This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description We are seeking a Cybersecurity Engineer to help protect our organization's systems, networks, and data from cyber threats. This role will design, implement, and maintain security controls and technologies while monitoring and responding to security incidents. The ideal candidate is highly analytical, detail-oriented, and passionate about protecting critical systems and information. - Design and implement security solutions to protect infrastructure, networks, and applications. - Monitor systems for security incidents and respond to threats or vulnerabilities. - Conduct vulnerability assessments and penetration testing. - Implement and manage security tools such as SIEM, EDR, firewalls, and intrusion detection systems. - Investigate security alerts and incidents and coordinate remediation efforts. - Ensure compliance with security standards and regulatory requirements. - Develop and maintain security policies, procedures, and documentation. - Perform risk assessments and recommend security improvements. - Collaborate with IT and engineering teams to integrate security into system architecture. - Stay up to date on emerging cybersecurity threats and technologies. Qualifications - Experience with security technologies such as SIEM, IDS/IPS, EDR, firewalls, and endpoint security tools. - Knowledge of network security concepts and protocols. - Experience with vulnerability management and security monitoring. - Strong analytical and incident response skills. - Familiarity with security frameworks such as NIST, ISO 27001, or CIS. Requirements - Experience with cloud security (AWS, Azure, or Google Cloud). - Knowledge of scripting languages such as Python, Bash, or PowerShell. - Experience with penetration testing or threat hunting. - Understanding of DevSecOps practices. - Security certifications such as Security+, CISSP, CEH, or GIAC. Education & Experience - Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field. - 3+ years of experience in cybersecurity or information security. - Relevant certifications preferred.

• Work within a small team of developers who are specialists in Rust, Go, Swift, and Security Development • Implement new security features for the next generation of 1Password and develop secure libraries to share common security-critical code across our applications • Assist in security design efforts or scoping initiatives for new features by identifying major tasks and breaking down, estimating, and planning work • Demonstrate leadership in security development and act as a trusted point of contact for management and other developers • Code, test, debug, deliver and maintain production software systems for new and existing product features • Collaborate with a variety of teams across our hybrid core architecture from Design to QA, as well as security engineering for design guidance and secure coding practices • Work with your teammates to communicate technical requirements to stakeholders and solve technical problems in a scalable and realistic way • Mentor junior and new team members by helping them understand team expectations, providing technical guidance, sharing knowledge, and engaging in pair programming sessions • Review code for others to maintain high code quality, knowledge share within the team, and support creating a safe environment of giving and receiving feedback • Stay informed about the latest industry trends, technologies, and best practices in security development

We are looking for a passionate, driven security leader to join our team. This is a remote position. Reporting to the Chief Technology Officer, the Chief Information Security Officer will be responsible for leading security and technology initiatives to successful outcomes and ensuring the integrity, confidentiality, and availability of company information and systems. Additionally, this leader will be responsible for overseeing the IT operations, managing the IT team, and establishing and maintaining best practices in information technology, asset management, while providing security and technology compliance advisory to other business units. Responsibilities: - Work closely with Chief Technology Officer, Chief Compliance Officer, Legal Counsel, and other executive leaders to develop and enhance the overall information security program, with a specific focus on engineering and architecture, threat management, identity and access management, vendor management, and regulatory compliance matters. - Own tactical execution of strategic direction and vision of the information security program - Analyze business priorities and risk exposure to ensure protection of critical systems and data assets. - Develop and maintain security metrics and goals - Draft information security program policies and procedures to ensure compliance with best practices and regulatory requirements - Manage expectations of our leadership, customers, third-party partners and employees - Direct and oversee information governance activities, including SOC 2 audits, NYDFS Part 500 requirements, EU/DORA requirements, cybersecurity risk assessments, Penetration Tests, program enhancements, and other industry best-practices and regulatory expectations. - Lead information security-related committees and working groups - Manage incident response program, including business continuity/disaster recovery program and security incident preparedness - Manage Endpoint Security - Manage third-party risk assessments and other risk related audit deliverables - Represent the company in discussions with auditors and regulators - Manage security vendor / supplier relationships - Manage a team of information technology and security professionals, hire and train new employees, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members - Manage expenses and