Security Engineer Remote Jobs in New York (US)
This page tracks remote security engineer openings that are location-eligible for New York.
This page tracks remote security engineer openings that are location-eligible for New York.
Open jobs
3,928
Hiring companies this week
10
Salary sample
$30 - $200,000
Jobs added last hour
0
3928 Jobs
1998 Companies
• Own Filevine’s FedRAMP 20x Moderate strategy, delivery plan, certification readiness, and ongoing compliance posture. • Lead the design and execution of FedRAMP evidence automation, continuous monitoring, and reporting required for Marketplace certification and sustained authorization. • Serve as the single-threaded owner for FedRAMP engagements with 3PAOs, the FedRAMP PMO, agency stakeholders, and internal executive sponsors. • Set the roadmap and priorities for dedicated FedRAMP engineering resources, ensuring regulatory requirements become shipped technical controls, automated evidence, and operationally sustainable processes. • Own POA&M governance, risk acceptance workflows, certification readiness reporting, and remediation planning across product and platform teams. • Ensure FedRAMP implementations are pragmatic, risk-based, technically grounded, and appropriately scoped for Filevine’s architecture, maturity, and business priorities. • Provide clear, consistent executive reporting on progress, risk, tradeoffs, dependencies, resourcing needs, and certification readiness. • Drive governance for vulnerability findings from scanning tools, penetration tests, customer reviews, audits, and bug bounty programs, including risk adjustment, remediation ownership, escalation, and executive tradeoff decisions. • Maintain a single source of truth for security/compliance status, control gaps, remediation commitments, and customer-facing trust claims. • Ensure trust center materials, customer security responses, sales enablement messaging, and public compliance claims are accurate, current, and defensible. • Translate privacy obligations and customer commitments into product, engineering, and operational requirements. • Support AI and data governance efforts by ensuring privacy, security, and customer trust requirements are reflected in product and operational decisions. • Drive alignment between compliance goals, engineering capacity, product strategy, customer commitments, and business risk.
• The Lead Security Engineer (Cloud & Enterprise Security Engineering) is responsible for designing, implementing, hardening, integrating, and continuously improving security technologies across varied domains. • Translate security requirements into scalable and reliable technical solutions. • Engineer secure-by-default solutions, improve platform capabilities, automate security functions, and drive long-term technical maturity. • Own complex technical initiatives from design through implementation, support, optimization, and documentation. • Create and maintain actional documentation including architecture diagrams, standards, SOPs, and runbooks.
Role Description This role’s mission & overview: Camps trust Campminder to keep their data safe, and that trust is what lets them focus on running a great summer. You'll own how we protect that data end to end: - Architecting and hardening our security infrastructure - Carrying our PCI and SOC2 programs through every audit - Setting the roadmap that keeps us ahead of real threats - Being the person the engineering org comes to on security - Defining what good looks like at Campminder As a Senior Cybersecurity Engineer on our Engineering team, you will: - Manage identity and access infrastructure, including Azure conditional access, Okta SSO, and Auth0, keeping MFA and zero-trust enforced across production and internal apps - Integrate security scanning (SAST, DAST, SCA) into CI/CD pipelines and drive remediation before code reaches production - Configure, tune, and harden WAF rules across our web applications - Own vulnerability scanning and remediation using tools like Mondoo and SecurityMetrics, and administer EDR, DLP, and SIEM/XDR tooling across servers and endpoints - Manage secrets and credentials in build pipelines, including vault-based storage, rotation, and least-privilege service accounts - Execute PCI technical controls: SAQ completion, quarterly ASV scans, and disaster recovery implementation - Harden containerized and cloud-native environments, including image scanning and Kubernetes configuration - Coordinate pen testing engagements and drive remediation against SLA timelines - Run security awareness training programs (KnowBe4, Security Journey) and maintain AI usage oversight, including approved tooling, code-gen governance, and supply-chain monitoring Qualifications - 5+ years in security engineering or DevSecOps, with hands-on ownership of both pipeline-level and infrastructure-level security - Experience configuring IAM and SSO platforms (Okta, Auth0) alongside cloud-native identity controls like Azure conditional access - Comfort