Cloud Software Engineer, FinOps

Thorlabs is pleased to play a role in advancing science through the components, instruments, and systems we design and manufacture. We believe that science and innovation have great potential to improve the world around us and are committed to advancing photonics (i.e., light-based) technologies that positively impact our customers, employees, and communities. Via educational outreach and more sustainable business practices, we continuously invest in a brighter future. We recognize that each of our employees is a unique individual with the ability to contribute to our success and seek to find great people who will thrive in our fun, fast-paced culture. The Security Engineering Manager will lead the evolution of our cybersecurity engineering, architecture, and operations. This role bridges strategic and tactical domains – collaborate cross-functionally with IT and business stakeholders, oversee enterprise security architecture (both Cloud and on-prem), manage security engineering team, and optimize security operations (including an outsourced SOC). This is a strategic role designed for a seasoned security expert with a proven ability to manage teams, architect complex solutions, and influence across departments. The successful candidate must be strategic while also comfortable at tactical level, with both leadership and hands-on responsibilities. Although the location of the position is in Newton, NJ, from time to time it may be required to undertake duties at other Thorlabs locations. Essential Job Functions include the following, but are not limited to: Leadership & Strategy Serve as a strategic advisor to the IT leadership team on emerging threats, investment priorities, and security posture. Set and track KPIs, KRIs, OKRs, and metrics to ensure effectiveness and continuous improvement. Collaborate closely with Infrastructure and Operations, Enterprise Applications, Application Development, and Enterprise Data teams to embed security into their processes. Present to executive stakeholders and help translate technical risk into business impact. Serve as the security SME in enterprise projects and technology investments, including tool evaluations, acquisitions, and divestitures, including strategic planning, budgeting, and cross-functional alignment. Security Architecture & Engineering Define and drive the enterprise security architecture roadmap across infrastructure, cloud, applications, and Operational Technology (OT). Lead the design and implementation of security controls, frameworks, and reference architectures. Oversee architecture reviews, and secure-by-design practices across the organization. Ensure baseline security measures are implemented and monitored (e.g., hardening, patching, zero trust, segmentation). Manage integration and ongoing optimization of security tools (e.g., CSPM, CNAPP, IAM, PKI, DLP). Identity & Access Management (IAM) Lead the Security Engineering function responsible for Identity and Access Management Architect and enhance enterprise IAM strategy including RBAC, PAM, MFA, SoD, and JML lifecycle. Drive IAM policy creation and enforcement across service, privileged, and user accounts. Guide the definition of IAM operating models, access certification processes, and automation of identity governance. Security Operations & Incident Response Oversee day-to-day security operations including SOC management (outsourced), SIEM/SOAR (Microsoft Sentinel), EDR/XDR, and threat detection and response. Collaborate with the SOC to improve detection rules, reduce false positives, and ensure robust incident detection and response capabilities. Plan and oversee penetration testing, forensic analysis, and incident investigations. Governance, Risk, & Compliance Align security architecture and operations with regulatory frameworks such as NIST, ISO 27001, CMMC, PCI-DSS, and GDPR. Partner with the GRC and Audit teams to ensure technical controls support broader compliance and risk. Coordinate with the GRC team to support policy development, risk assessments, and business continuity/disaster recovery planning. Requirements Physical Activities: The employee is occasionally required to stoop, kneel, crouch, climb or crawl. The employee must frequently lift and move up to 10 pounds and occasionally lift and move up to 25 pounds. Qualifications Experience: 10+ years of experience in cybersecurity with increasing leadership responsibility, with at least 4+ years direct people management in technical security teams. Extensive experience in security architecture, cloud platforms (Microsoft Azure, M365), and enterprise security tools. Strong command of at least 3 of the following core security domains: IAM, SIEM, vulnerability management, network security, DevSecOps, and incident response. Experience leading or managing an outsourced SOC or MDR provider. Proven leadership in security engineering and operations in a hybrid (cloud/on-prem) environment. Education: Bachelor’s degree in computer science, Engineering, related field, or equivalent work experience. Specialized Knowledge and Skills: Advanced degree (e.g., MS in Cybersecurity) is a plus. Certifications such as CISSP, CISM, Microsoft Certified: Cybersecurity Architect Expert, Azure Solutions Architect, or CEH. Experience with Microsoft Defender suite, Intune, Microsoft Sentinel, various IAM and Vulnerability Management Tools. Familiarity with security control frameworks (e.g., NIST CSF, MITRE ATT&CK, CIS). Excellent communication and interpersonal skills, with proven ability to lead across functions and influence executive stakeholders. Experience in Zero Trust architecture and OT security a big plus. Salary range for this position is $111,000 - $165,000 depending on experience Thorlabs values its diverse environment and is proud to be an Equal Employment Opportunity/Affirmative Action Employer. All qualified individuals will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. Job descriptions are not intended as and do not create employment contracts. The organization maintains its status as an at-will employer. Employees can be terminated for any reason not prohibited by law.

Resource Management Concepts, Inc. (RMC) provides high-quality, professional services to government and commercial sectors. Our mission is to deliver exceptional management and technology solutions supporting the protection and preservation of the people and environment of the United States of America. RMC is hiring a Program/Project Management Analyst to support our NAVAIR customer in Patuxent River, MD. The selected applicant will perform a variety of program and project management support activities, including, but not limited to: Applying analytic techniques in the evaluation of program/project objectives Analyzing requirements, status, budget, and schedules. Performing management, technical, or business case analyses Collecting, completing, organizing, and interpreting data relating to aircraft/weapon/project acquisition and product programs Tracking program/project status and schedules Applying Government-instituted processes for documentation, change control management, and data management Requirements A bachelor's degree and a minimum of three (3) years of relevant experience are required. An associate degree plus four (4) years of additional experience performing work related to the labor category functional description may be substituted for a Bachelor’s degree. An active DoD SECRET clearance is required to start.  The applicant may be subjected to a security investigation and must meet eligibility requirements for access to classified information. The applicant must meet the designated clearance requirements and certification requirements as established IAW the DoD Manual 8570 / 8140 Cyber Workforce Program. The applicant must have one of the following certifications to start: Security+ CE SecurityX (formerly CASP) CGRC (formerly CAP) GSLC CISM CISSP (or Associate) The applicant must be knowledgeable and proficient in the following: Program and project management Written and verbal communications Customer interfacing Ability to work within secure environments Benefits At RMC, we're committed to your career growth! RMC differentiates itself from other firms through its investment in our employees. We invest our resources to train, certify, educate, and build our employees. RMC can offer you a great place to work with a small company feel and give you the experience, tuition assistance, and certifications that will take your career to the next level. We offer Monday to Friday full-time day shift work and can assist in paid relocation. This also includes a competitive paid vacation package with 11 paid federal holidays. Additionally, we also offer high-quality, low-deductible healthcare plans, pet insurance, and a competitive 401K package. Salary at RMC is determined by various factors, including but not limited to location, a candidate's specific combination of education, knowledge, skills, competencies, and experience, as well as contract-specific requirements. The salary range for this position is $90,000 - $130,000.