security. You will design systems that do not yet exist, tackle challenges that the industry is just beginning to address, and view security as a strategic asset rather than a cost center. We are deploying AI agents at scale across client environments, developing our proprietary AI-powered tools, and advising organizations on safely integrating autonomous systems into their missions.

Join SonarSource as an Information Security Risk Manager, where you will play a crucial role in safeguarding our organization’s information assets. This position involves identifying, assessing, and mitigating risks to ensure our security protocols remain robust and effective.In this role, you will collaborate with cross-functional teams to develop, implement, and maintain a comprehensive information security strategy that aligns with our business objectives. You will also conduct risk assessments, monitor compliance, and provide recommendations for security improvements to protect our data integrity.

Self Financial, based in Austin, TX, is a FinTech company dedicated to expanding economic inclusion by making credit-building tools accessible, particularly for people with limited or no credit history. The company values diversity and inclusion, aiming to build a team with a wide range of backgrounds and perspectives. Role overview The Principal Information Security Engineer leads cybersecurity operations across all Self Financial products and infrastructure. This role is responsible for protecting customer data, maintaining SOC 2 and PCI compliance, and collaborating with engineering and IT teams to identify, investigate, and address security threats. Strong experience in security operations, threat detection, and incident response is required, along with a proven ability to build and enhance security capabilities. Key responsibilities Direct cybersecurity operations, including threat detection, incident response, and vulnerability management for Self Financial’s products and infrastructure. Develop, refine, and maintain threat detection within a SIEM platform to identify anomalies and policy violations. Manage and improve endpoint detection and response (EDR) tools, including alert triage, threat hunting, and incident containment. Oversee cloud security posture by identifying misconfigurations, prioritizing risks, and tracking remediation efforts. Administer secure access and web security systems, enforce data loss prevention policies, monitor for shadow IT, and protect against web threats. Design and manage network security controls and cloud-native networking to support zero-trust principles and perimeter security. Lead incident response activities and investigations to strengthen the company’s security posture.

Who We AreTake-Two Interactive Software, Inc., headquartered in the vibrant city of New York, stands as a premier developer, publisher, and marketer of interactive entertainment, captivating consumers worldwide. Through our renowned labels, including Rockstar Games, 2K, and Zynga, we create and distribute an array of products designed for console gaming, PC, and mobile platforms, accessible via physical retail, digital downloads, online venues, and cloud streaming services. Our publicly traded stock on NASDAQ under the symbol TTWO reflects our commitment to excellence.Our work environment, both in-office and remote, is designed to be engaging and welcoming, with a strong focus on creativity, innovation, and efficiency. We prioritize personal and team development amidst a fast-paced and evolving industry, offering countless opportunities for learning and skill enhancement. While we are dedicated to achieving our goals, we also believe in fostering a fun and enjoyable workplace where everyone can pursue their passions.

At Self Financial, we are a rapidly growing FinTech company committed to enhancing economic inclusion and financial resilience. Our mission is to empower individuals to build credit and save effectively.We are on the lookout for dedicated individuals who share our passion for overcoming challenges and improving the financial landscape for the communities we serve.Our team is driven to disrupt the credit industry by providing accessible tools that enable people to take control of their credit. Achieving our mission necessitates deep collaboration across teams to ensure our products reach the most underserved populations, particularly the 100 million+ Americans with limited or no credit history.We value diversity and are committed to fostering an inclusive environment for all employees, actively seeking to recruit, develop, and retain talented individuals from diverse backgrounds.Role OverviewThe Senior Information Security Engineer will be pivotal in overseeing application security across all Self Financial products. This role is essential for safeguarding customer data, ensuring compliance with SOC 2 and PCI standards, and collaborating with engineering teams to identify, prioritize, and mitigate security risks throughout the software development lifecycle.Your Responsibilities:Lead end-to-end application security initiatives for all Self Financial products.Conduct vulnerability assessments, manage scanning processes, and oversee remediation efforts using security tools (e.g., SAST).Collaborate closely with engineering and product teams to address critical security vulnerabilities.Conduct third-party vendor security evaluations and risk assessments.Assist in SOC 2 and PCI compliance efforts, including audit preparation and evidence gathering.Identify application-level security vulnerabilities and propose effective mitigation strategies.Integrate secure-by-design methodologies into product development workflows.Stay informed about emerging application security threats and recommend suitable controls.

