\n(this position is remote but candidates must be based in the United States)\n \nWhat we believe  \nIn the past two years, more than a trillion dollars have been invested in software companies at record prices. And in many cases, the underlying tech is the greatest enabler to the business strategy. But has the approach to govern technology value creation caught up to the magnitude of the risk?   \n \nWe believe a better way is possible – a more programmatic, proactive approach to actively manage technology throughout the investment lifecycle – and that’s what we do.   \n  \nOur role  \nWe know that technology can create truly transformative change, and its role in business is only growing. Crosslake is here to support the changemakers and help them buy, build and run better technology.   \n  \nWhat we value  \nYou could be a good fit for Crosslake if you see yourself reflected in our guiding values:   \nService. We effect change by empowering others.  \nCuriosity. We believe great advice starts with deep understanding.  \nCredibility. Our expertise is earned and proven.   \nCommitment. It’s our privilege to serve clients in their critical moments.   \nCreativity. We are inspired by the constant pursuit of better. \n \nIn this role you will:\n\n\nWork with our private equity and portfolio company clients, consulting on how to apply an information security vision and strategy in alignment with customer business objectives.\n\n\nWork with customers to assess and address information security risks.\n\n\nInteract with customers executives (EX: CIO, CTO, CEO, DPO) to understand and implement desired change in the customers organization.\n\n\nAssist in leading enterprise-wide cybersecurity operations teams, processes, and responses.\n\n\nAssist in managing customer security programs including the achievement and/or maintenance of key compliance initiatives such as SOC, ISO27001, NIST, PCI, and SOX.\n\n\nExecute and direct the identification, containment, mitigation, and recovery activities related to cybersecurity incidents that may negatively impact customer assets or services.\n\n\nRepresent Crosslake in industry cybersecurity forums and working groups, including sector-specific cyber threat intelligence communities.\n\n\nWork with customers to evaluate, implement, and secure key systems within their environment.\n\n\nAnalyze and assess customer systems for security / risk exposure and provide business-prioritized remediation recommendations.\n\n\nAssist in handling the documentation, development, implementation, and maintenance of processes related to strong security and compliance controls in customer environments.\n\n\nWork with Operations teams to ensure security architectures are appropriately assessed and able to be supported.\n\n\nWork with Engineering and Operations teams to implement new technologies and security solutions in alignment with industry best practice and commonly accepted principles of secure design.\n\n\n\nKnowledge\n* Knowledge of legal and regulatory requirements, including the frameworks such as ISO27001, PCI, HIPAA, SOC, SOX, and NIST.\n* Strong knowledge around the requirements of the above frameworks and implementing security best practices within an organization.\n* Solid understanding of business management processes, including employing information security risk management and cybersecurity technologies\n* Knowledge of application security, cloud security, encryption techniques, identity and access management, mobile security, network security, and virtualization security.\n\n\n\nEducation/Experience\n* 15+ years securing organizations as an in-house team member or advisor / consultant in roles like: Chief Information Security Officer, Director / Manager of Information Security, Director / Manager of Compliance, Principal Security Analyst, Principal Security Engineer, Security Architect\n* Demonstrated history of being able to successfully implement security controls within an organization.\n* Experience in leading within a fast-paced, complex organization.\n* CISSP or equivalent certification is preferred.\n\n\n\nSkills\n* Ability to work from home (or an office of your choosing) and be self-directed, but also effectively collaborate with the team in both a remote and in-person capacity.\n* Strong technical acumen and technical horsepower\n* Be willing to learn and take on new areas that may be outside of your initial comfort zone.\n* Passion towards making others great and making a high-performing team even better.\n* An action-oriented personality – you know how to get stuff done.\n* Great communicator to peers, clients, executive leadership, and boards\n* Understanding customer objectives and driving results toward those objectives\n* Ability to learn fast and on-the-job.\n* Responding effectively to rapid change in needs, processes, and technologies\n* Ability to understand key concepts and communicate clearly and concisely, including technical details and processes.\n* Ability to collaborate effectively and build relationships at all levels, especially with senior leaders.\n* Strong organizational skills with the ability to perform under pressure and manage multiple priorities with competing demands for resources.\n* Robust analytical, data processing, and problem-solving skills\n* Proficiency in process formulation and improvement\n* Strong analytical skills, including managing multiple projects under strict timelines and working effectively in a dynamic environment to meet objectives.\n\n\n\n\n\n \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Cloud, Mobile and Senior jobs that are similar:\n\n $60,000 — $100,000/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n
\n\n#Location\nUS

