Cyber security analyst jobs in Arkansas

Posting Type Remote As a Lead Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure. In this role, the main responsibilities will be to investigate and analyze emerging threats against our assets, identities, and clients. You will also provide actionable remediation guidance to end users and collaborate with highly skilled cyber experts to anticipate and mitigate evolving threats using world-class toolsets and next generation capabilities. Job Description and Requirements Responsibilities: Review, validation, and triage of alerts and technical analysis of log data from a diverse inventory of sensors, correlated signature logic, and threat intelligence sources. Assess the impact of security events by leveraging host, cloud and network-based indicators and evidence to deliver actionable incident escalations. Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy leveraging multiple technologies and data types. Build automation to search through collected telemetry to detect and isolate advanced threats that evade existing security solutions. Create Standard Operating Procedures, SOC playbooks, configuration guides, and secure standards. Automate incident handling processes. Engage in the continuous research of emerging threats and apply appropriate countermeasures within the context of a rapidly changing environment. Serve as a subject matter expert in the mechanism and analysis of observed malicious activity. Clearly document and communicate investigation findings to both technical and executive stakeholders. Identify and automate away technical burden. Build automation to deploy, operate and connect multiple cyber security tools and applications. Preferred Qualifications: 7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team for Cloud applications and corporate networks Exposure to threat detection development and tuning Experience in software design and development DevSecOps experience Ability to perform threat hunting, threat emulation, and/or purple teaming exercises Familiarity with industry standard security devices and their configuration Experience in reverse engineering malicious code to explore infection and propagation mechanisms Experience with threat intelligence tools and processes Certifications: One or more of the following certifications are preferred (GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH) 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Minimum Qualifications: 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks Relativity is committed to competitive, fair, and equitable compensation practices. This position is eligible for total compensation which includes a competitive base salary, an annual performance bonus, and long-term incentives. The expected salary range for this role is between following values: $150,000 and $226,000 The final offered salary will be based on several factors, including but not limited to the candidate's depth of experience, skill set, qualifications, and internal pay equity. Hiring at the top end of the range would not be typical, to allow for future meaningful salary growth in this position. Suggested Skills: Cybersecurity, Infrastructure Security, Network Security, Penetration Testing, Security Architecture Design, Security Audit, Security Information, Security Information and Event Management (SIEM), Security Operations, Vulnerability Management

*****CANDIDATE MUST BE US Citizen (due to contractual/access requirements)***** **For candidates residing within a 50-mile radius of a Highmark office, a hybrid work schedule of three days per week (Tuesday, Wednesday, and Thursday) in the office is required.** The Cyber User Behavior Engineer is a pivotal role at Highmark, dedicated to enhancing our organization's security by cultivating a robust "security-first" culture. This individual will lead the design, implementation, and ongoing management of comprehensive security awareness programs. Their primary responsibility will be to educate, train, and inspire all Highmark employees to effectively identify and report security threats, ensuring adherence to Highmark's security policies and industry best practices. This role is crucial in minimizing human-centric security risks and fostering a vigilant and informed workforce. **ESSENTIAL RESPONSIBILITIES** + Develop, implement, and continuously improve a proactive program to identifying internal threats. + Establish close relationships with business stakeholders outside of the security discipline, working closely with privacy, physical security, fraud, legal, human resources and senior leadership. + Perform predictive analysis of behavior, anomalies, and concerns to identify internal threats. + Execute campaigns designed to improve enterprise security posture. + Continually enhance insider risk program to increase efficiencies and measure program effectiveness and report accordingly on progress. + Utilize change management methodologies to mitigate identified security risks. + Provide insider threat support to security operations and incident response teams in advance of and during cyber security incidents. + Ensure clear lines of communication including but not limited to; transparency to the business on upcoming security initiatives, identifying impact to the business and to consumers, helping shape remediation, and developing external and internal communications. + Ensure the education and awareness program is aligned with the Information Security Program, Policies and Standards. + Other duties as assigned or requested. **EDUCATION** **Required** + Bachelor's Degree in Business Education, Marketing or Information Systems **Substitutions** + Six (6) years relevant, progressive experience **Preferred** + Bachelors in Information Security **EXPERIENCE** **Required** + 3 years in IT or IT Security Focus + 3 years of Insider Threat Program focus To include: + 3 years with Human Intelligence (HUMINT) **OR** as an Open-source Intelligence Analyst **Preferred** + 1-3 years in a Security Awareness or adjacent role **LICENSES or CERTIFICATIONS** **Required** + None **Preferred** + Security + **OR** + GSEC **OR** + CISSP **OR** + CERT Insider Threat + SANS Security Awareness Professional (SSAP) Proofpoint Certified Security Awareness Specialist **SKILLS** + Change Management + Presentation Delivery + Prioritizing + Analytical and Logical Reasoning/Thinking + Communication Skills + Cyber Security + User Behavior + Continuous Improvement **Language (Other than English):** None **Travel Requirement:** 0% - 25% **PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS** **Position Type** Office-based Teaches / trains others regularly Frequently Travel regularly from the office to various work sites or from site-to-site Rarely Works primarily out-of-the office selling products/services (sales employees) Never Physical work site required Yes Lifting: up to 10 pounds Occasionally Lifting: 10 to 25 pounds Rarely Lifting: 25 to 50 pounds Never **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._ _As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._ _Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J272819

Responsibilities We are hiring a Cyber Security Engineer for our program in Stuttgart, Germany. What you'll do: This role requires a broad range of cybersecurity skills and knowledge, covering both technical and strategic aspects of information security. The person in this position would play a crucial role in protecting an organization's digital assets and ensuring the overall security of its IT infrastructure. This position is specifically tailored to support the U.S. European Command (EUCOM) Headquarters' cybersecurity needs. * The role will support U.S. government networks and Mission Partner * The cybersecurity professional will be responsible for system security posture assessment, authorization process execution, continuous