budgets for information security department; build and present credible business cases for security initiatives and investments or other IT related initiatives - Lead training and awareness efforts across the organization and build a culture of compliance around information security and data privacy - Continuously monitor trends to anticipate and plan for information security risks - Provide positive and collaborative leadership to all departments (e.g., sales, engineering, product management, legal, compliance, finance, customer success) - Other duties may be assigned as needed Requirements: - 8+ years of hands-on, technical security experience, with 4+ years in a role leading teams/programs - Experience working with global, cross-functional teams - Experience leading security compliance projects (e.g., SOC 2 audits, cybersecurity risk assessments, regulatory requirements) - Working knowledge of effective systems architecture and implementations ( Cloud, Hybrid Cloud, DevOps, Open-Source) - Working knowledge of secure AI use and best-practices - Knowledge of security standards / frameworks (e.g., NYDFS Part 500, DORA, GDPR, NIST CSF, etc.) - Practical knowledge of securing remote work environments. - Experience with tools and practices such as GPG key management and remote identity authentication. - Hands on Endpoint Security management (Mac OS) - Knowledge of applicable laws and regulations (e.g., SOX, GLBA, etc.) - Excellent oral and written communication skills - Ability to thrive in a fast-paced, collaborative environment - Strong organizational and time management skills, including demonstrated ability managing teams and establishing goals and priorities - Able to work remotely and collaborate with colleagues in different time zones - BS or MS in Computer Science, Computer Security, Computer Engineering, or other technology-related field Preferred: - Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certification - Experience in the crypto industry or working at a fintech company with payments industry experience a plus - Experience working at an audit and / or advisory services firm What We Offer: - Collaborate with a team of intelligent, enthusiastic individuals. - Thrive in a rapidly expanding crypto company with global reach, where your contributions make a tangible impact. - Work remotely with a generous vacation policy, including the opportunity to take a sabbatical and select your own holidays. - Access to continuous learning and development opportunities, supported by professional development reimbursement - The base salary range for this position is $200,000–$250,000 per year (based on experience, location, and qualifications), plus variable compensation through the MBO incentive program with on-target total compensation up to $345,000. We offer 100% employer-paid medical and dental and a robust benefits package that includes telemedicine, life and disability insurance, vision coverage, 401(k), travel assistance, and more. - Option to receive payment in cryptocurrency, along with a crypto match program. - Stock option awards are available to all employees. - Home office allowance, reimbursement for internet/cell expenses, and complimentary Amazon Prime and Spotify subscriptions. IMPORTANT NOTICE: We are committed to a safe and secure hiring process. All roles and communications are shared only through our official channels and with employees of BitPay, and applications are posted via our official careers page. We will not message you via social media direct messages or websites not affiliated with BitPay to recruit or collect personal information. To protect yourself from fraud, please ensure that you are applying to BitPay through our official BitPay Career Page and take the following steps if you notice anything suspicious. BitPay will never ask you to: - Install remote-access tools (TeamViewer, AnyDesk, etc.) - Share SSN or banking details before a formal, written offer from BitPay People Ops - Interview via personal email domains, text, or messaging apps - Pay fees, purchase equipment, or send money/crypto/gift cards for any reason How to verify legitimate BitPay recruiting: - Emails will come only from @bitpay.com (e.g., peopleops@bitpay.com or name@bitpay.com) - Interviews are conducted via Google Meet links ending in meet.google.com - Open roles are listed at bitpay.com/careers/ If you receive a suspicious message claiming to be BitPay: - Do not click links or provide information - Report as spam/phishing to your email provider - Verify the role at www.bitpay.com/careers BitPay is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description The Staff Security Engineer L6 (SOC) serves as a senior technical leader for advancing Inovalon's detection, response, and automation capabilities across the enterprise, cloud, and SaaS environments. As a subject matter expert in Security Operations, SIEM, SOAR, and security engineering, the engineer provides deep technical expertise in security monitoring, incident response, threat detection engineering, and automation to strengthen Inovalon's overall security posture. The Staff Security Engineer L6 is expected to remain current on emerging threats, adversary tactics, cloud and identity risks, and evolving security operations technologies. Working closely with SOC analysts, engineering, IT, and cloud teams, this position drives proactive security operations by implementing scalable monitoring, automation, and response capabilities that improve visibility, reduce manual effort, and accelerate containment of threats. The Staff Security Engineer L6 also contributes to continuous improvement of SOC processes, metrics, and tooling to ensure alignment with enterprise risk management, compliance obligations, and operational excellence. Duties and Responsibilities - Lead the strategic implementation of security