Join Sonsoft Inc. as an Application Security Specialist, where you'll play a crucial role in safeguarding our software applications against potential threats. You will collaborate with development teams to integrate security into our software development lifecycle and conduct thorough security assessments. Your expertise will ensure that our applications are not only functional but also secure.In this role, you will be responsible for identifying vulnerabilities, recommending mitigation strategies, and staying abreast of the latest security trends and technologies. If you are passionate about application security and eager to make a significant impact, we would love to hear from you!

WHO WE ARE Join Take-Two Interactive! At Take-Two Interactive Software, Inc., we are proud to be a leading developer and publisher of interactive entertainment. With over 25 years of experience, our teams have consistently created critically acclaimed and commercially successful titles that resonate with global audiences. We are dedicated to fostering an inclusive, creative, and dynamic work environment, where high-quality entertainment is our top priority. Our offices embody a casual atmosphere, yet we remain committed to creativity, innovation, efficiency, and the growth of our individuals and teams. The interactive entertainment industry is fast-paced and continually evolving, providing endless opportunities for learning and development. We work diligently, enjoy what we do, and offer an excellent environment to pursue your passions. THE CHALLENGE As an Information Security Engineer at Take-Two, you will play a vital role in empowering our label divisions to securely develop triple-A game content. Your responsibilities will include analyzing and implementing security systems across our technology stack. You will collaborate closely with Infrastructure, Security Engineering & Ops, and Architecture teams to build, maintain, and enhance security systems across Endpoint, Network, Cloud, and Data Security, as well as SOC applications. Developing new tools to support these efforts will also be a critical component of your role. Additionally, you will assess network security firewall change requests internally and across subsidiaries to ensure secure connectivity, while regularly engaging with Security colleagues in our label teams to address their priorities alongside our own. WHAT YOU’LL TAKE ON Strengthen our Information Security posture through EDR/DLD/CSPM/NSM management for enterprise endpoint computing, virtualization, cloud, and network security. Identify misconfigurations or security control gaps, manage vulnerabilities, and automate endpoint asset discovery across the enterprise network and cloud, collaborating with Security & IT teams. Review and respond to events using security monitoring systems, and process technical change requests for Infrastructure, Engineering, and Ops. Ensure compliance with security applications through regular KPI or Risk Indicators. Participate in incident response efforts with on-call availability as needed. Map system defenses and monitoring capabilities against threat frameworks like MITRE ATT&CK and OWASP to strengthen defenses for Take-Two assets. Utilize project management tools for objective tracking and accurate project scoping. Contribute to the technical writing of Take-Two Information Security Policies, Standards, and technical project documentation.

Join our dynamic team at Sonsoft Inc. as an Application Security Specialist. In this role, you will be responsible for ensuring the security of our applications through the implementation of best practices, risk assessments, and security reviews. You will work closely with cross-functional teams to develop secure software solutions and mitigate vulnerabilities.

We are seeking a highly skilled Cyber Security Expert to join our dynamic team at stemxpert1. In this critical role, you will be responsible for identifying vulnerabilities, developing security protocols, and ensuring the protection of our digital assets. You will work collaboratively with IT professionals to implement robust security measures and respond to any security incidents.

Teamwork makes the stream work. Roku is transforming the way the world experiences television.As the leading TV streaming platform in the U.S., Canada, and Mexico, Roku is on a mission to empower every television worldwide. We pioneered the streaming revolution, connecting viewers with the content they adore while enabling content creators to build and monetize vast audiences. Advertisers benefit from our unique capabilities to engage their target consumers.From day one at Roku, your contributions will be meaningful and valued. In our rapidly growing public company, there are no bystanders. This is your opportunity to bring joy to millions of TV streamers globally while gaining invaluable experience across multiple disciplines. About the Team The Roku Trust Engineering team is a tight-knit group dedicated to information security. Our mission is to safeguard our customers, partners, devices, services, infrastructure, and data. We collaborate closely, sharing insights and expertise to remain at the forefront of security. Join us, and you’ll be part of a vibrant team that thrives on challenges and celebrates successes together. About the Role As a Security Engineer within the Trust Engineering team, you will play a crucial role in designing, implementing, and managing Roku’s comprehensive security systems and controls that impact a global user base. Your key responsibilities will involve supporting the development of security protocols, managing and maintaining SIEM/SOAR tools and threat intelligence platforms, conducting technical incident responses, performing vulnerability and risk assessments, and mentoring junior analysts. You will collaborate with teams across Trust Engineering and the broader organization to promote, develop, and influence robust security practices and postures.

