This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description itD is seeking a Cloud Security Compliance Engineer (SOC 2 Automation) to lead the design and implementation of automated evidence collection and compliance processes that strengthen security governance and ensure audit readiness across cloud environments. This role will drive scalable compliance automation, streamline SOC 2 reporting efforts, and help maintain a strong security posture through efficient evidence management and cross-team collaboration. The ideal candidate will bring deep experience in cloud security compliance and automation and a track record of delivering reliable, audit-ready evidence pipelines that improve operational efficiency and reduce manual compliance overhead. Location: Remote (United States) Duration: 3 months Responsibilities - Design, develop, and maintain automated processes and tools to collect and manage evidence required for SOC 2 compliance. - Establish and manage evidence retention policies and procedures to ensure alignment with SOC 2 requirements and audit standards. - Develop and execute structured plans for collecting and organizing compliance evidence related to security controls, policies, and operational procedures. - Collaborate with cross-functional teams to integrate automated evidence collection processes into existing systems and workflows. - Maintain clear documentation of automation processes and produce detailed compliance reports to support audit readiness. - Validate the accuracy and completeness of compliance evidence and work with internal stakeholders to resolve discrepancies or gaps. - Identify opportunities to improve automation, reliability, and scalability of evidence collection and compliance reporting processes. Internal Responsibilities - Attend regular internal practice community meetings. - Collaborate with your itD practice team on industry thought leadership. - Complete client case studies and learning material (blogs, media material). - Build out material to contribute to the Digital Transformation practice. - Attend internal itD networking events (in person and virtual). - Work with leadership on career fast-track opportunities. Qualifications - Experience designing and implementing automated processes for SOC 2 compliance evidence collection. - Experience collecting and managing SOC 2 compliance evidence within a cloud security environment. - Strong understanding of SOC 2 frameworks, security controls, and compliance requirements. - Experience with cloud security and operations in Google Cloud Platform (GCP). - Strong knowledge of GCP security best practices, controls, and compliance standards. - Experience with scripting or automation tools such as Python or Go. Preferred Qualifications and Skills - Industry security certifications such as CISSP or CISM. - Experience with security automation and compliance tooling. - Familiarity with cloud workload protection and security monitoring platforms. - Experience supporting security audits and compliance assessments. Education - Bachelor’s degree in Computer Science, Information Technology, or a related field required. - Master’s degree preferred. Benefits - Comprehensive medical benefits. - 401k plan. - Paid holidays. - More benefits available. Company Description About itD: We are part of a new generation of consulting and software development company that blends diversity, innovation, and integrity with real business results. Our structure rejects any strong hierarchy, empowering us to deliver excellent results. We are a woman- and minority-led firm. Every day, we challenge ourselves to be considerate, fair and to re-think what great outcomes mean for our customers. This permeates down to how we approach every interaction, on every project, for every client. You’ll thrive here if you are a dynamic self-starter, a difference-maker or someone who wants to deliver great results, without constraints. The itD Digital Experience: Joining us means you’ll be part of our global community, you have a say about your own career journey, and you’ll get a chance to give back to causes that matter. You will experience working with Fortune 500 companies and high-performance teams across numerous industries. itD offers our employees excellent benefits such as medical, dental, vision, life insurance, paid holidays, 401K + matching, networking & career learning and development programs. We are growing and we want to see you grow!

