Information Security Analyst

We are seeking a dedicated Information Security Analyst to join our team at Betterment HQ in New York City. This role is crucial in protecting our organization’s information assets and ensuring compliance with regulatory requirements. The ideal candidate will possess strong analytical skills, a proactive mindset, and a passion for cybersecurity.

Location: Remote (U.S. or Canada) Type: Full-Time for U.S. Applicants; Independent Contractor for Canadian Applicants About Human Agency At Human Agency, we are rapidly expanding and are on the lookout for exceptional talent across various fields. Our mission is to attract individuals ranging from creative visionaries to technical specialists and entrepreneurial leaders, all of whom can contribute to our exciting growth phase. We pride ourselves on fostering a culture of collaboration and hands-on leadership. Titles do not shield us from constructive feedback; instead, we embrace it to continuously elevate our standards. Here, the best ideas prevail regardless of their origins, as we are committed to delivering outstanding results for our clients. Our clients’ missions and products are paramount. We deeply engage with their objectives, acting as custodians of their goals and partners in tackling significant challenges. Every strategy, asset, or solution we design is crafted to be not only aesthetically pleasing but also highly functional and impactful in real-world scenarios. People are our greatest asset. We grow by selecting individuals who inspire us to reach new heights. From strategy and engineering to design and operations, we seek team members who can elevate our performance. We believe in hiring individuals who can push us forward, never backward. We collaborate with organizations of all sizes to explore, develop, and implement AI strategies that are secure, scalable, and centered around human needs. Our conviction is that AI should enhance human capabilities rather than replace them, and this belief drives every project we undertake. Whether through advisory services, tool development, or educational initiatives, we meet clients at their point of need and help them integrate AI aligned with their mission and values. Our aim is to empower teams to work smarter, act faster, and unlock new opportunities through thoughtful and responsible innovation. At Human Agency, we lead with purpose, passion, and a sense of adventure. We engage in meaningful work with people we respect, turning the journey into an exciting adventure. Who we are and how we operate are intertwined in everything we do. The Opportunity This role is not a conventional enterprise CISO position where you take over an existing infrastructure, manage a large team, and maintain the status quo. Instead, this is a dynamic and entrepreneurial position where you will be at the forefront of AI security, designing innovative systems, tackling emerging challenges, and positioning security as a strategic advantage rather than merely a cost center. We are implementing AI agents at scale across client environments, developing proprietary AI-powered tools, and advising organizations on how to safely incorporate autonomous systems into their missions.

Role overview The City of New York seeks a Deputy Chief Information Security Officer to help lead its cybersecurity program. This senior role shapes the city's information security strategy and works to protect critical data and technology systems from new and evolving threats. Key responsibilities Work closely with senior leadership to define and carry out information security strategy Create and update security policies for the city’s technology environment Supervise incident response and coordinate actions during security incidents Lead risk assessments and oversee compliance audits Support security awareness by directing training programs across city departments Location This role is based in New York City.

About Our TeamThe Corporate Security team at OpenAI is committed to the safety and security of our personnel and facilities. We prioritize the responsible advancement of artificial intelligence while protecting our technologies and intellectual properties on a global scale.About the OpportunityAs the Risk Program Manager, you will lead initiatives to identify and mitigate physical security risks that may impact OpenAI's staff, executives, and facilities worldwide. This vital role ensures a secure environment that facilitates the continuous development of our AI technologies.The ideal candidate possesses extensive knowledge in physical security, counterintelligence, and risk management tailored to a corporate setting. Your expertise goes beyond technical skills; you thrive in building relationships across various departments and with external federal law enforcement and intelligence agencies both domestically and internationally. Moreover, your ability to clearly and engagingly communicate complex security issues makes you proficient in engaging stakeholders at every level of the organization.This position is located in New York City, Seattle, or Washington DC. We operate on a hybrid work model of three days in the office weekly and provide relocation assistance for new hires.Key Responsibilities:Conduct continuous assessments to identify and evaluate potential physical security threats and counterintelligence issues related to OpenAI's personnel and facilities.Devise and execute risk mitigation strategies that integrate with existing crisis management and cybersecurity protocols.Maintain close collaboration with federal law enforcement and intelligence agencies in the US and internationally to ensure prompt communication of threat intelligence.Collaborate with the Crisis Management and Information Security teams to ensure a unified and thorough approach to organizational security.Support various Corporate Security programs, including executive protection and event security, ensuring alignment with risk management strategies.Prepare and present comprehensive security risk assessments and strategic mitigation plans to senior management.Assist in designing and delivering security training programs focused on physical security and counterintelligence awareness.

