Happy Techies is your personal career cheerleader, and we're here to help you get the job you deserve!

Jobs

Job Directory Data Engineer Remote Jobs Data Scientist Remote Jobs AI Engineer Jobs BI Analyst Jobs Power BI Jobs System Administrator Jobs

Resources

Community Perspectives Microsoft Partners Interview Preparation Resume Coaching and Review

Company

About us Contact us

Contact us

info@happytechies.com Dallas, TX

Copyright © 2025HappyTechies. All Rights Reserved

Login Employers

Lead Cyber Security GRC Analyst

Job TypeFulltime

Skills Required

LocationMiami, Florida

SalaryNo salary information was found.

Date Posted August 1, 2025

Lennar

The Lead Cyber Security GRC Analyst at Lennar is a senior leadership role focused on overseeing cybersecurity activities related to Governance, Risk, and Compliance (GRC). This position involves driving the strategic direction of the cybersecurity program to protect the organization against emerging threats.

Job description

Job Description Lead Cyber Security GRC Analyst We are Lennar Lennar is one of the nation's leading homebuilders, dedicated to making an impact and creating an extraordinary experience for their Homeowners, Communities, and Associates by building quality homes and providing exceptional customer service, giving back to the communities in which we work and live in, and fostering a culture of opportunity and growth for our Associates throughout their career. Lennar has been recognized as a Fortune 500® company and consistently ranked among the top homebuilders in the United States. Join a Company that Empowers you to Build your Future The Lead Security Analyst is a senior leadership position responsible for overseeing all cybersecurity activities of GRC. The Lead Analyst will drive the strategic direction of the cybersecurity program, ensuring the organization is well-protected against current and emerging threats. • A career with purpose. • A career built on making dreams come true. • A career built on building zero defect homes, cost management, and adherence to schedules. Summary The Lead Cyber Security GRC Analyst is a senior-level position responsible for driving the strategic direction and execution of the organization's Governance, Risk, and Compliance (GRC) initiatives. This role combines deep expertise in cybersecurity risk management with strong leadership capabilities to ensure the organization is protected against current and emerging threats. The Lead Analyst will lead GRC efforts, mentor junior team members, and collaborate with internal stakeholders to align security practices with business objectives. Your Responsibilities On The Team • Collaborate with internal teams to identify, assess, and mitigate security risks. • Manage third-party risk assessments and monitor vendor security posture. • Utilize GRC tools to document and track risk management activities. • Analyze complex data sets to identify trends and support decision-making. • Support compliance with internal policies and external regulatory requirements. • Participate in security audits and assessments, and support remediation efforts. • Maintain accurate documentation of risk assessments, treatment plans, and compliance activities. • Drive continuous improvement in GRC processes and tools. • Work closely with IT, Security, Legal, and Business teams to align GRC initiatives with organizational goals. • Lead the cybersecurity team from a technical perspective, guiding strategy and execution. • Develop and maintain the GRC framework, ensuring alignment with business objectives and industry standards. • Serve as a subject matter expert on cybersecurity issues, advising leadership on security risks and mitigation strategies. • Foster a culture of security awareness across the organization through training and education initiatives. • Mentor and coach junior cybersecurity team members, providing technical guidance and leadership. • Create and present risk posture discovery and recommendation reports to risk management leadership. • Review technical reports from vulnerability and penetration testing assessments, and results from tabletop exercises. • Monitor plans of action and milestones for risk remediation requirements from internal and external security assessments. • Liaison with technical and business teams related to business continuity and disaster recovery requirements. • Provide strong oversight of third parties, vendors, and business partners to safeguard reduce risk. • Interact with business units to understand their plans, risk posture and tolerance, and support their vision with security in mind. • Other work items as defined by management. Requirements • Bachelor’s degree in Computer Science, Information Security, or a related field; Master’s degree preferred. • 7+ years of experience in cybersecurity, with a focus on GRC, third party risk management, vulnerability