monitoring * Assessing information security controls on new and existing systems * Working with system owners to resolve and mitigate security findings * Helping maintains the security posture of systems and networks * The role involves collaboration with EUCOM personnel. * Creating and maintaining Authorization packages to keep Authority to Operate (ATO) for multiple networks of varying classification levels. * Ensuring System Administrators maintain required DoD 8140 certifications, Reviewing and providing recommendations to the Information System Security Manager (ISSM) regarding Hardware, Software, and Ports, Protocols, and Services (PPS) requests. * Reviewing Plans of Action and Milestones (POA&Ms) for closure or extensions based on mission requirements. * Reviewing Authorizing Official (AO) Risk Acceptance requests for validity and working with requestors on mitigations. * Coordinating with the Defense Information Systems Agency (DISA) Security Control Assessor (SCA) for Authorization & Assessment reviews. Qualifications Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD, in lieu of degree 12 years of related work experience What you'll need: * Active IAM III Certification (including CISSP, CISM, GSLC) * TESA eligibility & active U.S. passport * Active DoD Secret Clearance * Extensive knowledge of the RMF (Risk Management Framework) process Desired qualifications: * Knowledge of Commercial Solution for Classified (CSfC) Assessment and Authorization process * Working knowledge of: ACAS, ESS, Carbon Black, eMASSKnowledge of DISA CAL (Defense Information Systems Agency Cyber Asset Library) * Experience with DISA reviews, specifically:A&A (Assessment and Authorization) CCRI (Command Cyber Readiness Inspection) CORA (Cyber Operational Readiness Assessment) Peraton Overview Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure. Target Salary Range $104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. EEO EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Certain roles at Tyson require background checks. If you are offered a position that requires a background check you will be provided additional documentation to complete once an offer has been extended. Job Details: Lead the evaluation, design, and implementation of application security technologies, ensuring integration with CI/CD pipelines for automated security testing. Promote secure coding practices, develop and enforce secure coding guidelines (e.g. OWASP or SANS), and create comprehensive training materials for developers. Deliver training sessions on secure coding practices, threat modeling, and vulnerability management. Perform internal application security assessments, conduct penetration testing using tools like Burp Suite, OWASP ZAP, and Metasploit, and identify, report, and mitigate security vulnerabilities. Define and implement organization-wide security policies, standards, and procedures to incorporate security into all phases of the Software Development Life Cycle (SDLC). Collaborate with development teams to integrate security requirements into project plans using project management tools (e.g. JIRA or Confluence) to track progress and ensure timely delivery of security initiatives. Perform risk assessments using methodologies such as STRIDE or DREAD to prioritize security efforts based on business impact and likelihood of exploitation. Lead and participate in secure code reviews for critical applications, providing actionable feedback to developers and ensuring adherence to secure coding practices. Conduct detailed manual and automated code reviews, identifying security flaws and recommending remediation measures. Develop and enhance internal security tools, automating security testing, vulnerability scanning, and reporting. Create custom scripts and tools to streamline security processes and improve vulnerability management and reporting efficiency. Define and maintain base image hardening guidelines for containerized applications, collaborating with DevOps teams and using tools like Aqua Security and Twistlock to define security baselines and ensure containerized applications are secure. Participate in incident response activities related to application security incidents, leading forensic analysis and root cause investigations, and coordinating with response teams to ensure timely remediation and prevention of future incidents. Provide training to development and DevOps teams on secure coding practices, threat awareness, and secure design principles, fostering a security-conscious culture within the organization. Organize regular workshops, training sessions, and security awareness programs to educate teams on the latest security practices and threats. Define and track key performance indicators (KPIs) for application security, monitor progress, report to management, and use metrics to drive continuous improvement. Develop and maintain dashboards and reports to measure security performance, identify trends, and drive improvements. Continuously assess and improve the organization's application security maturity, implementing industry best practices and frameworks (e.g. OWASP or SAMM). Regularly review and update security frameworks, conduct maturity assessments, and implement best practices to enhance the overall security posture. Position reports to Tyson headquarters in Springdale, AR; 100% telecommuting permitted from anywhere in the U.S. 10% Domestic and International travel required. REQUIREMENTS: Bachelor's in Computer Science, Information Technology, Information Systems, Cyber or Technical Engineering, or a related field, and 7 years of experience in application security. Alternatively, will accept a Master's degree in Computer Science, Information Technology, Information Systems, Cyber or Technical Engineering, or a related field, and 5 years of experience in application security. Must have work experience in: * Conducting regular security assessments using automated tools including SonarQube, Checkmarx, and Fortify and manual code reviews to identify security vulnerabilities; * DevOps methodologies; * Implementing and managing security tools including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and Interactive Application Security Testing (IAST); * Using Security Information and Event Management (SIEM) tools including Splunk, QRadar, or LogRhythm to monitor security incidents, respond to security alerts, and perform incident response activities; * Web application vulnerabilities and business logic flaws; * Standard Software Development Life Cycle practices; and * Vulnerability tests, risk analysis, and remediation techniques. Relocation Assistance Eligible: No Work Shift: Hourly Applicants ONLY -You must complete the task after submitting your application to provide additional information to be considered for employment. Tyson is an Equal Opportunity Employer. All qualified applicants will be considered without regard to race, national origin, color, religion, age, genetics, sex, sexual orientation, gender identity, disability or veteran status. We provide our team members and their families with paid time off; 401(k) plans; affordable health, life, dental, vision and prescription drug benefits; and more. If you would like to learn more about your data privacy rights and how you may use that information, please read our Job Applicant Privacy Notice here. Unsolicited Assistance: Tyson Foods and its subsidiaries do not accept unsolicited support from external recruitment vendors for open positions within the United States. Any resumes or candidate profiles submitted by recruitment vendors or headhunters to any employee or applicant tracking system at Tyson Foods or its subsidiaries, without a valid written request and search agreement approved by HR, will be considered the property of Tyson Foods. No fees will be paid if the candidate is hired due to an unsolicited referral.