Join our dynamic team at Sonsoft Inc. as a Geographic Information Systems (GIS) Specialist! In this role, you will utilize your analytical and technical skills to manage and analyze spatial data, contributing to our innovative projects. Your expertise will help us develop solutions that impact various sectors, including urban planning, environmental management, and transportation.

About UsBased in the vibrant heart of New York City, Take-Two Interactive Software, Inc. stands as a premier innovator in the development, publishing, and marketing of interactive entertainment for consumers worldwide. Our portfolio includes industry giants like Rockstar Games, 2K, and Zynga, delivering exceptional gaming experiences across console, PC, and mobile platforms through various channels, including retail, digital downloads, and cloud streaming. Our stock is publicly traded on NASDAQ under the symbol TTWO.At Take-Two, we foster a friendly and inclusive atmosphere, promoting creativity, innovation, and efficiency, alongside opportunities for individual and team growth. Our dynamic industry offers countless chances to learn and enhance your skills in a fast-paced environment. While we are dedicated to our work, we also believe in enjoying what we do, making it an excellent place to pursue your passions.Your RoleAs a Cloud Security Engineer, you will play a crucial role in ensuring the security and integrity of our AAA game content development across various divisions. You will analyze and implement robust Cloud Security Systems throughout the Take-Two technology stack. Collaborate with IT Infrastructure, Security Engineering, and Operations teams to automate the discovery and inventory of cloud assets, ensuring optimal visibility and continuous updates to our asset registry. Work closely with Architecture to explore and implement new solutions that enhance our Cloud Security and Security Operations Center (SOC) applications while developing new tools to meet business needs. You will review cloud security change requests both internally and across our domain subsidiaries to ensure secure connectivity with customer clouds, and regularly engage with Security colleagues in label teams to prioritize and address their security needs.

Join Upside:At Upside, we are on a mission to revolutionize brick-and-mortar commerce. Our advanced technology combines the nuances of online retail—profit measurement, attribution, and incrementality—to enhance the value for users on their daily purchases while simultaneously attracting new, profitable customers to brick-and-mortar businesses. Millions of users have benefited from earning 2 to 3 times more cashback than any competing product, and hundreds of thousands of physical businesses have realized tangible profits through our platform. Each year, billions in commerce are processed through Upside, returning value directly to our retail partners, the consumers they serve, and vital sustainability efforts.Your Impact:In this role, you will report to the Director of Information Security, collaborating closely with technology stakeholders. Utilize your expertise in secure coding practices and payment systems to identify and address application vulnerabilities. As an individual contributor, you will bring innovation to our AppSec team, strengthen our security posture, and empower our engineering teams to code securely.Innovate with AI to deliver robust security solutions that mitigate application vulnerabilities.Conduct security code tests (SAST, SCA) and work with engineers to resolve unsafe code.Develop threat models and collaborate with technology teams to document and assess risks.Advise leadership on security architecture, design, and best practices in application security.Train and enhance the skills of engineers in safe coding and vulnerability management techniques.Assist with penetration testing initiatives and manage bug bounty programs.Support the administration of AWS Control Tower and IAM provisioning.Engage with the security community to stay informed about trends and advancements.Qualifications:A minimum of 6 years of experience in application or product security, including reviewing Python code.Proven experience in innovating and implementing solutions for vulnerability management.In-depth knowledge of AWS security architecture, including Lambda and AWS Control Tower.Strong comprehension and application of AI technologies.A Bachelor's degree in Computer Science or Engineering is highly preferred.Outstanding interpersonal and customer service skills.