embedding security directly into CI/CD workflows: SAST/DAST/SCA tooling, secrets management, and policy-as-code - A track record hardening containerized and cloud-native environments, including Kubernetes and image scanning - Experience executing PCI or similar compliance technical controls (scans, SAQs, evidence prep); program ownership isn't required, but you know how to translate auditor requirements into engineering work - Familiarity administering SIEM/XDR and EDR/DLP tooling - The judgment to triage real vulnerabilities over theoretical ones, and to know when to escalate versus fix directly - Experience running or supporting security awareness and training programs - Exposure to AI tooling governance, such as MCP inventories, code-gen release gating, or supply-chain monitoring for AI-assisted development Benefits - Robust medical, dental, and vision coverage options with generous employer contributions, plus a $500 employer HSA contribution for HSA-compatible plans - Ability to choose where you work - remotely, in the office, or a mix! - A variety of resources to support mental health and emotional well-being - 12 weeks of 100% paid parental leave for all new parents, including via adoption, surrogacy, and foster care - 401(k) with 4% company matching - Trust-Based (flexible) PTO (and yes, we use it!) - $900/year wellness allowance - Company-paid subscriptions, training, and support for using AI professionally and personally Company Description We know the best people can choose to work anywhere. Here’s a few reasons why 100+ of them choose Campminder: - With 20+ years experience of serving the industry through its digital transformation, we’re stable, profitable, and have developed a loyal customer base (that continues to grow). - We build software for summer camps, an industry that enables meaningful experiences for kids. - We work on interesting, ambitious projects that create real value for our clients. - We know our team members feel their work has an impact on the organization’s purpose. - We are genuinely committed to work/life balance. - We invest in emerging technology and cutting-edge leadership and are proud to take an "AI-Enabled" approach in our solutions. - We’ve been listed on Outside Magazine’s 50 Best Places to Work for 8 consecutive years for our values-led culture and employee experience.
This is a remote position.
Role Description We are seeking an experienced Cybersecurity Assessment & Authorization (A&A) Subject Matter Expert (SME) to support Department of Defense (DoD) cybersecurity programs. The A&A SME will lead Risk Management Framework (RMF) activities, support the Authorization to Operate (ATO) lifecycle, and provide expert guidance on cybersecurity compliance for complex enterprise environments, including traditional IT, cloud-hosted systems, operational technology (OT), applications, and outsourced IT services. The position requires expertise in NIST SP 800-53, DoD cybersecurity policies, and enterprise risk management. Key Responsibilities - Serve as the cybersecurity SME for Assessment & Authorization (A&A) and RMF activities. - Lead and support the development, review, and maintenance of RMF authorization packages, including SSPs, SARs, POA&Ms, and ATO documentation. - Assess security controls in accordance with NIST SP 800-53 and DoD cybersecurity requirements. - Evaluate vulnerabilities, determine residual risk, and recommend risk mitigation strategies to support authorization decisions. - Conduct security control assessments and continuous monitoring activities to maintain system authorization. - Support enterprise cybersecurity compliance for on-premises, cloud, and hybrid environments. - Advise Information System Owners (ISOs), ISSMs, ISSOs, engineers, and Authorizing Officials throughout the RMF process. - Prepare executive-level briefings and communicate cybersecurity risks, authorization status, and remediation recommendations to senior leadership. - Ensure compliance with DoD cybersecurity policies, DISA STIGs, and applicable federal security standards. Qualifications - Minimum five (5) years of relevant experience in Assessment & Authorization (A&A), Certification & Accreditation (C&A), Risk Management Framework (RMF), and NIST cybersecurity compliance within a DoD environment. - Demonstrated experience conducting security control assessments and authorization reviews for large, complex organizations. - Strong knowledge of NIST SP 800-53, DoDI 8510.01, DoD RMF, continuous monitoring, and cybersecurity governance. - Excellent analytical, technical writing, communication, and briefing skills. Requirements - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field (or equivalent experience, if permitted by contract). - DoD 8570/8140 Baseline Certification – IAM Level III (e.g., CISSP, CISM, GSLC, or equivalent approved certification). Benefits - 401(k) - Dental insurance - Health insurance - Paid time off - Vision insurance Company Description This is a remote position.