Exempt: Yes Department: Information Systems Department Reports To: Information Systems Director Safety Sensitive: This position is designated as safety/security sensitive and is subject to pre-employment, reasonable suspicion and random drug and alcohol screening. GENERAL DESCRIPTION OF POSITION This Safety Sensitive (SS) position is primarily responsible for protecting a company's network and systems from cyber-attacks. This involves researching upcoming IT trends, creating contingency plans, reviewing suspicious activities, reporting security breaches, and educating the rest of the company on security measures. ESSENTIAL DUTIES AND RESPONSIBILITIES 1. Collaborates with users to discuss computer data access needs, to identify security threats and violations, and to identify and recommend needed programming or process changes. 2. Uses data encryption, firewalls, and other appropriate security tools and applications to conceal and protect transfers of confidential digital information. 3. Develops and implements plans to safeguard digital data from accidental or unauthorized modification, destruction, or disclosure; adheres to emergency data processing needs. 4. Reviews violations of security procedures; provides training to ensure violations do not recur. 5. Monitors and restricts access to sensitive, confidential, or other high-security data. 6. Modifies security files and applications as able and necessary to provide specialized access, allow new software to be installed or integrated, or correct errors. 7. Performs risk assessments, audits, and tests to ensure proper functioning of data processing activities and security measures. 8. Safeguards system security and improves overall server and network efficiency by training users and promoting security awareness. 9. Determines when to update virus protection systems by monitoring current reports of computer viruses; facilitates or performs needed updates. 10. Manages and support Antivirus. 11. Manage and push out software updates. 12. Operate a city vehicle as needed. 13. Perform any other related duties as required or assigned. QUALIFICATIONS To perform this job successfully, an individual must be able to perform each essential duty mentioned satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. EDUCATION AND EXPERIENCE Broad knowledge of such fields as accounting, marketing, business administration, finance, etc. Equivalent to a four year college degree, plus 3 years related experience and/or training, or equivalent combination of education and experience. COMMUNICATION SKILLS Ability to read, analyze, and understand general business/company related articles and professional journals; ability to speak effectively before groups of customers or employees. MATHEMATICAL SKILLS Ability to calculate figures and amounts such as discounts, interest, commissions, proportions, percentages, area, circumference, and volume. Ability to apply concepts such as fractions, ratios, and proportions to practical situations. CRITICAL THINKING SKILLS Ability to utilize common sense understanding in order to carry out written, oral or diagrammed instructions. Ability to deal with problems involving several known variables in situations of a routine nature. REQUIRED CERTIFICATES, LICENSES, REGISTRATIONS Valid drivers license PREFERRED CERTIFICATES, LICENSES, REGISTRATIONS A+, Microsoft Certified Professional (MCP), Microsoft Certified Systems Engineer (MCSE) SOFTWARE SKILLS REQUIRED Intermediate: Presentation/PowerPoint, Spreadsheet, Word Processing/Typing Basic: Accounting, Contact Management, Database, Human Resources Systems, Other, Payroll Systems INITIATIVE AND INGENUITY SUPERVISION RECEIVED Under general supervision where standard practice enables the employee to proceed alone on routine work, referring all questionable cases to supervisor. PLANNING Considerable responsibility with regard to general assignments in planning time, method, manner, and/or sequence of performance of own work; may also occasionally assist in the planning of work assignments performed by others within a limited area of operation. DECISION MAKING Performs work operations which permit frequent opportunity for decision-making of minor importance and also frequent opportunity for decision-making of major importance; the latter of which would affect the work operations of other employees and/or clientele to a moderate degree. MENTAL DEMAND Close mental demand. Operations requiring close and continuous attention for control of operations. Operations requiring intermittent direct thinking to determine or select the most applicable way of handling situations regarding the organization's administration and operations; also to determine or select material and equipment where highly variable sequences are involved. ANALYTICAL ABILITY / PROBLEM SOLVING Moderately structured. Fairly broad activities using moderately structured procedures with only generally guided supervision. Interpolation of learned things in somewhat varied situations. RESPONSIBILITY FOR WORK OF OTHERS Responsibility for work of others: Not indicated. RESPONSIBILITY FOR FUNDS, PROPERTY and EQUIPMENT Occasionally responsible for organization's property where carelessness, error, or misappropriation would result in moderate damage or moderate monetary loss to the organization. The total value for the above would range from $5,000 to $150,000. ACCURACY Probable errors would not likely be detected until they reached another department, office or patron, and would then require considerable time and effort to correct the situation. Frequently, possibility of error that would affect the organization's prestige and relationship with the public to a limited extent, but where succeeding operations or supervision would normally preclude the possibility of a serious situation arising as a result of the error or decision. ACCOUNTABILITY FREEDOM TO ACT Directed. Freedom to complete duties as defined by wide-ranging policies and precedents with mid to upper-level managerial oversight. ANNUAL MONETARY IMPACT The amount of annual dollars generated based on the job's essential duties / responsibilities. Examples would include direct dollar generation, departmental budget, proper handling of organization funds, expense control, savings from new techniques or reduction in manpower. None. Job does not create any dollar monetary impact for the organization. IMPACT ON END RESULTS Modest impact. Job has some impact on the organizations end results, but still from an indirect level. Provides assistance and support services that facilitates decision making by others. PUBLIC CONTACT Occasional routine contacts with persons outside the organization. This would include contacts with suppliers, mail service, etc. EMPLOYEE CONTACT Contacts of considerable importance within the department or office, such as those required in coordination of effort, or frequent contacts with other departments or offices, generally in normal course of performing duties. Requires tact in discussing problems and presenting data and making recommendations, but responsibility for action and decision reverts to others. USE OF MACHINES, EQUIPMENT AND/OR COMPUTERS Computer software programming, level ii technician support, project management; system analyst and comprehensive computer software support/help and/or web site development and connectivity. WORKING CONDITIONS Periodically exposed to such elements as noise, intermittent standing, walking, pushing, carrying, or lifting; but none are present to the extent of being disagreeable. ENVIRONMENTAL CONDITIONS The following work environment characteristics described here are representative of those an employee encounters while performing essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the functions of this job, the employee is occasionally exposed to risk of electrical shock. The noise level in the work environment is usually moderate. PHYSICAL ACTIVITIES The following physical activities described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions and expectations. Moderate diversity, low physical. Work activities which allow for a moderate amount of diversity in the performance of tasks which are not as varied as those positions with high-level diversity and decision-making. While performing the functions of this job, the employee is continuously required to talk or hear; regularly required to sit; frequently required to walk, use hands to finger, handle, or feel; and occasionally required to stand, reach with hands and arms, climb or balance, stoop, kneel, crouch, or crawl. The employee must occasionally lift and/or move up to 100 pounds; frequently lift and/or move up to 50 pounds; regularly lift and/or move up to 25 pounds; continuously lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision; distance vision; and color vision. ADDITIONAL INFORMATION Not indicated.