management, audit management, and leadership. • Proven experience in cyber security risk assessment and risk treatment planning. • Strong collaboration skills with internal stakeholders across a complex IT environment. • Experience with third-party risk management using tools such as Security Scorecard and OneTrust. • Proficiency with GRC tools, preferably AuditBoard, ServiceNow, or Archer. • Working knowledge of Microsoft Office applications. • Demonstrated teamwork and collaboration in a complex IT environment. • Strong problem-solving skills and ability to analyze complex data sets with minimal oversight. • Self-starter with the ability to drive risk projects to completion. • Knowledge of vulnerabilities, SaaS applications, Cloud environments, and application security. • Understanding of technical vulnerability management and operating systems. • Familiarity with security testing tools and procedures. • Familiarity with IT service management (ServiceNow preferred). • Experience with project management tools (Jira preferred). • Strong knowledge of cybersecurity tools, techniques, and frameworks. • Excellent analytical, communication, and documentation skills. • Familiarity with regulatory requirements such as PCI-DSS, FFIEC, SOX, HIPAA, GDPR, GLBA, and frameworks like ISO, ITIL, NIST. • General understanding of the Factor Analysis of Information Risk (FAIR) methodology. • Advanced certifications (e.g., CISSP, CISM, CISA, CRISC) required; additional certifications (e.g., CCSP, CGEIT, CEH, GCCC, GSEC) preferred. Physical & Office/Site Presence Requirements Regular, in-person attendance at the Lennar office during regular work hours is an essential function of this job. This is primarily a sedentary office position which requires the incumbent to have the ability to operate computer equipment, speak, hear, bend, stoop, reach, lift, and move and carry up to 25 lbs. Finger dexterity is necessary. Life at Lennar At Lennar, we are committed to fostering a supportive and enriching environment for our Associates, offering a comprehensive array of benefits designed to enhance their well-being and professional growth. Our Associates have access to robust health insurance plans, including Medical, Dental, and Vision coverage, ensuring their health needs are well taken care of. Our 401(k) Retirement Plan, complete with a $1 for $1 Company Match up to 5%, helps secure their financial future, while Paid Parental Leave and an Associate Assistance Plan provide essential support during life's critical moments. To further support our Associates, we provide an Education Assistance Program and up to $30,000 in Adoption Assistance, underscoring our commitment to their diverse needs and aspirations. From the moment of hire, they can enjoy up to three weeks of vacation annually, alongside generous Holiday, Sick Leave, and Personal Day policies. Additionally, we offer a New Hire Referral Bonus Program, significant Home Purchase Discounts, and unique opportunities such as the Everyone’s Included Day. At Lennar, we believe in investing in our Associates, empowering them to thrive both personally and professionally. Lennar Associates will have access to these benefits as outlined by Lennar’s policies and applicable plan terms. Visit Lennartotalrewards.com to view our suite of benefits. Join the fun and follow us on social media to see what's happening at our company, and don't forget to connect with us on Lennar: Overview | LinkedInhttps://www.linkedin.com/company/lennar/> for the latest job opportunities. Lennar is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws.

Requirements

• 7+ years of experience in cybersecurity, with a focus on GRC, third party risk management, vulnerability management, audit management, and leadership

• Proven experience in cyber security risk assessment and risk treatment planning

• Strong collaboration skills with internal stakeholders across a complex IT environment

• Experience with third-party risk management using tools such as Security Scorecard and OneTrust

• Proficiency with GRC tools, preferably AuditBoard, ServiceNow, or Archer

• Working knowledge of Microsoft Office applications

• Demonstrated teamwork and collaboration in a complex IT environment

• Strong problem-solving skills and ability to analyze complex data sets with minimal oversight

• Self-starter with the ability to drive risk projects to completion

• Knowledge of vulnerabilities, SaaS applications, Cloud environments, and application security

• Understanding of technical vulnerability management and operating systems

• Familiarity with security testing tools and procedures

• Strong knowledge of cybersecurity tools, techniques, and frameworks

• Excellent analytical, communication, and documentation skills

• Familiarity with regulatory requirements such as PCI-DSS, FFIEC, SOX, HIPAA, GDPR, GLBA, and frameworks like ISO, ITIL, NIST