standards in alignment with security policies. - Provide technical expertise and direction for the selection and implementation of a diverse suite of product security controls and countermeasures. - Provide technical leadership to recommend appropriate information security frameworks, requirements, direction, and system recommendations. - Stay abreast of security best practices and technologies, and foster the growth of team members by providing training, guidance, and mentoring. - Design, develop, and maintain SOAR playbooks and automated response workflows to improve detection, triage, and containment across endpoint, network, identity, and cloud environments. - Integrate and optimize SIEM, EDR, vulnerability management, identity, and ticketing platforms (e.g., Rapid7, CrowdStrike, ServiceNow, Azure, email security) to enable end-to-end automated incident response. - Engineer and tune security detections, enrichment pipelines, and correlation logic to reduce false positives and improve MTTD/MTTR through automation and orchestration. - Develop and maintain automation scripts and APIs to support SOC operations, including automated containment (isolate host, disable account, block IP/domain), enrichment (threat intel, asset context), and reporting. - Build and maintain SOC automation use cases such as phishing response, suspicious login triage, malware containment, vulnerability prioritization, and insider-risk monitoring. - Collaborate with SOC analysts, threat hunters, and engineering teams to identify manual processes and convert them into automated workflows, increasing SOC efficiency and consistency. - Maintain and optimize SOAR platform health, integrations, and playbook performance, including version control, documentation, and continuous improvement lifecycle. - Create and deliver automation metrics and dashboards (automation coverage, time saved, incident response time reduction, false-positive reduction) for SOC leadership and executive reporting. - Work with leadership, customers, and stakeholders in both IT and Information Security to develop requirements based on a changing threat landscape and new digital capabilities. - Build security into product delivery pipeline (DevSecOps) using scripting. - Perform architecture reviews, identify security risks, recommend, and implement mitigations. - Research, recommend, and implement effective security controls for cloud-native services. - Discover and implement untapped functionality from security tools and services. - Work autonomously and proactively seek out opportunities to build security capabilities across our platforms. - Automate security throughout the development lifecycle (DevSecOps) by enabling security tools, technologies, and best practices for agile development. - Document security and compliance issues. - Present findings to clients, including technical teams and executive leadership, providing clear explanations of vulnerabilities, the potential impact on the business, and recommended mitigation strategies. - Adhere to all confidentiality, HIPAA, regulatory, and other such policies, procedures, and requirements as outlined within Employer’s Operating Policies and Procedures in all ways and at all times with respect to any aspect of the data handled or services rendered in the scope of work. - Maintain compliance with Inovalon’s policies, procedures, and mission statement, and fulfill those responsibilities and/or duties that may be reasonably provided by Inovalon for the purpose of achieving operational and financial success. Qualifications - A minimum of years of experience in software and security engineering. - 5+ years of experience in one of these programming languages such as JavaScript, Python, Golang, and PowerShell. - 5+ years’ experience in building security test automation utilities (security as code) and environments. - 5+ years’ experience with cloud native technologies (Azure, AWS, GCP) and secure configurations. - 3+ years’ experience in security system administration (installation, configuration, upgrade, and support). - 3+ years of experience in application security architecture and risk assessments. - Experience with OWASP TOP 10, NIST CSF, and MITRE ATT&CK frameworks. - One or more of the certifications: CISSP, CEH, OSCP. - Preferred: AWS Cloud certifications. - Cloud Security and Governance, Risk, and Compliance GRC, Thick Client Thin Client VAPT Knowledge/Hands on about DevSecOps/DevOps Knowledgeable about Data Protection. Education - Required: Bachelor of Science in an engineering or technical discipline. - Preferred: Bachelor of Science in a cybersecurity discipline or a master's in an engineering or technical discipline with cybersecurity coursework. Physical Demands and Work Environment - Sedentary work (i.e., sitting for long periods of time). - Frequently or constantly to lift, carry, push, pull, or otherwise move objects and repetitive motions. - Subject to inside environmental conditions. - Travel for this position will include less than 5% locally, usually for training purposes. Benefits - Inovalon offers a competitive salary and benefits package. - In addition to the base compensation, this position may be eligible for performance-based incentives. - The actual base pay offered may vary depending on multiple factors including, but not limited to, job-related knowledge/skills, experience, business needs, geographical location, and internal equity. - Inovalon invests in associates to help them stay healthy, save for long-term financial goals, and manage the demands of work and personal commitments. - Benefits package may include health insurance, life insurance, company-paid disability, 401k, 18+ days of paid time off, and more. Base Compensation Range $151,800 — $185,000 USD Equal Opportunity Employer Inovalon is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.