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** Black Lotus Labs is seeking a Principal Security Engineer on the Research & Analysis team. This team leverages Lumen's global visibility of one of the world's largest and most interconnected IP backbones and a petabyte-scale compute cluster to perform cutting edge threat research, hunting and tracking advanced persistent threat actors (APTs) and emerging criminal activity as the threat actors traverse the internet. They empower customers to stay ahead of the evolving threat landscape. **The Main Responsibilities** + Serve as Threat Research Subject Matter Expert, offering guidance and support to the Black Lotus Labs team on threat hunting activities, such as identifying knowledge gaps, troubleshooting technical challenges, developing solutions, and mentoring team members in overcoming obstacles. Set priorities for what threats to analyze to maximize team's impact. + Conduct threat research across technical data sets, fusing Black Lotus Labs telemetry with third party data sets, to automate detection of the latest threat attacker tools, techniques and procedures (TTPs) with a goal of automating detection. + Use industry-leading technical knowledge of adversary capabilities and infrastructure and define, develop, and implement techniques to lead the team in tracking sophisticated adversaries, delivering actionable threat intelligence data to Lumen customers. + Lead and enhance threat hunting operations by actively engaging with other research teams, building strong partnerships to achieve shared goals, exploring new data sources, and mentoring team members in executing workflows and solving complex challenges. + Provide expert analysis and strategic insights on emerging threats and vulnerabilities, translating complex technical information into actionable intelligence for executive leadership and external stakeholders. + Spearhead thought leadership initiatives by leading Black Lotus Lab's voice at security conferences and internal executive briefings. **What We Look For in a Candidate** + Proven experience in threat hunting and in-depth technical security research, demonstrating a strong track record of successfully identifying, tracking, and disrupting nation-state and cybercriminal threat actors. + Deep understanding of advanced threat hunting methodologies, attacker tactics, techniques, and procedures (TTPs), and the ability to derive actionable threat hunts from complex data sets. + Demonstrated experience building prototype threat hunting solutions and large data analysis tools with Python (or other equivalent languages). + Proven experience initiating and coordinating technical projects focused on telemetry collection, TTP based threat hunting, or developing threat hunt tools that have cross-organization impact on threat visibility, including leading private-public partnerships and multi-company collaborations. + 5+ years of experience in the IC, DoD or similar tracking and defending against nation state threat activity. + Exceptional communication and presentation skills, including the ability to clearly and concisely convey complex technical information to both technical and non-technical audiences, ranging from executives and board members to conference attendees and internal stakeholders. + Experience presenting at industry conferences and in the media. + Highly organized with the ability to manage multiple tasks, prioritize effectively, and triage competing demands in a fast-paced environment. + Proven ability to lead and manage complex technical projects, effectively driving them to successful completion. + Active TS/SCI clearance with poly **Well-experienced candidates may also have the following skills: ** + Proficiency in malware reverse engineering and incident response. + 5+ years of experience leading teams of technical threat discovery professionals. + Software development experience in Docker and big data technologies like Hadoop, Spark, and Tensor Flow. **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $149,084 - $198,779 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $156,539 - $208,718 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $163,993 - $218,657 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: + Benefits (**************************************************** + Bonus Structure **What to Expect Next** \#LI-JS1 Requisition #: 339093 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (************************************* . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name. **Application Deadline** 12/09/2025

THE OPPORTUNITY Dillard's is seeking an Endpoint Security Analyst to join the Information Security Team. In this role, you will be responsible for monitoring and securing the enterprise endpoints. This includes Windows, Linux, and Mac operating systems on workstations, laptops, and servers. You will actively search for vulnerabilities and mitigate cybersecurity risks that affect the company. You will play a prominent role in communicating with our desktop support team and server administration teams to maintain our security posture. THE TEAM The Information Security Team is responsible for the confidentiality of customer and employee information, ensuring the data stored and shared maintains integrity, all while making sure that all of this does not impact the availability of the entire Dillard's enterprise. This team is expected to be high-performing. To meet this expectation, the team members are communicative and collaborative, always sharing knowledge and research with one another. Members of this team should be able to understand what is expected of them and adjust on the fly, as priorities may change depending on the company's needs. If you are someone who sets a standard of excellence for yourself and you enjoy working alongside others who set the same standard and who genuinely want each of their peers to succeed, you may be the perfect addition to this team. WHAT YOU WILL DO Research industry trends, identify ongoing security threats, analyze new security testing tools, and provide recommendations on the need and usefulness of services and/or products for endpoints Evaluate and recommend new and emerging security solutions and technologies to address issues or security gaps Compile audit reports, identifying potential risks/threats to endpoints Monitor security logs and alerts from various sources, including intrusion detection systems, Endpoint Detection and Response (EDR) systems, and security information and event management (SIEM) tools Investigate and analyze endpoint security incidents, identify root causes, and assist in developing appropriate mitigation strategies for endpoints Proactive analysis to identify potential security risks and vulnerabilities on endpoints Mentor and provide guidance to junior security analysts, sharing knowledge and best practices Participate in on-call rotation duties THE “MUST-HAVES” Experience with any of the following technologies: Microsoft Windows, Active Directory, or Group Policy. Possess the ability to communicate complex and technical concepts to a non-technical, general audience Experience providing remote response and remediation activities within networks and on endpoints Analytical and problem-solving skills, with the ability to think critically under pressure Strong communication skills to effectively collaborate with cross-functional teams and communicate complex security issues to non-technical stakeholders Continuous learning mindset to stay updated with the evolving threat landscape and emerging security technologies THE “NICE-TO-HAVES” CompTIA Security+, A+, CySA+, ISC2 CC, ISC2 CCSP certification or equivalent 3 or more years of experience managing an endpoint security solution In-depth understanding of operating systems, network/system architecture, protocols, enterprise services, and enterprise architecture design Understanding of threats, vulnerabilities, and exploits No immigration sponsorship (ex. H-1B, TN, STEM OPT) is available for this position