Join the Elite Team of Protectors at Gavin de Becker & Associates (GDBA). Established in 1978 by the esteemed Gavin de Becker, a three-time Presidential appointee, our firm specializes in safeguarding the world’s most influential and at-risk public figures. Our dedicated Protectors, Analysts, and Investigators are unwavering in their commitment to our mission: the preservation of human life through the assessment, prediction, and management of violence.Our Mission: Ensuring the Safety, Privacy, and Wellbeing of Our ClientsCompensation and Opportunities: New Protectors in Austin can expect a minimum base salary of $64,000 in their first year with GDBA. With relevant experience, exceptional performance in the GDBA Training Academy, and potential for promotions, earnings can reach up to $77,000 in the first year.Your Role as a Protector:Monitor properties utilizing advanced tools and technology from the GDBA Command Center.Screen visitors and vendors, controlling access to protected sites.Coordinate and implement security plans while responding to medical emergencies.Provide physical protection and logistical support at client residences and during travel.Facilitate secure transportation when necessary.Survey and prepare locations prior to client arrivals.Document and report suspicious activities in detail.Maintain readiness to address any potential threats.Who You Are:While military, law enforcement, or executive protection/security experience is valuable, it is not a strict requirement. We prioritize your character over your background. Our most successful Protectors come from diverse backgrounds and excel due to their effective communication skills, physical fitness, eagerness to learn, honesty, and passion for teamwork.

safelease is seeking a Security Engineer based in Austin, TX, with a hybrid work arrangement. This role centers on protecting the company’s digital infrastructure and ensuring the safety of systems and data. Role overview The Security Engineer will work closely with teams across the organization. The focus is on designing, implementing, and maintaining security protocols to defend against potential threats. Collaboration Expect to partner with colleagues from different departments to strengthen overall security measures and support ongoing improvements. Location This position is hybrid, requiring some presence in the Austin office.

ICON is actively seeking a strategic and innovative Director of Information Technology and Systems. In this pivotal role, you will be responsible for developing and managing a cohesive technology strategy that achieves essential business objectives across our dynamic, multi-unit organization. As the Director, you will ensure that ICON's technology stack fosters business innovation, safeguards information security, and facilitates access to vital business data. In this leadership position, you will supervise a diverse portfolio encompassing corporate IT, data engineering, information systems, and information security across ICON’s Construction, Technology, and Public Sector divisions. We are looking for a candidate with extensive corporate IT experience, coupled with hands-on proficiency in data engineering and infrastructure, who is adept in both commercial and government-regulated environments. This is a full-time, on-site position based at ICON’s headquarters in Austin, TX.

We are seeking a talented Information Architect to join our team at saronic. In this role, you will be responsible for designing and implementing information structures that enhance training missions. You will collaborate with cross-functional teams to ensure that our training materials are effective, user-friendly, and aligned with our mission objectives.

Role Overview Orca Security is hiring a Sales Engineer focused on Application Security and Cloud Security in Austin, Texas. This position works closely with the sales team to showcase how Orca’s security solutions address real-world risks for both prospects and existing customers. What You Will Do Partner with sales to present and explain Orca Security’s products to organizations evaluating cloud and application security tools. Listen to client needs, then tailor demonstrations and recommendations to their specific security challenges. Help customers understand how Orca’s platform can strengthen their security posture and support their goals. Impact Expertise in application and cloud security will be central to helping clients achieve their security objectives and get the most value from Orca’s solutions.

At Saronic Technologies, we are pioneering advancements in maritime autonomy, committed to designing cutting-edge solutions that optimize operations on the seas through innovative autonomous platforms.As a pivotal part of our commitment to security, we are in search of a seasoned Senior Security Engineer to take charge of the product security and authorization lifecycle for our autonomous surface vessel programs. You will play a critical role as the lead security engineer for multiple vessel initiatives, overseeing the security posture from conceptual design through production, authorization, and operational deployment. This role demands hands-on security engineering expertise—focusing on implementation rather than governance, risk, and compliance (GRC) or project management.Given the evolving landscape of compliance frameworks for autonomous vessels, you will define and implement security architectures that comply with emerging standards. You will be responsible for identifying relevant frameworks, architecting vessel security to meet these standards, and ensuring successful authorization processes are completed. In areas where standards are not yet established, you will have the opportunity to create them.