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description The Cybersecurity Intern will support our small IT/security team in protecting staff, volunteers, and client data across our nonprofit systems and cloud services. This role is ideal for student or early-career professionals who want hands-on experience with Microsoft Defender, Cloudflare, 1Password, and security awareness platforms in a real production environment with limited budgets and high mission impact. Key Responsibilities - Monitor and triage security alerts from Microsoft Defender (endpoints, identity, and email) and escalate issues to the IT/security lead. - Review Microsoft 365 and Azure AD sign-in logs and conditional access alerts for suspicious activity, such as impossible travel, risky sign-ins, and MFA failures. - Assist with managing Cloudflare security, including reviewing DNS and bot protection events. - Assist with managing 1Password for teams, including onboarding and offboarding users, organizing vaults, reviewing access permissions, and encouraging strong password and passkey practices. - Support phishing and security awareness programs using KnowBe4 to help develop campaigns, track outcomes, and prepare short training sessions and follow-up communications for staff. - Assist with vulnerability and configuration assessments on Windows endpoints and key SaaS services, documenting findings and tracking remediation efforts. - Help respond to basic security incidents, such as suspected phishing, account compromise, or malware alerts, following documented playbooks and runbooks. - Assist in documenting security procedures, checklists, and “how-to” guides designed for non-technical staff and volunteers. - Participate in at least one focused project, such as improving 1Password usage, tightening M365 security baselines, or enhancing phishing simulations, that align with both your interests and the organization’s needs. Learning Outcomes - Explain and apply basic security principles in a nonprofit IT environment, including privilege, MFA, and secure password management. - Use Microsoft Defender and related logs to identify and document common threats like phishing, malware, and suspicious sign-ins. - Support the deployment and adoption of 1Password as an enterprise password manager to decrease password reuse and enhance credential hygiene. - Learn how Cloudflare safeguards web assets and identify typical DNS problems in real-world scenarios. - Assist in planning and executing security awareness and phishing campaigns that promote culture change instead of assigning blame. Qualifications - Currently pursuing an Associate’s, Bachelor's, or Master’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. - Engaging in equivalent self-directed learning such as certificates or bootcamps. - Solid understanding of networking, operating systems (especially Windows), and key security concepts like MFA, phishing, and least privilege. - Knowledge of Microsoft 365 and fundamental cloud concepts. - Interest in learning enterprise tools like Microsoft Defender, Cloudflare, and 1Password (prior experience is a plus but not required). - Strong communication skills and patience when working with non-technical staff in a mission-driven environment. - Proven reliability, confidentiality, and integrity in managing sensitive information. Requirements - Location: Fully Remote - Pay Rate: $25.00 per hour. Since this is a temporary position, it is not eligible for benefits. - This is a Part-Time Internship: 20-25 hours per week. - Interns must have their own laptop and access to high-speed internet. - Reports To: Jeff Gray, Director of IT Infrastructure & Cyber Security. Company Description Circular Action Alliance is an equal employment opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex (including pregnancy, childbirth, lactation, and related medical conditions), national origin, military or veteran status, sexual orientation, gender identity, age or any other category protected by applicable federal, state, or local law. If you require accommodation as part of the application process, please contact careers@circularaction.org.

• Investigate and respond to security events; communicate findings to risk decision makers • Build and maintain security tools, automations, runbooks, dashboards, and detection infrastructure • Proactively hunt for threats and stay current on cybersecurity best practices • Perform threat modeling and security architecture reviews for AI agent platforms • Design security controls for identity flows (OAuth/OIDC, Okta, Auth0, Entra ID) within agentic systems • Harden LLM gateways and MCP connectors against prompt injection, tool abuse, and token leakage • Embed security into AI builds from design through deployment

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description You’ll triage and remediate security alerts across Openly’s attack surface, build detection automations, and serve as a key security partner for our AI initiatives — including multi-agent platforms, LLM tools, and agentic API workflows. Responsibilities - Investigate and respond to security events; communicate findings to risk decision makers - Build and maintain security tools, automations, runbooks, dashboards, and detection infrastructure - Proactively hunt for threats and stay current on cybersecurity best practices - Perform threat modeling and security architecture reviews for AI agent platforms - Design security controls for identity flows (OAuth/OIDC, Okta, Auth0, Entra ID) within agentic systems - Harden LLM gateways and MCP connectors against prompt injection, tool abuse, and token leakage - Embed security into AI builds from design through deployment Qualifications - BS in Computer Science, IT, or equivalent experience - 6+ years in technical roles; 4+ years in Security Engineering/Operations; 2+ years in an adjacent field (IT, DevOps, etc.) - Broad security knowledge: endpoint, email, network, identity, cloud, vulnerability management, IR, threat intel - Experience with EDR, MDR, SIEM, CSPM, and email security tools - Securing AI systems and agentic workflows, including MCP security risks (prompt injection, tool abuse, unauthorized access) - Securing multi-agent orchestration: agent delegation, tool-use layers, session data protection, guardrail enforcement - Deep knowledge of OAuth 2.0/OIDC, token security, and IdP administration (Okta, Auth0, Google Workspace, Entra ID) - Hardening human-in-the-loop workflows, async AI execution, and conversation memory stores - Experience with GCP/AWS, Python, Terraform, and Git Requirements - Strategic thinking - Clear communication - Innovation - Comfort with ambiguity - Systems architecture - Team mentorship Benefits - Remote-First Culture - We supported #remotelife long before it was a given. We'll keep promoting it. - Competitive Salary & Equity - Comprehensive Medical, Dental, and Vision Plan Offerings - Life and disability coverage including voluntary options - Parental Leave - up to 8 weeks (320 hours) of paid parental leave based on meeting eligibility requirements - 401K Company Contribution - Openly contributes 3% of the employee's gross income, even if the employee does not contribute. - Work-from-home stipend - We provide a $1,500 allowance to spend on setting up your home workplace - Annual Professional Development Fund: Each employee has $2,000 in professional development (PD) funds to spend on activities or resources annually. - Be Well Program - Employees receive $50 per month to use towards your overall well-being - Paid Volunteer Service Hours - Referral Program and Reward