It's fun to work in a company where people truly BELIEVE in what they're doing! We're committed to bringing passion and customer focus to the business. At Simmons Bank, the Security Engineering Team is responsible for the design, implementation, and maintenance of security solutions to include, but not limited to: Identity & Access Protection, Email Security, Network Security, Endpoint Protection, Data Protection and Vulnerability Management. These security solutions secure critical business operations and protect our customers and data. You will join a team of Associates dedicated to ensuring the security of the corporate network and be responsible for the day-to-day operation of the Information Security Program. Level I Security Engineers are primarily responsible for the implementation and maintenance of security systems and supporting end-users' use of the Company's security services. Essential Duties and Responsibilities Systems Engineering Contributes to the design and implementation of security systems, as needed Identifies and documents system security requirements to assist with solution selection Assists with the evaluation of new technologies or process improvements that enhance security capabilities System Administration Configure, maintain, and monitor the Company's security systems, including but not limited to: secure email gateway, firewall, VPN, network access control, secure web gateway, security information and event management platform, endpoint protection, data loss prevention and vulnerability scanning tools Handles service request and incident tickets pertaining to security systems Reviews system alerts and responds in accordance with established procedures (e.g. triage, mitigate, and escalate) Researches, tests and presents proposed security system changes to IT and Business leadership Conducts security system changes in accordance with the change management process Collaborates with external parties (e.g. vendor support, professional services and others) to maintain security technologies Monitors cases, tickets, and incidents opened with vendor support to ensure timely response and remediation Applies upgrades, patches, and other configurations in support of the patch management and vulnerability management processes Assists in maintaining the team's written documentation (e.g. diagrams, procedures, and other system information) for the Company's security systems Administrative Participates in rotating on-call schedule representing the Security Engineering team Communicates security concerns to management in a timely manner Completes training related to this position, as assigned, in a timely manner Pursues IT and/or Security certifications relevant to this position Takes initiative and responsibility for achieving desired results Performs other duties as assigned Qualifications Education and/or Experience Minimum of four (4) years of experience in information technology, network engineering, or security engineering (required) Bachelor's degree in a related field (preferred) Direct experience administering security systems such as: endpoint protection, network access control, web content filtering, data loss prevention, vulnerability scanners, and firewalls (preferred) Experience in operational roles supporting of IT systems, networks, or applications and direct experience conducting basic troubleshooting steps, documenting tickets, and communicating with end-users (required) Certifications CompTia A+, Security+, Network+, or other baseline security related certifications (required) Other Qualifications (including physical requirements) Must be willing to periodically work non-standard hours and be on call Baseline understanding of common enterprise operating systems, database systems and networks Ability to read and interpret documents and follow written or verbal instructions Ability to conduct oral and written communication and present, in a professional manner, to internal and external parties Ability to prioritize assignments while working on multiple projects Ability to manage their own time with awareness to escalate issues promptly and with focused on meeting SLA targets Ability to work independently with limited supervision Possesses service-oriented mindset and strong customer service skills Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Activities, duties and responsibilities may change at any time with or without notice. Equal Employment Opportunity Information: Simmons First National Corporation and its subsidiaries are committed to a policy of equal employment with respect to a person's race, color, religion, sex, ancestry, sexual orientation, gender identity, national origin, covered veterans, military status, physical or mental disability or any other legally protected classifications.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our Security team is seeking a Senior Security Analyst to support our team 100% onsite at our facilities in Camden, Arkansas. This person will serve as Alternate Facility Security Officer (AFSO), Designated Government Representative (DGR) and COMSEC hand receipt holder. What You Will Do Ensure adherence to the provisions of the National Industrial Security Program Operating Manual (NISPOM) and National Security Administration 3-16 (NSA/CSS 3-16). Serve as the DGR for foreign sales maintaining US State Department Licenses, communicating with Defense Counterintelligence Security Agency (DCSA) and Foreign DGR's to coordinate classified exports and imports. Report to the FSO for ensuring the open storage areas are properly maintained assist in reviewing articles and documents for appropriate classification markings. Assist the FSO in working with the lead guard to ensure cleared guard scheduling is achieved. Serve as the COMSEC hand receipt holder under supervision of the Facility Security Officer to conduct inventories, receive, transfer, destroy and inventory COMSEC material. Maintain the visitor control program. Follow specialized procedures for the transmission of classified and/or proprietary material/information. Participate in security audits, semi-annual alarms tests, and UL certification. Complete the DCSA SPeD training courses for Facility Security Officer - Possessing Facilities within one year of start date. Qualifications You Must Have Typically requires a University Degree or equivalent experience and minimum 2 years of prior relevant experience, or an Advanced Degree in a related field. Experience scheduling Guard Rotations. Experience with administrative requirements for classified areas. Perform physical tasks such as climbing ladders, conducting alarm tests and performing escort duties for uncleared visitors. Qualifications We Prefer Completion of FSO for Possessing Facilities from DCSA SPeD. Certified First Aid, AED and CPR to serve as a First Responder. Certified Industrial Security Professional or similar related certification or Certified DoD Security Manager. Excellent written, verbal, and presentation skills. Must be able to complete required NSA training for DIAS Ability to understand and safeguard Personal Identifiable Information (PII). Self-starter