• General understanding of the Factor Analysis of Information Risk (FAIR) methodology

• Physical & Office/Site Presence Requirements

• Regular, in-person attendance at the Lennar office during regular work hours is an essential function of this job

• This is primarily a sedentary office position which requires the incumbent to have the ability to operate computer equipment, speak, hear, bend, stoop, reach, lift, and move and carry up to 25 lbs

• Finger dexterity is necessary

Similar Jobs

Applied Research Solutions

Information Systems Security Analyst

Beavercreek, Ohio

Applied Research Solutions is seeking an entry-level Information Systems Security Analyst to support security operations and compliance in a hybrid Azure environment. Ideal for candidates with a background in IT support looking to transition into cybersecurity.

Cloud Solution Architect - Security

Washington, District of Columbia

Microsoft is seeking a Cloud Solution Architect - Security to drive customer security transformation on Azure and Microsoft 365 platforms. This role involves owning the technical relationship and strategy for security-focused customer engagements.

Information Security Engineer II - Full-time

St Paul, Minnesota

Lumen is seeking an Information Security Engineer II to manage and secure the enterprise's firewall and VPN operations. This role involves maintaining network security, resolving incidents, and collaborating with internal stakeholders.

Application Security Engineer - Remote

_Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must possess a solid understanding of the security and privacy of our company's applications and data. The Application Security Engineer must understand development, coding, security engineering, and secure systems configurations. This position ensures that every step of the software development lifecycle (SDLC) follows security best practices. This involves conducting security assessments with SAST and DAST tools, reading source code, threat modeling, and designing and implementing secure software development practices. They will determine where security vulnerabilities exist and implement fixes. They must understand how an application may be misused and exploited. The Application Security Engineer will collaborate with software development teams and provide guidance on best practices for secure coding. They will also stay up to date on the latest security trends and technologies and integrate them into the organization's security strategy. The ideal candidate will have strong analytical and problem-solving skills, as well as experience in application security and knowledge of programming languages and web technologies. A Bachelor's degree in Computer Science and certifications such as CISSP, OSCP, or CASE are preferred. ESSENTIAL FUNCTIONS Conduct security assessments that require expertise of our organization's applications using both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) methodologies. Collaborate with software development teams to integrate security into the development life cycle. Conduct security assessments of web, mobile, and other applications. Analyze security assessment results to identify security vulnerabilities and provide guidance on remediation. Design and implement secure software development practices, including threat modeling, secure coding standards, and code review. Stay current with security threats, trends, and technologies, and recommend new security controls as needed. Conduct application security investigations and provide recommendations to mitigate risk. Maintain security documentation, provide subject matter expertise, and collaborate on security policies, procedures, and standards. ADDITIONAL RESPONSIBILITIES Performs other duties as assigned. EDUCATION Bachelor's degree in computer science, information security, or a related field EXPERIENCE Five (5) years or more experience with OWASP, SAST, DAST, SCA, RASP and common security tools, required. Seven (7) years or more application security, security engineering, software development, or a related field, required. Five (5) years or more strong understanding of web application security and common attack vectors. (e.g. SQL injection, XSS, CSRF), required. Five (5) years or more experience with secure coding practices, threat modeling, and secure software development life cycle (SDLC) methodologies. required Five (5) years or more proven experience in diagnosing, isolating, resolving complex issues and recommending/implementing strategies to resolve problems, required. Five (5) years or more demonstrated experience with systems integration processes, methodology and tools, required. Seven (7) years or more development and scripting experience, required. Five (5) years or more professional application security role, required. Five (5) years or more experience with API and Web Security, required. Three (3) years or more experience with WAF, or similar application security infrastructure a plus, preferred. Seven (7) years or more experience in integrating security in CI/CD, DevOps, required. Six (6) years or more experience process or operation management Six (6) years or more experience Value Stream Mapping, Continuous Flow, Pull Replenishment and other process improvement experience. SKILLS Excellent communication skills, both verbal and written, and the ability to work effectively with cross-functional teams. Ability to create and maintain professional relationships within all levels of the organization (peers, work groups, customers, supervisors). Ability to work independently and as a member of a team. Flexibility to operate and self-driven to excel in a fast-paced environment. Capable of multi-tasking, highly organized, with excellent time management skills Proficiency in at least one programming language (e.g. Python, .NET, Javascript) with .NET preferred., advanced, required. Proficiency in at least one common scripting language (e.g. PowerShell, bash, etc.), advanced, required. Familiarity of NIST framework, PCI, ISO 27001, SOC, SOX, CCPA, GDPR and global regulations, expert, required. CI/CD experience with Azure Devops, Terraform or other automation and integration technologies, expert, required. Risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy, advanced, required. LICENSES CISSP, OSCP, CASE, or other industry-leading certifications, preferred. TRAVEL 1-10% Applicants from California, Colorado, Hawaii, New Jersey, New York City, and Washington: Salary is determined based on internal equity; internal salary ranges; market data/ranges; applicant’s skills; prior relevant experience; certain degrees or certifications, etc. The salary for this position ranges from $120,000.00 to $150,000.00. Employees may also be eligible to receive an annual bonus, as applicable. Ryder offers comprehensive health and welfare benefits, to include medical, prescription, dental, vision, life insurance and disability insurance options, as well as paid time off for vacation, illness, bereavement, family and parental leave, and a tax advantaged 401(k) retirement savings plan Job Category: Information Security Ryder is proud to be an Equal Opportunity Employer and Drug Free workplace. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability. _Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( Current Employees: If you are a current employee at Ryder (not a Contractor or temporary employee through a staffing agency), please click here ( to log in to Workday to apply using the internal application process. #wd