About Our TeamAt OpenAI, our dedicated Security team is committed to providing our researchers, engineers, and staff with seamless access to the tools and resources necessary for optimal productivity, security, and comfort. As an Enterprise Security Engineer, you will thrive in a highly technical, collaborative environment focused on employee satisfaction.Our IT team, though compact and agile, covers a wide array of security domains, empowering you to contribute to innovative solutions and build robust systems from the ground up. With strong support and ample resources, we aim to implement a world-class enterprise security program.Role OverviewIn the role of Enterprise Security Engineer, you will play a key role in safeguarding OpenAI's internal information systems through the implementation and management of security protocols. You will collaborate closely with our IT and Security teams to enhance security capabilities, enforce policies, and monitor systems for potential threats.This position is available for remote work or relocation assistance can be provided for candidates moving to San Francisco.Your Responsibilities Will Include:Designing and executing robust security measures to protect our organization's information assets from unauthorized access, disclosure, or misuse.Monitoring both internal and external systems for security threats and responding promptly to alerts.Contributing to and enforcing IT and Security policies and procedures across the organization.Collaborating with the IT department to fortify our infrastructure using best practices in AzureAD, GSuite, GitHub, and other SaaS tools.Providing guidance to employees on best practices for securing endpoints, as well as office AV and network infrastructure.Creating innovative sharing controls and associated monitoring to safeguard company data, including intelligent group management, Data Loss Prevention (DLP), and other relevant security controls.Implementing forward-thinking models such as 'secure by default' and 'zero trust' to establish sustainably secure environments for knowledge workers and developers.Identifying and addressing vulnerabilities within our internal systems while adhering to best practices for data security.Utilizing our AI-driven models to enhance systems for improved security detection and response, data classification, and other security-related tasks.

Join our dynamic team at Artemis as a Security Analyst in the heart of New York City. In this pivotal role, you will be tasked with identifying, analyzing, and mitigating security threats to our organization. You will collaborate with IT and business units to develop security policies, procedures, and best practices to ensure the safety of our data and systems.

Join Crosby as a Security Engineer, where you'll play a pivotal role in safeguarding our information systems and data integrity. As a vital member of our security team, you will implement robust security measures, conduct risk assessments, and collaborate with cross-functional teams to protect our infrastructure from potential threats.

About the RoleJoin our dynamic team at FanDuel as we seek a skilled Senior Enterprise Security Engineer. This pivotal role requires a professional who is dedicated to crafting and implementing enterprise security control strategies, while also shaping our security posture. You will play a key role in balancing risk reduction with user experience and operational enablement at scale.Reporting directly to the Senior Manager of Enterprise Security Engineering, you will tackle diverse security challenges and lead initiatives that foster a secure environment for our operations.Your ResponsibilitiesImplement cutting-edge models such as “secure by default” and “zero trust” to maintain a robust security posture.Act as a security subject matter expert, collaborating with internal teams to meet business objectives and overcome security challenges.Develop and manage team roadmaps while staying informed of the latest threats and identifying security risks independently.Utilize automation and development approaches to enhance enterprise-wide security controls.Employ AI technologies to amplify the effectiveness of Security Engineering and FanDuel's operations.Support the security organization as needed, fostering a collaborative team environment.What We’re Looking ForProven expertise in security engineering across multiple domains, including Zero Trust, Endpoint Security, Data Protection, and more.Intermediate proficiency in scripting languages such as Python, Go, or Ruby; experience with Python and PowerShell is a plus.Familiarity with identity access management frameworks and protocols like SAML, SCIM, OAuth, and WebAuthN.Ability to model threats to corporate infrastructure and implement preventative architectures and controls.Strong communication skills to work effectively with a diverse range of partners, from engineering to legal teams.Adeptness in navigating rapidly evolving environments with a focus on solving ambiguous challenges.