with minimal supervision and the ability to solve routine problems of moderate complexity. What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. Relocation Non-Eligible - Relocation assistance not available Please consider the following role type definition as you apply for this role: Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. We are RTX #LI-Onsite The salary range for this role is 66,000 USD - 130,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Your Future. Secured. ISC2 is a force for good. As the world's leading nonprofit member organization for cybersecurity professionals, our core values - Integrity, Advocacy, Commitment, Inclusion, and Excellence - drive everything we do in support of our vision of a safe and secure cyber world. Our globally recognized, award-winning portfolio of certifications provide an independent and globally recognized endorsement of cybersecurity knowledge, skills and experience for all career levels. Our charitable arm, the Center for Cyber Safety and Education, enables ISC2 and our members to serve the public by educating the most vulnerable about cyber risks and empowering access to enter and thrive in the cyber profession. Learn more at ISC2 online and connect with us on Twitter, Facebook and LinkedIn. When you join ISC2, you'll demonstrate your commitment to an inclusive and equitable environment. Your support of the unique perspectives and experiences shared by our global cybersecurity workforce and profession will be recognized. We invite you to take an active role in helping us create a true sense of belonging across our organization - an environment of authenticity, trust, empowerment and connectedness that empowers all of our successes. Learn more. **Position Summary** The Application Security Engineer will be an integral part of the security team and will work cross-functionally with several lines of business to ensure the secure delivery of products and applications. The Application Security Engineer will be expected to attend stand-ups and strategy sessions to identify areas of risk and offer consulting on best practices. The Application Security Engineer will act as a champion and will formalize the integration of application security into our current processes and tools. **Responsibilities** The Application Security Engineer will be expected to facilitate technical design reviews, perform code analysis, offer remediation recommendations, perform manual and dynamic security testing, and document and present all findings. The Application Security Engineer will work closely with the Development, Release, and QA teams to identify and coordinate security testing, validate, test, and vet both internally and externally developed applications. As an Application Security Engineer, you will act as a DevSecOps Engineer that will be responsible for secure application delivery as well as the underlying infrastructure. The Application Security Engineer must be comfortable with securing cloud-based products in environments such as AWS, Azure and Salesforce. Additionally, this position will provide security risk assessments, create threat models and assist the team with vulnerability testing. Additionally, this position manages the ISC2 responsible reporting program that supports the organization's secure application delivery objectives. In addition to the daily duties described, the individual will assist the security engineering team in the management of security technologies administered by the group (e.g., WAF, Firewall, IDS, and SEIM). This would be an "as needed" function, which is primarily to provide coverage for those duties when individuals on the security engineering team are out of the office for training or vacation. Additionally, the Application Security Engineer will be expected to participate in the Incident Response team and act as a Subject Matter Expert when dealing with the continuity of our operations and when responding with cyber incidents. + Conduct security assessments: Perform comprehensive security assessments of applications, including static code analysis, dynamic application testing, and penetration testing. Identify vulnerabilities, weaknesses, and potential attack vectors. + Secure code review: Review application source code to identify security flaws, such as insecure authentication mechanisms, input validation vulnerabilities, and potential injection attacks. Provide recommendations for remediation and best practices for secure coding. + Threat modeling: Collaborate with development teams to identify and assess potential threats and risks associated with the application. Use threat modeling techniques to prioritize security controls and countermeasures. + Develop and implement security controls: Design, develop, and implement security controls and countermeasures to protect applications against common security threats, such as cross-site scripting (XSS), cross-site request forgery (CSRF), and SQL injection. Implement secure coding practices and security guidelines. + Vulnerability management: Establish and maintain a vulnerability management program for applications. Track and prioritize vulnerabilities based on their severity and impact. Coordinate with development teams to ensure timely remediation of identified vulnerabilities. + Security testing automation: Develop and maintain automated security testing tools and scripts to streamline the application security testing process. Integrate security testing into the continuous integration and deployment (CI/CD) pipeline. + Security training and awareness: Conduct security training and awareness programs and determine skills training needs for development teams, promoting secure coding practices andawareness of common security vulnerabilities. Stay updated with the latest security trends, attack techniques, and best practices. + Incident response: Provide support during security incidents or breaches related to applications. Participate in incident response activities, including containment, investigation, and remediation. + Compliance and regulatory requirements: Ensure that applications adhere to relevant security compliance standards, industry regulations, and data privacy requirements (e.g., GDPR (General Data Protection Regulation), HIPAA (Health Insurance Portability and Accountability)). Collaborate with compliance teams to address any compliance-related concerns. + Security documentation and reporting: Prepare and maintain security documentation, including security policies, procedures, and guidelines. Generate periodic reports on the security posture of applications and present findings to relevant stakeholders. Other responsibilities include: + Maintain and manage all pipelines from a security perspective. + Onboard new pipelines for security tooling. + Keep pipeline diagrams up to date with current security details. + Serve as the primary SME for the DAST scanner.This includes configuration, testing, vulnerability management, and remediation oversight. + Recommend continuous improvements for the SAST scanner. + Security code release approvals + Maintain and manage the WAF, including signatures, configuration, and threat intel feeds. + Serve as the SME and provide recommendations for ongoing improvements. + Establish baseline WAF signatures for XD Prod following the Silverline migration. + Baseline WAF signatures after code releases. + Serve as the primary point of contact for vetting bug reports and managing the informed disclosure process. + Assist with attestation data gathering. + Support and assist with threat modeling. + Act as the formal backup for the threat modeling and attestation processes. + Review and approve Security Assessment Review reports as needed. + Perform other duties as required. **Behavioral Competencies** + Ability to demonstrate and support the ISC2 Core Values: Integrity, Excellence, Inclusion, Advocacy and Commitment + Function as an architect, who can conduct architecture reviews of new systems and solutions. + Serve as a builder