CI/CDAzureAzure Devops

Application Security Engineer - Remote

_Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must possess a solid understanding of the security and privacy of our company's applications and data. The Application Security Engineer must understand development, coding, security engineering, and secure systems configurations. This position ensures that every step of the software development lifecycle (SDLC) follows security best practices. This involves conducting security assessments with SAST and DAST tools, reading source code, threat modeling, and designing and implementing secure software development practices. They will determine where security vulnerabilities exist and implement fixes. They must understand how an application may be misused and exploited. The Application Security Engineer will collaborate with software development teams and provide guidance on best practices for secure coding. They will also stay up to date on the latest security trends and technologies and integrate them into the organization's security strategy. The ideal candidate will have strong analytical and problem-solving skills, as well as experience in application security and knowledge of programming languages and web technologies. A Bachelor's degree in Computer Science and certifications such as CISSP, OSCP, or CASE are preferred. ESSENTIAL FUNCTIONS Conduct security assessments that require expertise of our organization's applications using both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) methodologies. Collaborate with software development teams to integrate security into the development life cycle. Conduct security assessments of web, mobile, and other applications. Analyze security assessment results to identify security vulnerabilities and provide guidance on remediation. Design and implement secure software development practices, including threat modeling, secure coding standards, and code review. Stay current with security threats, trends, and technologies, and recommend new security controls as needed. Conduct application security investigations and provide recommendations to mitigate risk. Maintain security documentation, provide subject matter expertise, and collaborate on security policies, procedures, and standards. ADDITIONAL RESPONSIBILITIES Performs other duties as assigned. EDUCATION Bachelor's degree in computer science, information security, or a related field EXPERIENCE Five (5) years or more experience with OWASP, SAST, DAST, SCA, RASP and common security tools, required. Seven (7) years or more application security, security engineering, software development, or a related field, required. Five (5) years or more strong understanding of web application security and common attack vectors. (e.g. SQL injection, XSS, CSRF), required. Five (5) years or more experience with secure coding practices, threat modeling, and secure software development life cycle (SDLC) methodologies. required Five (5) years or more proven experience in diagnosing, isolating, resolving complex issues and recommending/implementing strategies to resolve problems, required. Five (5) years or more demonstrated experience with systems integration processes, methodology and tools, required. Seven (7) years or more development and scripting experience, required. Five (5) years or more professional application security role, required. Five (5) years or more experience with API and Web Security, required. Three (3) years or more experience with WAF, or similar application security infrastructure a plus, preferred. Seven (7) years or more experience in integrating security in CI/CD, DevOps, required. Six (6) years or more experience process or operation management Six (6) years or more experience Value Stream Mapping, Continuous Flow, Pull Replenishment and other process improvement experience. SKILLS Excellent communication skills, both verbal and written, and the ability to work effectively with cross-functional teams. Ability to create and maintain professional relationships within all levels of the organization (peers, work groups, customers, supervisors). Ability to work independently and as a member of