About the Opportunity At Contentful, we are dedicated to creating a secure and reliable service. Our commitment to security encompasses significant investment in resources and efforts. Our Security team plays a pivotal role in managing information security across the organization and collaborates closely with various internal teams. We believe in embedding security within our DevOps principles, ensuring robust and repeatable processes. We are seeking an enthusiastic and dedicated Manager of Security Engineering, someone who is eager to tackle complex security challenges with innovative and scalable solutions. In this role, you will oversee security engineering initiatives for Contentful's corporate systems, including the tools and platforms that empower our internal security team. Although this position is not responsible for customer-facing product security, you will work in tandem with product security teams within our security organization on overlapping responsibilities. Your role will involve a blend of leadership and hands-on technical execution, focusing on designing, implementing, and managing security controls and tools at scale. Key areas of focus will include identity and access management, data security, and SaaS platforms. You will provide strategic direction and spearhead initiatives while remaining actively involved in their execution. While you may work independently at times, you will frequently collaborate with security leadership, IT, and cross-functional partners to align strategies, implement shared initiatives, and effectively mitigate risks while minimizing impacts on end users across the organization. What to Expect? Develop a high-performing team through coaching, mentorship, goal setting, and performance feedback. Define roles and make hiring decisions to expand the team in alignment with departmental needs. Maintain a hands-on approach, balancing technical leadership with direct implementation work. Own execution and prioritization across projects and operations, utilizing agile delivery practices. Enhance effectiveness and efficiency by refining processes and tools. Champion continuous improvement across all facets of the security program. Communicate risks and technical concepts clearly to leadership and stakeholders. Collaborate with security leadership to execute business-aligned, risk-reduction roadmaps. Shape work scope, sequencing, and success criteria in line with departmental and company objectives. Drive security processes, standards, and best practices across information technology assets.

Join Hudson River Trading (HRT), a pioneering firm in the trading space, as the Lead for Security Governance, Risk, and Compliance within our expanding Information Security team. This pivotal role will spearhead the security governance initiatives for HRT entities across America, Europe, and Asia, driving the automation of security governance at scale.In this hands-on position, you will collaborate closely with HRT’s Compliance and Legal teams to research, develop, and uphold security solutions tailored to a diverse range of industry regulations and requirements. You’ll lead a skilled technical team tasked with strategically ensuring HRT’s compliance with global security standards, facilitating our growth into new markets with complex regulatory landscapes.

About the Role Ivalua is hiring an IT Manager - Security Operations Center (SOC) in New York City. This position leads a team focused on protecting company information systems and data. The IT Manager oversees daily security operations, manages the implementation of security protocols, and ensures compliance with industry standards. What You Will Do Lead and support the Security Operations Center team Oversee security operations to safeguard information systems and sensitive data Implement and maintain security protocols Monitor compliance with relevant industry standards Strengthen Ivalua’s overall security posture and help protect client information

Lead Bank builds modern banking infrastructure for embedded financial products and services. With headquarters in Kansas City and offices in San Francisco, Sunnyvale, and New York City, the team combines technology, product, design, and legal expertise to help shape the future of finance. The company operates at the intersection of technology and regulation, supporting fintech partners as they grow while remaining compliant and innovative. Technical depth in banking and payments systems, automated compliance, transparency, and operational integrity are core values at Lead Bank. Role overview The Senior Security Analyst joins the Security Operations team in New York on a hybrid schedule. This position focuses on strengthening detection and response capabilities across the organization. Work includes building detections, triaging alerts, responding to incidents, and proactively hunting threats in cloud infrastructure, security tools, and data pipelines. Mentoring junior analysts and collaborating with leadership to improve the security posture are also key parts of the role. Deep understanding of the regulatory landscape and experience defending against advanced persistent threats are important for success in this position. Key responsibilities Develop, tune, and maintain detection rules and alerts in the SIEM. Build queries to identify threats and coverage gaps using the MITRE ATT&CK framework. Lead incident response from start to finish, including containment, eradication, recovery, forensic log analysis, documenting lessons learned, and post-incident reporting. Monitor and investigate security events across endpoints, AWS cloud, identity, and network telemetry to detect misconfigurations, anomalous activities, and suspicious behaviors. Support security audits and regulatory examinations by providing timely and accurate security documentation and evidence.

Join Our Innovative Security TeamAt OpenAI, security is paramount to our mission of ensuring that artificial general intelligence serves the best interests of humanity. Our dedicated Security team safeguards OpenAI’s technology, personnel, and products. We are technical in our solutions and operational in our approach, committed to supporting all aspects of our products and research. Our guiding principles include prioritizing impactful initiatives, empowering our researchers, preparing for future technological advancements, and fostering a robust security culture.Your Role as an Application Security EngineerIn the role of Application Security Engineer, you will play a vital part in identifying and mitigating security vulnerabilities within our software applications. This involves creating security tools, conducting code reviews, performing penetration testing, and executing comprehensive security assessments.We seek individuals who will collaborate closely with development teams to embed secure coding practices throughout the software development lifecycle, preemptively addressing security risks. You will also offer security guidance to developers and stakeholders, promoting a culture of security awareness across the organization.This position is based in New York City, but we also consider candidates for remote work. Our hybrid work model requires three days in the office each week, and we offer relocation assistance for new employees.Key ResponsibilitiesConduct Security Assessments: Regularly perform security assessments, code reviews, and penetration tests to identify vulnerabilities in applications and software.Create and Implement Security Tools: Design and develop security tools, frameworks, and methodologies to defend applications against potential threats.Collaborate with Development Teams: Work hand-in-hand with development teams to ensure security best practices are integrated throughout the software development lifecycle, including secure coding standards.Threat Modeling and Risk Assessment: Carry out threat modeling and risk assessments to proactively identify potential risks and devise effective mitigation strategies.Manage Vulnerabilities: Track, analyze, and manage vulnerabilities within applications, providing guidance and support for remediation efforts.Incident Response Support: Assist in incident response efforts and contribute to the development of incident response protocols.