At Bluestaq, we build secure data platforms that matter for space missions, national defense, healthcare systems, and commercial innovation. Founded in 2018, we've become a leader in enterprise software and secure data management. Recognized as one of Inc. Magazine's Fastest-Growing Private Companies. Consistently ranked among Colorado's Best Workplaces.
Role Description NSPM-11 directs the national security enterprise to adopt AI fast and assure it across the full stack, down to the data pipeline. We are hiring a Principal AI Engineer, AI Security to build agentic and mission AI on the Bluestaq platform. You will prove it secure and resilient from design through deployment. This is a senior individual-contributor role with a player-coach path. You will deliver hands-on now and stand up and lead a small AI team as the work grows. You will be the AI technical authority across the full lifecycle, from shaping bids to assuring what we deliver. What you'll do - Serve as the AI Security technical authority on captures and bids. - Translate mission-owner AI and AI-security requirements into solutions that win. - Build credibility with technical buyers across the IC, DoD, and partners. - Own AI-assurance/security roadmap for the platform, spanning model security, runtime protection, and threat modeling for AI built on Bluestaq data. - Partner with engineering to embed assurance by design. - Design and assure AI for environments mission owners operate in, including disconnected, classified, and air-gapped settings. - Threat-model AI systems against significant attacks: adversarial inputs, model extraction and distillation, data and supply-chain poisoning, and agentic or tool-use abuse. - Establish and carry the external voice on secure AI for national security through talks, writing, and demonstrated technical work. - Ensure delivered AI meets the assurance, TEVV, and supply-chain standards mission owners depend on. - Connect AI-security work into Bluestaq's broader AI platform. - Stay ahead of AI/ML advances and bring in the ones that offer real advantage. - Coach mission owners and non-technical stakeholders on realistic AI capabilities. - Spot gaps in Bluestaq's AI tooling, skills, or process and drive proposals that close them. - Hire and lead a small AI team as the pipeline grows. Qualifications - Five or more years across AI security architecture, AI/ML engineering, or a closely related combination. - Hands-on experience securing modern AI systems: LLMs, retrieval-augmented generation, and agentic or tool-using architectures. - Working command of the AI threat landscape and practical countermeasures. - Cloud security depth, AWS preferred. - Ability to translate AI risk for different stakeholders. - The seniority to own a domain, set standards, and influence engineering decisions. - U.S. citizenship and the ability to obtain and maintain a U.S. government security clearance. Requirements - Active TS/SCI. - A public technical record in AI security: research, conference talks, open tooling, red-team writeups, or sustained content. - Experience delivering and assuring AI in regulated or government environments. - Familiarity with the federal AI assurance landscape, including NIST AI RMF, TEVV, and the NSPM-11 mandate. - Secure AI/ML supply-chain experience: model and dataset provenance, third-party model risk, and the equivalent of an SBOM for models. - Experience standing up an AI or AI-security capability from zero and growing a team into it. Education - Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent experience. - Advanced degree preferred. Required Location & Travel This position is remote, open to candidates based in Colorado or Virginia, with up to 12 trips per year to customer, partner, or government sites, including secure facilities. Salary Range (CO) $200,000 — $300,000 USD Clearance Requirement This position may require the ability to obtain a TS/SCI Clearance. To be eligible for a security clearance, U.S. citizenship is required, and an employee must agree to participate in a background screen and credit check. Relocation This position does not offer relocation. Candidates must live in the immediate area or relocate at their own expense. Date the Position Closes Applications will be accepted for 60 days beyond the posting date, or until the position is filled, whichever comes first. Company Description At Bluestaq, we build secure data platforms that matter for space missions, national defense, healthcare systems, and commercial innovation. Founded in 2018, we've become a leader in enterprise software and secure data management by staying focused on what counts: modern architecture, operational excellence, and mission impact. We're engineers, problem-solvers, and builders who take the mission seriously, but not ourselves. We automate the repeatable, question the status quo, and design systems that are as reliable as they are scalable.
