Cyber security analyst jobs in Beaverton, OR - 46 jobs

Job Details:Job Description: Our Government Information Techology and Security (GITS) Team is looking for a talented and motivated individual with strong technical skills and the ability to rapidly learn new technologies. We are growing our Hybrid Cloud solution suite to meet US Government requirements for data safeguarding. Information Security Engineers within GITS are actively involved in the following: Identifies, develops, plans, implements, and supports enterprise security systems using Agile methodologies and DevOps principles to improve and grow our secure solutions to enhance Intel Federal's capabilities with a constant focus on security. Creates solutions in partnership with enterprise architecture to design security measures (from infrastructure to software) that safeguard sensitive data, protect confidentiality and availability, and enable compliance with security policies and regulatory requirements for the enterprise and USG regulations and standards. Partners with system engineers, network engineers, database administrators, and information security personnel in support, integration, development, and lifecycle management. Develops and validates functional requirements and identifies gaps or risks to meet business and security outcomes. Reviews health measures for various functional performance components of platform, applications, controls, and appliances and supports key security systems, responds to security events, and troubleshoots and proactively discovers security issues across the enterprise. Validates security controls are working as designed (validation and/or efficacy) to ensure effective security measures. Develops new and/or updates existing controls that limit the risk exposure for the company and optimizes security system performance. Researching new security and information technology trends in enterprise applications, networks, and systems to understand and drive strategic plans, forward engineering, upgrades, and changes while influencing vendors to drive bug resolution, product feature enhancement, and key security improvements. Works to identify, design, test, document, and implement internal process improvements such as automating manual processes, optimization of data delivery, elimination of technical debt, and support/administration of key security control systems. Supports lifecycle management of systems, software, and infrastructure. Behavioral Traits Passion for Information Security. Customer service and stakeholder management skills, including experience in setting and managing user and stakeholder expectations is a must in this role. We partner closely with the Intel Federal business teams to ensure we can prioritize and deliver key IT solutions to the business. Strong interpersonal, analytical, problem solving, negotiating, influencing, facilitation, organizational, prioritization, decision making and conflict resolution skills. Strong team player who works both independently and collaboratively with peers and teams. Qualifications: Minimum qualifications are required to be initially considered for this position. Preferred qualifications are in addition to the minimum requirements and are considered a plus factor in identifying top candidates. Requirements listed would be obtained through a combination of industry relevant job experience, internship experiences and / or schoolwork/classes/research. Minimum Qualifications U.S. Citizenship. Bachelor's degree in computer science, Information Security, or related Information Technology field with 3+ years of relevant experience. 3+ years of experience in Information Security. 1+ year of experience working in an environment that supports Controlled Unclassified Information (CUI) or International Traffic in Arms Regulations (ITAR) data. 3+ years of experience with script writing for automation and integration (e.g. PowerShell, .Net, Python, etc.) 1+ year of Identity Access Management experience. (e.g. Entra ID or other IAM tools) 1+ year Azure or AWS Hosted Cloud environment experience. Preferred Qualifications: Track record of excellent customer Service and Support skills - Independently troubleshoots for successful problem resolution. MS Azure Government Cloud and Amazon Web Services GovCloud solutions deployment experience desired. 1+ year of experience working with NIST Special Publication 800-171 and/or 800-53 compliance standards. 1+ year of experience working with NIST 800- 171A readiness assessment procedures. Willingness to quickly ramp up on online data solutions - quickly applying trusted technologies across on-premises, cloud, and hybrid cloud environments. Experience using Privilege Access Management (PAM) or similar tools. Windows and Linux OS and application operations support, administration, security configuration and monitoring. Security certifications are an advantage (CISSP, CISM, CEH, CCNA, etc.) Experience working with applications such as SCOM, BigFix, Azure Security Center and Antivirus configuration. Experience with Datacenter management operations such as servers/hardware handling, installation, configuration, decom and general support. Experience with Agile Scrum and/or Kanban project management methodologies. Scaled Scrum, SAFe, or other scaled Agile framework approaches to manage operations, engineering and development workloads. Job Type:Experienced HireShift:Shift 1 (United States of America) Primary Location: US, Oregon, HillsboroAdditional Locations:US, Arizona, Phoenix, US, California, Folsom, US, Virginia, FairfaxBusiness group:Posting Statement:All qualified applicants will receive consideration for employment without regard to race, color, religion, religious creed, sex, national origin, ancestry, age, physical or mental disability, medical condition, genetic information, military and veteran status, marital status, pregnancy, gender, gender expression, gender identity, sexual orientation, or any other characteristic protected by local law, regulation, or ordinance.Position of TrustN/ABenefits We offer a total compensation package that ranks among the best in the industry. It consists of competitive pay, stock bonuses, and benefit programs which include health, retirement, and vacation. Find out more about the benefits of working at Intel. Annual Salary Range for jobs which could be performed in the US: $105,300.00-206,510.00 USDThe range displayed on this job posting reflects the minimum and maximum target compensation for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific compensation range for your preferred location during the hiring process. Work Model for this Role This role will require an on-site presence. * Job posting details (such as work model, location or time type) are subject to change.