Employee Applicant Privacy Notice About SoFi SoFi is a national bank and financial services provider focused on helping millions of members achieve their financial goals. The company builds mobile-first technology that empowers users to take control of their finances. SoFi’s work directly impacts people’s lives and shapes the financial industry. Core values guide the team as they work to improve both careers and the broader financial landscape. Role Overview The Security Product Lead for Product & AI Security sets the strategy, roadmap, and measurable outcomes for securing SoFi’s product lifecycle and supporting AI/ML initiatives. This position sits within the Security Strategy & Delivery team and works closely with leaders and teams in Product Security, Engineering, and Data Science/AI. Main Responsibilities Define and communicate the strategic direction for Product Security and AI Security as internal security products. Align security initiatives with enterprise risk priorities. Develop and maintain a clear roadmap for security capabilities. Establish and track key performance indicators (KPIs) to measure success. Implement structured program governance for security initiatives. Collaborate across teams to integrate security controls throughout the software development lifecycle (SDLC). Address unique risks associated with AI/ML systems. Influence stakeholders and drive alignment without direct authority. Help protect member trust, company assets, and support business stability and growth. Location Roles are available in Seattle, WA; Cottonwood Heights, UT; San Francisco, CA; New York City, NY; and Frisco, TX.

About the Role Sigma Computing is seeking a Senior Security Engineer II focused on Cloud & Data Security to help safeguard our large-scale, cloud-native SaaS platform. This position centers on engineering: building security solutions, not just operating existing tools. The role calls for a subject matter expert in cloud security architecture. Collaboration with Engineering, Security, and Product teams is key, as is designing scalable controls that support business growth. Responsibilities include creating secure architectures, integrating controls into infrastructure-as-code, and setting up automated guardrails so teams can move quickly without waiting for manual security sign-offs. This is a hands-on position for someone who thrives in complex cloud environments, values automation, and knows how to scale security for a growing SaaS company. What You Will Do Architectural Leadership: Work closely with infrastructure and engineering teams to embed security into development workflows. Lead technical discussions that shape security strategy and initiatives. Multi-Cloud Engineering: Design, implement, and refine Sigma’s cloud security across AWS, GCP, and Azure, using deep architectural expertise. Threat Modeling & Incident Response: Conduct threat modeling for cloud environments and handle incident response, including investigation and remediation of malicious activity. Identity & Access Management: Develop strategies for IAM and privileged access (RBAC/ABAC, federation, least privilege, cross-account access). Remove standing privileges and long-lived credentials, and promote zero-trust and privileged access controls across IaaS and SaaS. Cloud Data Security Controls: Implement data classification, encryption/KMS, masking/tokenization, access governance, retention and deletion policies, and reduce exfiltration risks across APIs and data pipelines. Automated Remediation Workflows: Build automated responses for recurring cloud misconfigurations, drift, and policy violations to improve operational efficiency and response times. Security Stack Management: Deploy and manage cloud-native services, including CSPM, CNAPP, DSPM, SIEM, DLP, WAF, Kubernetes, and container security tools. Network Defense: Evaluate and implement zero-trust network security measures. Location: New York City, NY

The City of New York is seeking a dedicated and skilled Public Information Officer to join our team. In this pivotal role, you will be responsible for managing communication strategies, disseminating information to the public, and enhancing the city’s visibility through effective messaging. You will work closely with various departments to ensure accurate and timely information is shared with the community, engaging with citizens through multiple channels.