a team. Flexibility to operate and self-driven to excel in a fast-paced environment. Capable of multi-tasking, highly organized, with excellent time management skills Proficiency in at least one programming language (e.g. Python, .NET, Javascript) with .NET preferred., advanced, required. Proficiency in at least one common scripting language (e.g. PowerShell, bash, etc.), advanced, required. Familiarity of NIST framework, PCI, ISO 27001, SOC, SOX, CCPA, GDPR and global regulations, expert, required. CI/CD experience with Azure Devops, Terraform or other automation and integration technologies, expert, required. Risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy, advanced, required. LICENSES CISSP, OSCP, CASE, or other industry-leading certifications, preferred. TRAVEL 1-10% Applicants from California, Colorado, Hawaii, New Jersey, New York City, and Washington: Salary is determined based on internal equity; internal salary ranges; market data/ranges; applicant’s skills; prior relevant experience; certain degrees or certifications, etc. The salary for this position ranges from $120,000.00 to $150,000.00. Employees may also be eligible to receive an annual bonus, as applicable. Ryder offers comprehensive health and welfare benefits, to include medical, prescription, dental, vision, life insurance and disability insurance options, as well as paid time off for vacation, illness, bereavement, family and parental leave, and a tax advantaged 401(k) retirement savings plan Job Category: Information Security Ryder is proud to be an Equal Opportunity Employer and Drug Free workplace. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability. _Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( Current Employees: If you are a current employee at Ryder (not a Contractor or temporary employee through a staffing agency), please click here ( to log in to Workday to apply using the internal application process. #wd

CI/CDAzureAzure Devops

Engineer, Information Security - (Network Security)

Charlotte, North Carolina

The Engineer, Information Security (Network Security) at Lowes is responsible for supporting the design and implementation of information security tools and services. This role involves ensuring the protection of information assets and compliance with security practices.

Cloud Solution Architect - Security

Burnsville, North Carolina

Microsoft is seeking a Cloud Solution Architect - Security to drive customer security transformation on Azure and Microsoft 365 platforms. This role involves owning the technical relationship and strategy for security-focused customer engagements.

American Express Global Business Travel

Director of Application Security - Full-time

Santa Fe, New Mexico

The Director of Application Security at American Express Global Business Travel will lead the strategic development of a world-class application security program, focusing on integrating security into the software development lifecycle. This role involves managing a global team and collaborating with various technical teams to enhance security practices across the organization.

CI/CDGitHubJenkins

Security Architect - Azure

Denver, Colorado

Swanktek is seeking a Security Architect specializing in Azure to design and implement secure cloud solutions. The role involves leading Azure security initiatives, conducting assessments, and advising teams on best practices.

American Express Global Business Travel

Director of Application Security - Full-time

Honolulu, Hawaii

American Express Global Business Travel is seeking a Director of Application Security to lead the development of a world-class application security program. This role involves embedding security across the software development lifecycle and managing a global team of security engineers.

CI/CDGitHubJenkins

Applied Research Solutions

Information Systems Security Analyst

Beavercreek, Ohio

Applied Research Solutions is seeking an entry-level Information Systems Security Analyst to support security operations and compliance in a hybrid Azure environment. Ideal for candidates with a background in IT support looking to transition into cybersecurity.