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $184,000/year to $257,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Specialist Director, MAST Application Penetration Testing Lead to join our Managed Services practice. Responsibilities: * Lead the strategic delivery of Managed Application Security Testing (MAST) services, ensuring alignment with client objectives and industry best practices * Execute go-to-market (GTM) strategies for MAST offerings, collaborating with cross-functional teams to drive market penetration and revenue growth * Oversee the design and implementation of scalable security testing frameworks across diverse application environments, including cloud-native and hybrid architectures * Provide subject matter expertise in application security, guiding clients through risk assessments, remediation planning, and secure development lifecycle integration * Build and maintain strong client relationships, serving as a trusted advisor and ensuring high levels of satisfaction and retention * Mentor and lead a team of security professionals, fostering a culture of innovation, accountability, and continuous improvement * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum eight years of recent experience in application security, penetration testing, or related cybersecurity domains, with at least three years in a leadership or director-level role * Master's degree from an accredited college or university in cybersecurity, computer science, or related field is preferred; Bachelor's degree from an accredited college or university is required * Deep understanding of application security testing methodologies, tools (for example, DAST, SAST, IAST), and secure SDLC practices * Proven experience developing and executing GTM strategies for security services or technology solutions * Strong client-facing skills with the ability to communicate complex technical concepts to non-technical stakeholders * Excellent verbal/written communication, presentation, and analytical skills * Ability to travel as required * Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future; KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $153700 - $319000 KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

TITLE: N/A JOB CODE: FLSA: Exempt SALARY GRADE: 7 CATEGORY: Full-time UNION REPRESENTATION: NA SCHEDULE: Hybrid SUPERVISORY ROLE Y/N: 11.2025 The Information Security Analyst I plays a critical role in safeguarding the organization's systems and information assets. This position supports the development and implementation of security strategies, tools, and guidelines to protect against unauthorized access, data breaches, and system disruptions. Responsibilities include monitoring and responding to Information Security-related alerts, supporting audit and risk assessment activities, evaluating internal controls, and recommending improvements to enhance security posture. The analyst assists in migrating non-compliant environments to meet regulatory standards and ensures adherence to data protection laws and banking industry compliance requirements. This role is foundational to maintaining the confidentiality, integrity, and availability of sensitive financial data and supporting the organization's overall cybersecurity framework. ESSENTIAL DUTIES Identity and Access Management Support access provisioning, modification, and termination processes to ensure timely and secure access control. Conduct administrator activity and user access reviews across IT systems, including privileged access audits and firewall/cloud app usage monitoring. Maintain asset and access inventories, perform recurring audits of critical systems, and reconcile against endpoint and network tools. Security Monitoring and Incident Response Monitor and respond to alerts from SIEM, IDS, firewalls, and endpoint protection systems. Conduct vulnerability scans, track remediation efforts, and facilitate related meetings. Maintain readiness for incident response activation, including participation in tabletop exercises. System Administration and Tool Management Administration of cloud computing environments, conditional access, and guest provisioning following established best practices. Manage software controls, browser extensions, and patching processes. Administer security camera system and ensure system uptime. Administer Mobile Device Management system. Threat Intelligence and Continuous Improvement Stay informed on emerging threats in the banking sector and contribute to threat intelligence reporting. Research and test new security tools, controls, and AI applications to enhance the Bank's security posture. Correctly identify true and false positives in alerting systems and tune these systems for continuous improvement. Security Awareness and Training Support