who can build and integrate application security in our SDLC. + Act as a collaborator, who likes to engage with the team and the industry. + Serve as a team player, who will jump in and assist in other security functions as needed. + Function as a leader, who will use your knowledge and to train and guide developers and engineers. + Demonstrate a passion for application security, creative and critical thinking, strong analysis skills, the ability to work in a fast-paced environment, and have familiarity with agile, continuous integration, and continuous deployment. + Experience in securing SaaS-delivered offerings in multiple cloud environments deployed with automation & orchestration. **Qualifications** + Ability to write some code, as needed, to conduct security-focused testing. + Application Experience with common testing tools such as Veracode, Fortify, Zap, Burp, and fiddler, among others. + Application Understanding of common vulnerabilities & remediation. + Application Knowledge and understanding of automation and scripting languages. + Design & code review skills. + A solid understanding of Microsoft platforms such as .NET, Windows, C#, Azure. + General Knowledge of cloud security, API (Application Programming Interface) security, and associated best practices. **Education and Work Experience** + Bachelor's degree in computer science, information systems, related engineering field. Will consider a high school diploma and 10+ years of relevant work experience, as well as current additional credentials (CCSP, GDSP, etc..) in lieu of a degree. + A CISSP and CSSLP are required for this position. + 8+ years of experience in Information Security. + 8+ years of experience with static and dynamic analysis for coding and vulnerability identification and remediation. + 5+ years of Secure Development experience. + Application Experience with implementing Secure Development Lifecycle in an agile environment. + First-hand experience with architectural reviews, application reviews, and penetration testing. + Application Experience with Continuous Integration processes, particularly with building security practices into the pipeline. **Physical and Mental Demands** + Ability to travel up to 10% of time. May also include overnight travel. + Work extended hours, when necessary. + Work in an office environment using dual monitor computer screens. + Sitting for extended periods. **Equal Employment Opportunity Statement** All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic as protected by applicable law. Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process. **Job Locations** _US-Remote_ **Posted Date** _2 weeks ago_ _(11/19/2025 1:29 PM)_ **_Job ID_** _2025-2253_ **_\# of Openings_** _1_ **_Category_** _Information Security_

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Just imagine your future with us… At Aurecon we see the future through a very different lens. Do you? Innovation, eminence and digital are at the heart of everything we do. Are you excited about the future? Are you driven by the opportunity to work on some of the most challenging and complex projects around the world and to learn from the best? We are. Diversity is at the core of everything we do. We work together to create a culture based on respect, trust and inclusiveness. Our differences are what fuel our creativity. The purpose of the Senior Business Analyst (Security) role is to lead the analysis and documentation of Aurecon's project delivery needs so that our programs deliver the highest quality change into Aurecon. The Senior Business Analyst has the experience and insight to work quickly and autonomously and will be expected to produce high-quality deliverables that meet the needs of their program and stakeholders. The Senior Business Analyst will bring their confidence, work ethic and leadership skills to ensure the successful implementation of IT initiatives at Aurecon. What will you do? We know the work we do is vital in assisting Aurecon's business globally. Here are the key things you will do to 'bring ideas to life'. * Responsible for gathering, documenting, and obtaining sign-off of business, functional and non-functional requirements aligned with Aurecon PMO and security standards (E8 / NIST Level 2) * Agile/Scrum experience - Mandatory * Work with business, IT teams and vendors to analyse and explain the feasibility of security options and recommend the most appropriate response for business partners * Proactively build and maintain exceptional business and technology stakeholder relationships at all levels to ensure alignment between business strategy, technology, security, and solution delivery * Responsible for collecting process information and documenting in defined templates * Responsible for raising issues and risks and proactively proposing work arounds and resolutions for problem resolution. * Contribute to and review requirements and process related documentation Data Analysis activities: * Ability to analyse large data sets into meaningful output for consumption by stakeholders * Leveraging advanced Excel skills be able to analyse, monitor, manage and predict impacts of business scenarios * Able to initiate and perform ad hoc queries to identify potential security issues within data sets * Able to initiate uplift to data capture and analysis processes to improve analytical outcomes Testing activities (nice to have): * Create Test Approach/Plan across both functional and non-functional requirements covering the applicable Testing stages and gain endorsement * Collaborate with Project Manager to estimate, schedule and resource the testing, identifying assumptions, dependencies, risks, and issues Firstly, strong sense of responsibility, flexibility, and adaptability to varying request. Demonstrate excellent time management and organizational skills. And as part of a new team, you will have the opportunity to shape this role and have input into how we evolve it over time to WOW our employees and make an even bigger impact on the world. You will also need the following capabilities: Qualifications (Required) * 7+ years of experience on Business Analysis, Requirements gathering, creating BRDs, etc. * With exposure on Cyber Security / Security projects * Strong communications skills and stakeholder management * Agile Scrum methodology experience is preferred At Aurecon, we know every career adventure is unique. That's why our benefits are designed to support you and your family - at every stage. * Flexibility - 1x every fortnight reporting in the office * Wellbeing - we priorities your health * Recognition - your impact matters * Family - support for modern families and carers * Community - give back through volunteering days * Career development - learn, lead and shape your career Our Aurecon Attributes describe the types of people we bring together for clients. We don't expect you to have all eight of the attributes, but one that is unique to you. Finally, we value that each of our team members brings something different to Aurecon. We look for people who have had a broad range of experiences throughout their career and can demonstrate how they have worked as part of a team to bring ideas to life. Does that sound like you? About us We've re-imagined engineering. Aurecon is an engineering and infrastructure advisory company, but not as you know it! For a start, our clients' ideas drive what we do. Drawing on our deep pool of expertise, we co-create innovative solutions with our clients to some of the world's most complex challenges. And through a range of unique creative processes and skills, we work to re-imagine, shape and design a better future. We listen deeply and intently, which helps us see opportunities, possibilities and potential that others can't. Think engineering. Think again. Want to know more? You can learn more about what it's like to work at Aurecon by visiting the careers section of our website. If you are intrigued or excited by what you have read, then we want to hear from you. Apply now!