Cloud Solution Architect - Security

Washington, District of Columbia

Microsoft is seeking a Cloud Solution Architect - Security to drive customer security transformation on Azure and Microsoft 365 platforms. This role involves owning the technical relationship and strategy for security-focused customer engagements.

Information Security Engineer II - Full-time

St Paul, Minnesota

Lumen is seeking an Information Security Engineer II to manage and secure the enterprise's firewall and VPN operations. This role involves maintaining network security, resolving incidents, and collaborating with internal stakeholders.

Application Security Engineer - Remote

_Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must possess a solid understanding of the security and privacy of our company's applications and data. The Application Security Engineer must understand development, coding, security engineering, and secure systems configurations. This position ensures that every step of the software development lifecycle (SDLC) follows security best practices. This involves conducting security assessments with SAST and DAST tools, reading source code, threat modeling, and designing and implementing secure software development practices. They will determine where security vulnerabilities exist and implement fixes. They must understand how an application may be misused and exploited. The Application Security Engineer will collaborate with software development teams and provide guidance on best practices for secure coding. They will also stay up to date on the latest security trends and technologies and integrate them into the organization's security strategy. The ideal candidate will have strong analytical and problem-solving skills, as well as experience in application security and knowledge of programming languages and web technologies. A Bachelor's degree in Computer Science and certifications such as CISSP, OSCP, or CASE are preferred. ESSENTIAL FUNCTIONS Conduct security assessments that require expertise of our organization's applications using both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) methodologies. Collaborate with software development teams to integrate security into the development life cycle. Conduct security assessments of web, mobile, and other applications. Analyze security assessment results to identify security vulnerabilities and provide guidance on remediation. Design and implement secure software development practices, including threat modeling, secure coding standards, and code review. Stay current with security threats, trends, and technologies, and recommend new security controls as needed. Conduct application security investigations and provide recommendations to mitigate risk. Maintain security documentation, provide subject matter expertise, and collaborate on security policies, procedures, and standards. ADDITIONAL RESPONSIBILITIES Performs other duties as assigned. EDUCATION Bachelor's degree in computer science, information security, or a related field EXPERIENCE Five (5) years or more experience with OWASP, SAST, DAST, SCA, RASP and common security tools, required. Seven (7) years or more application security, security engineering, software development, or a related field, required. Five (5) years or more strong understanding of web application security and common attack vectors. (e.g. SQL injection, XSS, CSRF), required. Five (5) years or more experience with secure coding practices, threat modeling, and secure software development life cycle (SDLC) methodologies. required Five (5) years or more proven experience in diagnosing, isolating, resolving complex issues and recommending/implementing strategies to resolve problems, required. Five (5) years or more demonstrated experience with systems integration processes, methodology and tools, required. Seven (7) years or more development and scripting experience, required. Five (5) years or more professional application security role, required. Five (5) years or more experience with API and Web Security, required. Three (3) years or more experience with WAF, or similar application security infrastructure a plus, preferred. Seven (7) years or more experience in integrating security in CI/CD, DevOps, required. Six (6) years or more experience process or operation management Six (6) years or more experience Value Stream Mapping, Continuous Flow, Pull Replenishment and other process improvement experience. SKILLS Excellent communication skills, both verbal and written, and the ability to work effectively with cross-functional teams. Ability to create and maintain professional relationships within all levels of the organization (peers, work groups, customers, supervisors). Ability to work independently and as a member of a team. Flexibility to operate and self-driven to excel in a fast-paced environment. Capable of multi-tasking, highly organized, with excellent time management skills Proficiency in at least one programming language (e.g. Python, .NET, Javascript) with .NET preferred., advanced, required. Proficiency in at least one common scripting language (e.g. PowerShell, bash, etc.), advanced, required. Familiarity of NIST framework, PCI, ISO 27001, SOC, SOX, CCPA, GDPR and global regulations, expert, required. CI/CD experience with Azure Devops, Terraform or other automation and integration technologies, expert, required. Risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy, advanced, required. LICENSES CISSP, OSCP, CASE, or other industry-leading certifications, preferred. TRAVEL 1-10% Applicants from California, Colorado, Hawaii, New Jersey, New York City, and Washington: Salary is determined based on internal equity; internal salary ranges; market data/ranges; applicant’s skills; prior relevant experience; certain degrees or certifications, etc. The salary for this position ranges from $120,000.00 to $150,000.00. Employees may also be eligible to receive an annual bonus, as applicable. Ryder offers comprehensive health and welfare benefits, to include medical, prescription, dental, vision, life insurance and disability insurance options, as well as paid time off for vacation, illness, bereavement, family and parental leave, and a tax advantaged 401(k) retirement savings plan Job Category: Information Security Ryder is proud to be an Equal Opportunity Employer and Drug Free workplace. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability. _Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( Current Employees: If you are a current employee at Ryder (not a Contractor or temporary employee through a staffing agency), please click here ( to log in to Workday to apply using the internal application process. #wd