The NYC Financial Information Services Agency - Office of Payroll Administration (FISA-OPA) is looking for a dedicated Fiscal Analyst to join our Fiscal Services department. Reporting directly to the Deputy Director of Fiscal Services, the successful candidate will be responsible for managing the agency's Expense, Capital, and Revenue budgets while processing and tracking invoices efficiently on a daily basis.The Fiscal Analyst will play a crucial role in achieving financial accountability and sustainability within the Fiscal Services department. Responsibilities will include assisting in the strategic financial planning of the agency and preparing various submissions to the Office of Management and Budget (OMB). The ideal candidate should be detail-oriented, possess strong analytical skills, think independently, and demonstrate problem-solving capabilities, along with familiarity with the City of New York's Financial Management System (FMS), Excel, Word, or equivalent software.The selected candidate will:- Support the Fiscal Services Director and Deputy Director in preparing FISA-OPA’s PS and OTPS Budget submissions throughout the entire Budget cycle, including New Need, PEG, Financial Plan, CP requests, and Year-End submissions.- Review all expense and consultant invoices, ensuring compliance with NYC Comptroller’s Directives, New York City Charter, and Procurement Policy Board Rules Prompt Payment Guidelines. Act as a liaison between the agency and vendors to resolve billing issues, reconcile invoices, and correct payment discrepancies. Maintain and update all financial documents related to payments and purchase orders.- Track hiring and personnel actions for FISA and OPA, maintain the position schedule, prepare/review PAR submissions in NYCAPs, and liaise with OMB for all PAR requests.- Monthly update and maintain FISA-OPA overtime reports, tracking all paid overtime and comp time for management review.- Analyze monthly bank statements in collaboration with the Department of Finance (DOF) to address any discrepancies.- Conduct complex analyses on budget structures and bank accounts, reviewing expenditures against the plan across all categories of the PS and OTPS Budget. Forecast potential issues and recommend corrective actions to the Deputy Director. Carry out OMB exercises such as variance analysis, user cost analysis, and updates to the financial plan, ensuring compliance with reporting requirements.- Collaborate with business managers throughout the agency to identify funding needs and explore potential efficiencies.- Perform ongoing analysis and monitoring of IT projects, ensuring proper funding and accountability for expenditures. Regularly meet with the Deputy Director and other stakeholders to discuss project financials.

Join Lyratech Group as a Virtual Chief Information Officer (vCIO), where you will play a pivotal role in shaping the technological direction of our clients. As a vCIO, you will provide strategic oversight, guiding organizations in optimizing their IT infrastructure, enhancing cybersecurity measures, and leveraging data analytics for informed decision-making. You will collaborate closely with executive leadership to align IT strategies with business objectives, ensuring that technology investments drive growth and innovation.

Concentric seeks a Protective Security Specialist in New York City to help safeguard clients and their assets. This position centers on identifying potential threats and recommending strategies to reduce risk. Role overview The Protective Security Specialist evaluates security risks, creates protocols, and puts protective measures into practice. The goal is to maintain a secure environment for clients and their property. Key responsibilities Assess risks to clients and assets Develop and update security protocols Implement protective measures as needed Location This role is based in New York City, New York.

At January, we are on a mission to revolutionize consumer finance from the ground up. By personalizing interactions and optimizing decision-making throughout all stages of consumer credit, we empower both consumers and creditors, ensuring that credit is fair, accessible, and tailored to individual needs.As a Lead Security Engineer, you will redefine security standards in an industry where trust has been significantly compromised. This is a unique opportunity to join us at a pivotal moment: we have established the hard-earned trust of leading financial institutions, and now you will create the security framework that extends this trust to millions of consumers.You will design and implement a dual trust architecture, safeguarding both consumer-facing experiences and robust enterprise systems. You will tackle technical challenges that are unparalleled in the industry, such as privacy-preserving data systems, compliance automation across multiple jurisdictions, and AI-driven decision-making processes. Your influence will shape our security strategy and culture from the ground up, demonstrating that security is not merely an overhead cost, but a competitive advantage that drives enterprise partnerships and market growth.Your ImpactTransform security into a competitive edge: Position January's security as a key differentiator that attracts banks and enterprises, unlocking Tier 1 partnerships and deals that competitors cannot secure.Promote security-by-design in product and application development: Collaborate with product and engineering teams to identify critical risks early in the process, focusing on application security across frontend, Flask services, and databases. Integrate security into the discovery and design phases, ensuring secure development patterns are embedded in workflows.Design systems for bank-grade data protection: Create and enforce data classification, encryption, and access control mechanisms that comply with regulatory standards, ensuring sensitive data remains within authorized boundaries.Foster a security-first engineering culture: Advocate for security-centric thinking within engineering teams without hindering progress. Lead incident responses decisively, ensuring that January emerges stronger from security events through thorough post-incident analyses.Streamline compliance with minimal overhead: Maintain SOC 2, PCI-DSS, and financial compliance using automated systems and build infrastructure that generates audit evidence seamlessly, eliminating compliance bottlenecks.