phishing simulations and training campaigns, track completion, and report metrics to management. Documentation and Reporting Log findings, remediation efforts, and audit results in a structured ticketing system. Assist with vendor management program administration and reporting. Data Protection and Compliance Ensure compliance with GLBA, FFIEC, and other applicable regulations through log retention, configuration management oversight, and DLP monitoring. Administer data classification tools and respond to violations involving PII or sensitive data. Audit VPN usage and test controls across email, endpoint, and network security platforms. Completes mandatory compliance training in accordance with established deadlines. The position performs duties specific to the position and other functions as assigned. ROLE COMPETENCIES/SKILLS Attention to Detail Collaboration & Communication Diversity & Inclusion Execution & Ownership Time Management Compliance Innovation Systems Thinking Data Analysis & Management Information Security Network Operations Critical Thinking Consulting Analytical Thinking ENVIRONMENT, PHYSICAL & MENTAL ACTIVITIES The incumbent is in a non-confined office-type setting in which they are free to move about at will. It may include some minor annoyances such as noise, odors, drafts, etc. For Hybrid and Remote roles, work may also be performed away from BSB worksites depending on the position and requirements. For Hybrid/Remote work, employees are required to have an environment when working at home that has a dependable, high-speed internet connection and environment conducive to frequent phone or internet calls where private, confidential or other information is not visible, able to be overheard, or physically or electronically accessible to anyone else. The incumbent in the course of performing this position spends time writing, typing, speaking, listening, lifting (up to 10 pounds), driving, carrying, seeing (such as close, color and peripheral vision, depth perception and adjusted focus), sitting, pulling, walking, standing, squatting, kneeling and reaching. The incumbent for this position may operate any or all of the following: personal computer, cellular telephone, printer, fax, and other standard office equipment. The incumbent in this position must be able to accommodate reading documents or instruments, detailed work, problem solving, customer contact, reasoning, math, language, presentations, verbal and written communication, analytical reasoning, stress, multiple concurrent tasks and constant interruptions. The work environment characteristics, physical and mental demands described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. POSITION REQUIREMENTS Minimum Qualifications Bachelor's degree in Information Technology, Cybersecurity, or a related field, or equivalent combination of education and experience. 5 years of professional experience in IT support or related technical roles. Foundational understanding of cybersecurity principles, including access control, endpoint protection, and network monitoring. Familiarity with Microsoft 365, Active Directory, and basic system administration tasks. Ability to conduct audits, manage tickets, and document findings accurately. Strong analytical and troubleshooting skills. Effective communication skills and ability to collaborate across departments. Preferred Qualifications Bachelor's degree in Information Technology, Cybersecurity, or a related field. Experience with banking industry compliance standards (e.g., GLBA, FFIEC). Hands-on experience with security tools such as SIEM, DLP, IDS/IPS, EDR, Email Filtering, and Firewalls. Exposure to vulnerability management platforms and identity/access management processes. Familiarity with Microsoft cloud services and Mobile Device Management. Experience supporting or administering phishing simulations, security awareness programs, or similar efforts. Knowledge of vendor management platforms and data classification tools. Management reserves the right to change this position description at any time according to business needs. #LI_Hybrid

Rajesh KRG Technologies Inc. 25000 | Avenue Stanford | Suite 253 | Valencia, CA 91355 rajesh.b at krgtech.com / ************ EXT- 514 Job Description : General Cryptography (symmetric algorithms like AES, DES and asymmetric or public crypto like RSA, EC) Experience of open security suites like Openssl, embed TLS, Elgamal or other opensource secure communication packages which export general crypto api's (e.g. Open SSL, Elgamal) Public key and private key concepts Programming in ‘C' Preferred: Basic kernel driver development concepts, linux Userspace Desirable : DRM's, NOCS, Nagra Additional Information All your information will be kept confidential according to EEO guidelines.