CI/CDAzureAzure Devops

Application Security Engineer - Remote

_Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must possess a solid understanding of the security and privacy of our company's applications and data. The Application Security Engineer must understand development, coding, security engineering, and secure systems configurations. This position ensures that every step of the software development lifecycle (SDLC) follows security best practices. This involves conducting security assessments with SAST and DAST tools, reading source code, threat modeling, and designing and implementing secure software development practices. They will determine where security vulnerabilities exist and implement fixes. They must understand how an application may be misused and exploited. The Application Security Engineer will collaborate with software development teams and provide guidance on best practices for secure coding. They will also stay up to date on the latest security trends and technologies and integrate them into the organization's security strategy. The ideal candidate will have strong analytical and problem-solving skills, as well as experience in application security and knowledge of programming languages and web technologies. A Bachelor's degree in Computer Science and certifications such as CISSP, OSCP, or CASE are preferred. ESSENTIAL FUNCTIONS Conduct security assessments that require expertise of our organization's applications using both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) methodologies. Collaborate with software development teams to integrate security into the development life cycle. Conduct security assessments of web, mobile, and other applications. Analyze security assessment results to identify security vulnerabilities and provide guidance on remediation. Design and implement secure software development practices, including threat modeling, secure coding standards, and code review. Stay current with security threats, trends, and technologies, and recommend new security controls as needed. Conduct application security investigations and provide recommendations to mitigate risk. Maintain security documentation, provide subject matter expertise, and collaborate on security policies, procedures, and standards. ADDITIONAL RESPONSIBILITIES Performs other duties as assigned. EDUCATION Bachelor's degree in computer science, information security, or a related field EXPERIENCE Five (5) years or more experience with OWASP, SAST, DAST, SCA, RASP and common security tools, required. Seven (7) years or more application security, security engineering, software development, or a related field, required. Five (5) years or more strong understanding of web application security and common attack vectors. (e.g. SQL injection, XSS, CSRF), required. Five (5) years or more experience with secure coding practices, threat modeling, and secure software development life cycle (SDLC) methodologies. required Five (5) years or more proven experience in diagnosing, isolating, resolving complex issues and recommending/implementing strategies to resolve problems, required. Five (5) years or more demonstrated experience with systems integration processes, methodology and tools, required. Seven (7) years or more development and scripting experience, required. Five (5) years or more professional application security role, required. Five (5) years or more experience with API and Web Security, required. Three (3) years or more experience with WAF, or similar application security infrastructure a plus, preferred. Seven (7) years or more experience in integrating security in CI/CD, DevOps, required. Six (6) years or more experience process or operation management Six (6) years or more experience Value Stream Mapping, Continuous Flow, Pull Replenishment and other process improvement experience. SKILLS Excellent communication skills, both verbal and written, and the ability to work effectively with cross-functional teams. Ability to create and maintain professional relationships within all levels of the organization (peers, work groups, customers, supervisors). Ability to work independently and as a member of a team. Flexibility to operate and self-driven to excel in a fast-paced environment. Capable of multi-tasking, highly organized, with excellent time management skills Proficiency in at least one programming language (e.g. Python, .NET, Javascript) with .NET preferred., advanced, required. Proficiency in at least one common scripting language (e.g. PowerShell, bash, etc.), advanced, required. Familiarity of NIST framework, PCI, ISO 27001, SOC, SOX, CCPA, GDPR and global regulations, expert, required. CI/CD experience with Azure Devops, Terraform or other automation and integration technologies, expert, required. Risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy, advanced, required. LICENSES CISSP, OSCP, CASE, or other industry-leading certifications, preferred. TRAVEL 1-10% Applicants from California, Colorado, Hawaii, New Jersey, New York City, and Washington: Salary is determined based on internal equity; internal salary ranges; market data/ranges; applicant’s skills; prior relevant experience; certain degrees or certifications, etc. The salary for this position ranges from $120,000.00 to $150,000.00. Employees may also be eligible to receive an annual bonus, as applicable. Ryder offers comprehensive health and welfare benefits, to include medical, prescription, dental, vision, life insurance and disability insurance options, as well as paid time off for vacation, illness, bereavement, family and parental leave, and a tax advantaged 401(k) retirement savings plan Job Category: Information Security Ryder is proud to be an Equal Opportunity Employer and Drug Free workplace. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability. _Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( Current Employees: If you are a current employee at Ryder (not a Contractor or temporary employee through a staffing agency), please click here ( to log in to Workday to apply using the internal application process. #wd