\n\n\nWho is Trace3?\n\nTrace3 is a leading Transformative IT Authority, providing unique technology solutions and consulting services to our clients. Equipped with elite engineering and dynamic innovation, we empower IT executives and their organizations to achieve competitive advantage through a process of Integrate, Automate, Innovate.\n\nOur culture at Trace3 embodies the spirit of a startup with the advantage of a scalable business. Employees can grow their career and have fun while doing it!\n\nTrace3 is headquartered in Irvine, California. We employ more than 1000 people all over the United States. Our major field office locations include Atlanta, Denver, Detroit, Indianapolis, Grand Rapids, Lexington, Los Angeles, Louisville, San Diego, San Francisco, and Scottsdale.  \n\nReady to discover the possibilities that live in technology?\n\n \n\nCome Join Us!\n\nStreet-Smart - Thriving in Dynamic Times\n\nWe are flexible and resilient in a fast-changing environment. We continuously innovate and drive constructive change while keeping a focus on the “big picture.” We exercise sound business judgment in making high-quality decisions in a timely and cost-effective manner. We are highly creative and can dig deep within ourselves to find positive solutions to different problems.\n\nJuice - The “Stuff” it takes to be a Needle Mover \n\nWe get things done and drive results. We lead without a title, empowering others through a can-do attitude. We look forward to the goal, mentally mapping out every checkpoint on the pathway to success, and visualizing what the final destination looks and feels like.\n\nTeamwork - Humble, Hungry and Smart\n\nWe are humble individuals who understand how our job impacts the company's mission. We treat others with respect, admit mistakes, give credit where it’s due and demonstrate transparency. We “bring the weather” by exhibiting positive leadership and solution-focused thinking. We hug people in their trials, struggles, and failures – not just their success. We appreciate the individuality of the people around us.\n\n \n\nAbout the Role:\n\nTrace3 is seeking a dynamic and experienced Practice Director to lead and grow our DevSecOps consulting practice to help our customers in evaluating and implementing application security solutions.  As the Practice Director, you will play a pivotal role in driving the strategic direction and expansion of our practice to deliver innovative technology solutions to our clients. You will be responsible for developing and executing strategies to drive business growth, expand market presence, and enhance customer satisfaction. You will lead a team of talented professionals, fostering a culture of collaboration, innovation, and excellence.\n\nYou will also spend time being responsible for delivering application security services and advise our customers on secure software development.  This includes planning and leading the implementation and adoption of application security platform solutions, reviewing customer software architecture and source code, provide training for developers and management, and drive solutions adoption across multiple development teams. \n\nWhat You’ll Do:\n\n\n* Lead the strategic planning and execution of the practice's growth initiatives, including market analysis, solution development, and go-to-market strategies.\n\n* Collaborate with sales, marketing, and delivery teams to identify business opportunities, develop compelling value propositions, and win new business.\n\n* Provide thought leadership and industry expertise to guide clients in leveraging emerging technologies to achieve their business objectives.\n\n* Build and maintain strong relationships with clients, partners, and industry stakeholders to drive business expansion and client satisfaction.\n\n* Lead and mentor a team of consultants and technical experts, fostering a culture of continuous learning, professional development, and high performance.\n\n* Drive innovation and excellence in service delivery, ensuring the highest standards of quality, value, and customer satisfaction.\n\n* Partner with executive leadership to define and execute the practice's strategic goals and objectives, aligning with the overall vision and direction of the organization.\n\n\n\n\nQualifications & Interests:\n\n\n* Bachelor’s degree in Computer Science, Engineering, Business Administration, or related field; Master’s degree preferred.\n\n* Minimum of 10 years of experience in technology consulting, solution architecture, or related field, with a proven track record of success in driving business growth and delivering innovative solutions.\n\n* Strong leadership and management skills, with the ability to inspire and motivate teams to achieve exceptional results.\n\n* Demonstrated experience in developing and executing strategic plans, managing P&L, and driving revenue growth.\n\n* Entrepreneurial mindset, with a passion for driving innovation, exploring new opportunities, and pushing the boundaries of what’s possible.\n\n* Ability to thrive in a fast-paced, dynamic environment, with a high degree of flexibility, adaptability, and resilience.\n\n* Ability to assess customer requirements, identify business problems, and demonstrate proposed solutions\n\n* Experience with various application security tools including SAST, SCA, IAST, DAST, API Security, WAF, and RASP\n\n* Experience integrating and operating commercial application security solutions (SAST/SCA/DAST/IAST) such as Veracode, Checkmarx, Synopsys, WhiteSource, Snyk, Invicti – Accunetix or Netsparker, Contrast Security\n\n* Experience building secure software based on frameworks such as OWASP SAMM, ASVS, MASVS, CWE, SANS, BSIMM.\n\n* Deep Knowledge in implementing and integrating security tools into CI/CD\n\n* Experience with Agile methodologies such as Scrum and Kanban\n\n* Knowledge of developer tools and environments, project management and bug tracking systems\n\n* Understanding of cloud native development patterns and microservices architecture\n\n\n\n\nBONUS QUALIFICATIONS:\n\n\n* Experience with Mobile Application Security solutions and practices\n\n* Experience with cloud security posture management and cloud workload protection platform solutions such as (Aqua Security, Palo Alto Prisma Cloud, Sysdig, Lacework, Orca Security, Wiz)\n\n* Experience with Infrastructure as Code Security solutions such as Bridgecrew, Snyk, and Fugue\n\n* Understanding of service-oriented architecture (REST APIs, micro-services, etc) and security best practices\n\n* DevOps and Architecture experience and certifications with one of the major public cloud providers (AWS, Azure, Google Cloud)\n\n* Experience with securing containers, kubernetes, and AWS Lambda functions\n\n* Experience conducting secure coding training and implementing security champions program\n\n* Experience conducting threat modeling and application penetration testing\n\n* Prior consulting experience is a plus\n\n* Must have excellent interpersonal skills, a high degree of professionalism and the ability to design technology solutions for commercial and large enterprise companies\n\n* Excellent presentation, communication, and writing skills required\n\n\n\n\nThe Perks:\n\n\n* Comprehensive medical, dental and vision plans for you and your dependents\n\n* 401(k) Retirement Plan with Employer Match, 529 College Savings Plan, Health Savings Account, Life Insurance, and Long-Term Disability\n\n* Competitive Compensation\n\n* Training and development programs\n\n* Stocked kitchen with snacks and beverages\n\n* Collaborative and cool office culture\n\n* Work-life balance and generous paid time off\n\n\n\n\n***To all recruitment agencies: Trace3 does not accept unsolicited agency resumes/CVs. Please do not forward resumes/CVs to our careers email addresses, Trace3 employees or any other company location. Trace3 is not responsible for any fees related to unsolicited resumes/CVs. \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Design, DevOps, Cloud, API and Mobile jobs that are similar:\n\n $55,000 — $85,000/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n
\n\n#Location\nIrvine, California, United States

\nAbout Coalfire\n \nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.  \n \nBut that’s not who we are – that’s just what we do. \n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.   \n \nAnd we’re growing fast. \n\n\nWe’re looking for an Associate to support our Cloud Services team. \n\n\nThis can be a remote position (must be located in the United States).\n\n\nPosition Summary\n\n\nAs a Cloud Services Associate, you will play a critical role in driving customer intimacy and growth by understanding our clients’ businesses, industries, value propositions, and success requirements. You’ll leverage your expertise in gathering client requirements, working with technical teams on proposing solutions, and designing FedRAMP compliant cloud infrastructure. This is a great opportunity to join a dynamic team and make a meaningful impact for clients.\n\n\n\nWhat You'll Do \n* Assist in the coordination of large-scale cloud engagements\n* Provide both subject matter expertise and project management experience to serve as the “point person” for engagement teams\n* Participate in the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations\n* Contribute to cloud program management, service delivery model and strategy planning\n* Develop and review reports and presentations for both technical and executive audiences\n* Monitor progress and manage risk while ensuring stakeholders are kept informed about progress and expected outcomes\n* Leverage knowledge of industry trends to identify engagement and client service issues; communicate this information to the engagement team through written correspondence and verbal presentations\n* Work closely with engagement manager to co-lead and own multiple parts of the engagement delivery\n* Deliver quality client services. Drive high-quality work products within expected timeframes and on budget\n* Engage in development of client cloud and security strategies, vision-state architectures, roadmap, and planning activities\n* Engage with clients to perform cloud configuration and maturity reviews\n* Document requirements and ensure clear communication to the technical teams\n* Assist in designing FedRAMP compliant cloud infrastructure and solutions based on client requirements\n* Translate client requirements to the engineering team for execution\n* Advise across a myriad of technology stacks in the leading cloud providers like AWS, Azure, and GCP\n* Work with prospective clients to identify opportunities, scope engagements, and build relationships\n\n\n\nWhat You'll Bring \n* 1+ years of directly relevant systems engineering and architecture experience including requirements definition, architecture development, development of use cases and stories, and systems integration & test\n* Hands-on experience with AWS, Azure or GCP platform capabilities and services (Associate Cloud Architect, Cloud DevOps Engineer, or Cloud Security Engineer)\n* Critical thinking, and ability to balance security requirements with mission needs\n* Ability to work quickly, efficiently and accurately in a dynamic and fluid environment\n* BS or above in related Information Technology field or equivalent combination of education and experience\n* Excellent communication, organizational, and problem-solving skills\n\n\n\nBonus Points\n* Previous experience supporting clients from within a professional services organization\n* Project management experience for individual and team projects(ability to track detailed tasks and ensure timely delivery)\n* Cloud-based networking experience (Palo Alto, CheckPoint, Cisco ASAv, F5, etc....)\n* Expertise with serverless, microservices, and other modern application architectures\n* Familiarity with configuration baseline standards such as CIS Benchmarks & DISA STIG\n* Proven expertise in the implementation of encryption technologies (SSL, encryption, PKI)\n* Strong experience with Visio and Jira or MS Project\n* Familiarity with frameworks such as FedRAMP, FISMA, SOC, ISO, HIPAA, HITRUST, PCI, etc.\n\n\n\n\n\nWhy You'll Want to Join Us\n\n\nAt Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.\n\n\nRegardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.\n\n\nAt Coalfire, equal opportunity and pay equity is integral to the way we do business. A reasonable estimate of the compensation range for this role is $53,000 to $92,000 based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.\n\n\n#LI-Remote\n#LI-HJ1 \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Design, DevOps and Cloud jobs that are similar:\n\n $70,000 — $110,000/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n
\n\n#Location\nUnited States