Molina Healthcare is a Fortune 500 managed care company with a storied history that dates back to 1980 and the opening of a medical clinic by Dr. C. David Molina. As an employer, M
Role Description This role provides dedicated engineering ownership for Molina’s Secure Access Service Edge (SASE) platform and enterprise data protection capabilities, with supporting responsibility for endpoint resilience technologies such as Dell Absolute. The position is responsible for the design, stability, and operational effectiveness of secure access and data protection services that are critical to workforce access, vendor connectivity, and regulatory compliance. Key Responsibilities - Serve as the primary technical owner for Molina’s SASE / Secure Access platforms. - Design, implement, and maintain secure access policies for workforce, third‑party, and application access. - Lead troubleshooting, root‑cause analysis, and remediation of SASE‑related production issues. - Manage vendor escalations, upgrades, and roadmap alignment. - Assist on supporting Microsoft Purview Data Loss Prevention (DLP), sensitivity labeling, and cloud data controls. - Provide engineering oversight for endpoint persistence and recovery technologies (e.g., Dell Absolute) to ensure devices remain recoverable and enforceable. - Develop standards, documentation, and runbooks; support audit and compliance activities. - Develop AI Automation. Qualifications - Bachelor's Degree. - 5-7 years of experience in security engineering. - Strong experience with SASE / Secure Web Gateway technologies, preferably Zscaler. - Working knowledge of data protection / DLP, preferably Microsoft Purview. - Experience with endpoint persistence or recovery platforms such as Dell Absolute (or equivalent). - Experience working in a regulated enterprise environment. - Industry certifications preferred. Benefits - Molina Healthcare offers a competitive benefits and compensation package. - Molina Healthcare is an Equal Opportunity Employer (EOE) M/F/D/V.
Litigation finance to contingency law firms of all sizes. Focused on providing law firm funding.
• Lead enterprise IT operations, infrastructure, cloud services, and cybersecurity • Own the full lifecycle of IT operations and information security • Manage on-prem network and servers (VLANs, firewalls, DNS/DHCP) and the Azure Government / M365 GCC High environment • Administer hybrid identity (AD / Entra ID): provisioning, access reviews, MFA, PIM • Oversee Tier 2/3 support, onboarding, and hardware lifecycle to SLA targets • Lead IT projects and migrations; manage vendors, licensing, and assets • Own the CMMC Level 2 / NIST SP 800-171 program • Report posture, risk, and budget performance to leadership
Headquartered in Buffalo, New York, M&T Bank is a community-focused bank that provides banking, insurance, investment, and mortgage financial services to more t
Title: Senior IAM Governance Specialist Location: Buffalo United States Job Description: This role is four days onsite at our Seneca One Buffalo, NY location, with the flexibility to work from home one day per week Overview: Responsible for analyzing, documenting, and monitoring compliance with Workforce Identity Access Management (WIAM) policies, procedures, and best practices. Creates new or updates existing processes and governance that ensure resiliency and security of organization. Primary Responsibilities: - Create policies and processes to assist WIAM with consistently monitoring and securing organization. - Provide governance assistance across common IAM platforms (e.g., SailPoint, Azure AD / Entra ID, CyberArk, PAM solutions). - Participate in the development, review, and update of strategies, policies and procedures pertaining to various governance areas. - Research and analyze industry best practices and regulatory requirements and make recommendations for policy enhancements to improve resiliency and security of organization. - Maintain and implement systems and processes for monitoring compliance to policies and procedures and identifying data for daily business management. - Analyze and produce insightful reports with recommendations for Cybersecurity senior leadership. - Partner with Cybersecurity, Technology, and First Line Risk teams and, at times, business lines to proactively mitigate risk through creation of robust policies and procedures. - Coordinate responses to audit and regulatory requests, by gathering data