CI/CDAzureAzure Devops

Engineer, Information Security - (Network Security)

Charlotte, North Carolina

The Engineer, Information Security (Network Security) at Lowes is responsible for supporting the design and implementation of information security tools and services. This role involves ensuring the protection of information assets and compliance with security practices.

Cloud Solution Architect - Security

Burnsville, North Carolina

Microsoft is seeking a Cloud Solution Architect - Security to drive customer security transformation on Azure and Microsoft 365 platforms. This role involves owning the technical relationship and strategy for security-focused customer engagements.

American Express Global Business Travel

Director of Application Security - Full-time

Santa Fe, New Mexico

The Director of Application Security at American Express Global Business Travel will lead the strategic development of a world-class application security program, focusing on integrating security into the software development lifecycle. This role involves managing a global team and collaborating with various technical teams to enhance security practices across the organization.

CI/CDGitHubJenkins

Security Architect - Azure

Denver, Colorado

Swanktek is seeking a Security Architect specializing in Azure to design and implement secure cloud solutions. The role involves leading Azure security initiatives, conducting assessments, and advising teams on best practices.

American Express Global Business Travel

Director of Application Security - Full-time

Honolulu, Hawaii

American Express Global Business Travel is seeking a Director of Application Security to lead the development of a world-class application security program. This role involves embedding security across the software development lifecycle and managing a global team of security engineers.

CI/CDGitHubJenkins

Applied Research Solutions

Information Systems Security Analyst

Beavercreek, Ohio

Applied Research Solutions is seeking an entry-level Information Systems Security Analyst to support security operations and compliance in a hybrid Azure environment. Ideal for candidates with a background in IT support looking to transition into cybersecurity.

Cloud Solution Architect - Security

Washington, District of Columbia

Microsoft is seeking a Cloud Solution Architect - Security to drive customer security transformation on Azure and Microsoft 365 platforms. This role involves owning the technical relationship and strategy for security-focused customer engagements.

Job TypeFulltime

Skills Required

LocationMiami, Florida

SalaryNo salary information was found.

Date Posted August 1, 2025

Lennar

The Lead Cyber Security GRC Analyst at Lennar is a senior leadership role focused on overseeing cybersecurity activities related to Governance, Risk, and Compliance (GRC). This position involves driving the strategic direction of the cybersecurity program to protect the organization against emerging threats.