Meta's Product Security team is seeking a experienced hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people. You will be relied upon to provide engineering and product teams with the web, mobile, or native code security expertise necessary to make informed product decisions. Come help us make life hard for the bad guys. **Required Skills:** Product Security Engineer, AI Responsibilities: 1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more 2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities 3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products **Minimum Qualifications:** Minimum Qualifications: 4. BS or MS in Computer Science or a related field, or equivalent experience 5. 8+ years of experience finding vulnerabilities in interpreted languages. Knowledge of best practice secure code development 6. Experience with exploiting common security vulnerabilities 7. Knowledge of common exploit mitigations and how they work 8. Coding and scripting experience in one or more general purpose languages **Preferred Qualifications:** Preferred Qualifications: 9. Experience creating software that enables security processes, especially those leveraging AI/ML for automation or augmentation 10. Experience integrating or building AI-powered tools to assist with vulnerability detection, code review, or threat modeling 11. Experience creating software that enables security processes 12. 8+ years of experience finding vulnerabilities in C/C++ code 13. Contributions to the security community (public research, blogging, presentations, bug bounty) 14. Demonstrated ability to collaborate with AI researchers or engineers to apply AI in security workflows **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

It's fun to work in a company where people truly BELIEVE in what they're doing! We're committed to bringing passion and customer focus to the business. At Simmons Bank, the Security Engineering Team is responsible for the design, implementation, and maintenance of security solutions to include, but not limited to: Identity & Access Protection, Email Security, Network Security, Endpoint Protection, Data Protection and Vulnerability Management. These security solutions secure critical business operations and protect our customers and data. You will join a team of Associates dedicated to ensuring the security of the corporate network and be responsible for the day-to-day operation of the Information Security Program. Level II Security Engineers are primarily responsible for the implementation and maintenance of security systems and supporting end-users' use of the Company's security services. Level II Security Engineers operate with limited direct supervision and provide mentoring of Level I Security Engineers. Essential Duties and Responsibilities Systems Engineering Contributes substantially to the design and implementation of security systems, as needed Identifies and documents system security requirements to assist with solution selection Assists with the evaluation of new technologies or process improvements that enhance security capabilities Serves as specialist for certain security systems, as assigned System Administration Configures, maintains, and monitors the Company's security systems, including but not limited to: secure email gateway, firewall, VPN, network access control, secure web gateway, security information and event management platform, endpoint protection, data loss prevention and vulnerability scanning tools Supports Level I Security Engineers with service request and incident tickets, as needed Supports Level I Security Engineers with system changes, as needed Handles service request and incident tickets pertaining to security systems Reviews system alerts and responds in accordance with established procedures (e.g. triage, mitigate, and escalate) Researches, tests and presents proposed security system changes to IT and Business leadership Conducts security system changes in accordance with the change management process Collaborates with external parties (e.g. vendor support, professional services and others) to maintain security technologies Monitors cases, tickets, and incidents opened with vendor support to ensure timely response and remediation Applies upgrades, patches, and other configurations in support of the patch management and vulnerability management processes Maintains the team's written documentation (e.g. diagrams, procedures, and other system information) for the Company's security systems Administrative Participates in rotating on-call schedule representing the Security Engineering team Mentors other team members and supports cross-training Communicates security concerns to management in a timely manner Completes training related to this position, as assigned, in a timely manner Pursues IT and/or Security certifications relevant to this position Takes initiative and responsibility for achieving desired results Performs other duties as assigned Qualifications Education and/or Experience Minimum of six (6) years of experience in information technology, network engineering, or security engineering (required) Bachelor's degree in a related field (preferred) Direct experience administering security systems such as: endpoint protection, network access control, web content filtering, data loss prevention, vulnerability scanners, and firewalls (required) Experience in operational roles supporting of IT systems, networks, or applications and direct experience conducting basic troubleshooting steps, documenting tickets, and communicating with end-users (required) Certifications CompTia A+, Security+, Network+, or other baseline security related certifications (required) CISSP, SSCP, CEH, or other intermediate security related certifications (preferred) Other Qualifications (including physical requirements) Must be willing to periodically work non-standard hours and be on call Intermediate understanding of common enterprise operating systems, database systems, and networks Basic understanding of cloud computing architecture and cloud services Baseline knowledge of security technology landscape and emerging security technology Working knowledge of Microsoft Windows operating systems for advanced troubleshooting techniques Ability to read and interpret documents and follow written or verbal instructions Ability to transform technical details and processes into written instructions, playbooks and procedures Ability to conduct oral and written communication and present, in a professional manner, to internal and external parties Ability to prioritize assignments while working on multiple projects Ability to manage their own time with awareness to escalate issues promptly and with focused on meeting SLA targets Ability to work independently with limited supervision Possesses service-oriented mindset and strong customer service skills Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Activities, duties and responsibilities may change at any time with or without notice. Equal Employment Opportunity Information: Simmons First National Corporation and its subsidiaries are committed to a policy of equal employment with respect to a person's race, color, religion, sex, ancestry, sexual orientation, gender identity, national origin, covered veterans, military status, physical or mental disability or any other legally protected classifications.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************