and actively participating in documentation reviews for accuracy. - Collaborate with Cybersecurity teams and managers to create process documentation, reporting, and performance metrics. - Coordinates various aspects of remediation activities by tracking team completion and drafting key actions, timeline, and communication plan. - Build relationships among stakeholders in Cybersecurity teams to ensure successful creation and implementation of processes. - Serve as a resource to Cybersecurity teams and managers to educate and assist with projects. - Understand and adhere to the Company's risk and regulatory standards, policies, and controls in accordance with the Company's Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management. - Promote an environment that supports belonging and reflects the M&T Bank brand. - Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable. - Complete other related duties as assigned. Scope of Responsibilities: - Partners with peers, manager, WIAM team and leadership, First Line Risk team, Internal Audit team, and external auditors - Determines and develops approach to solutions. Work is evaluated upon completion to ensure objectives have been met. Work is accomplished with periodic check-ins for alignment and limited direction. - Working knowledge of multiple cybersecurity platforms and applications such as SailPoint, Azure AD / Entra ID, CyberArk, PAM solutions. Education and Experience Required: - Bachelor's degree and a minimum of 3 years' relevant work experience, or in lieu of a degree, a combined minimum of 7 years' higher education and/or work experience inclusive of a minimum 2 years' work experience in Cybersecurity, Technology, or Risk/Audit - Demonstrated intermediate knowledge of IAM principles and compliance requirements. Education and Experience Preferred: - Intermediate knowledge of IAM platforms: SailPoint, Azure AD, Entra ID, CyberArk, PAM solutions - Familiar with cloud identity strategy including Azure AD, Entra ID, RBAC, conditional access, and privileged role governance - Experience with IAM road mapping, tooling strategy and modernization M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $97,100.00 - $161,800.00 Annual (USD). The successful candidate's particular combination of knowledge, skills, and experience will inform their specific compensation. Location Buffalo, New York, United States of America
• Provide professional installation, configuration, troubleshooting, and maintenance of security and smart home systems, including intrusion alarms, surveillance cameras, access control, and automation components. • Ensures all work is documented accurately, including system configuration, programming notes, and service logs. • Adheres to all safety standards, electrical codes, and security regulations during fieldwork. • Works closely with team members, project managers, and clients to ensure smooth installations and service visits. • Supports team coordination on large-scale projects and cross-trade integration. • Communicates clearly with internal staff and end users to ensure expectations are aligned and met. • Identifies potential installation challenges before they impact timelines or quality. • Keeps systems and tools organized and ready, anticipating parts or programming needs in advance. • Reports recurring technical issues or process inefficiencies and suggest solutions. • Stays current on evolving technologies in security, automation, and networking. • Goes the extra mile to ensure every system is tested thoroughly and functioning flawlessly. • Designs neat and efficient cable routes, panel layouts, and device placements.
The Quantum Computing Company
• Lead the end-to-end delivery of strategic ETS programs • Drive governance, risk, and compliance programs across cloud infrastructure, IT systems, and security operations • Establish and maintain program management best practices, playbooks, and governance frameworks • Serve as the primary point of accountability for program status and executive-level reporting • Partner with ETS stakeholders to define program objectives and navigate ambiguity • Identify, track, and proactively mitigate program risks and issues • Champion continuous improvement by analyzing program performance data
3,918more opportunities are still waiting for you.Log in now and take your next shot before someone else does.
Cloud, Azure, AI, Observability/Monitoring, Amazon IAM, Okta