Job Description Let's do great things, together! About Moda Founded in Oregon in 1955, Moda is proud to be a company of real people committed to quality. Today, like then, we're focused on building a better future for healthcare. That starts by offering outstanding coverage to our members, compassionate support to our community and comprehensive benefits to our employees. It keeps going by connecting with neighbors to create healthy spaces and places, together. Moda values diversity and inclusion in our workplace. We aim to demonstrate our commitment to diversity through all our business practices and invite applications from candidates that share our commitment to this diversity. Our diverse experiences and perspectives help us become a stronger organization. Let's be better together. Position Summary The Operations Analyst is a technical role within Moda's Information Security team and will play a vital role in keeping the organization's proprietary and sensitive information secure. This position works interdepartmentally to investigate issues, identify and correct flaws in security systems, solutions, and programs, and recommend measures to improve the company's overall security posture. Acting as a liaison between Security and IT management, the analyst assists IT strategy and architecture design from a security perspective and identifies issues, concerns, or recommendations as the organization grows its technology infrastructure and processes. This is a FT WFH position. Pay Range $70,496.52 - $91,647.55 annually (depending on experience) *This role may be classified as hourly (non-exempt) depending on the applicant's location. Actual pay is based on qualifications. Applicants who do not exceed the minimum qualifications will only be eligible for the low end of the pay range. Please fill out an application on our company page, linked below, to be considered for this position. ************************** GK=27768922&refresh=true Benefits: Medical, Dental, Vision, Pharmacy, Life, & Disability 401K- Matching FSA Employee Assistance Program PTO and Company Paid Holidays Required Skills, Experience & Education: Bachelor's or master's in Computer Science, Information Security, Cybersecurity, or a related field. 5+ years of experience as a security operations analyst or in related fields such as IT audit, enterprise risk management, penetration testing, or red team/incident response. Experience with common security tools such as SIEM platforms, EDR solutions, and cloud platforms (e.g., Microsoft Azure, Amazon AWS). Knowledge of Microsoft Azure configuration and management is highly desirable. 3+ years of experience with regulatory compliance and information security management frameworks (e.g., HIPAA, NIST, IS0 27000, or COBIT). Strong documentation and reporting skills, including the ability to record security events, investigations, and recommendations for technical and non-technical audiences. Excellent collaboration and communication skills with the ability to influence and work effectively across cross-functional teams. Industry recognized cybersecurity certification (e.g., CISSP, CISM, CompTIA Security+) preferred. Primary Functions: Defend against cybersecurity incidents and identify, analyze, communicate, and contain incidents as they occur. Monitor systems and networks for security alerts, notifications, and issues including patching and update process issues and investigate and document any security issues or events that may occur. Own and drive the investigation of security events and other cybersecurity incidents including review, triage, and response to alerts and notifications. Take a lead role in the documentation of security events and incidents and the assessment of the damage they cause. Review threat intelligence and analyze the current threat landscape and apply threat analysis to Moda's infrastructure systems and networks to identify and address vulnerabilities or exploitable attack paths. Build and drive proactive threat hunting programs including detailed threat analysis of exploitable vulnerabilities leading to actionable remediation plans. Work with IT resources and architects to develop and implement cloud security strategies to facilitate migration of key assets into a public cloud hosted environment. Advise on installation and configuration of security controls, systems, and software to protect systems and information infrastructure and recommend enhancements based on compliance requirements and industry best practices. Work with IT and Security leadership to perform tests or support external testing such as network penetration tests, vulnerability testing, and disaster response failover tests to uncover network vulnerabilities. Advise on installation and configuration of security controls, systems, and software to protect systems and information infrastructure and recommend enhancements based on compliance requirements and industry best practices. Take a proactive and operational role in creating the best practices for IT security companywide. Support cybersecurity risk assessment activities. Work with both Security and IT management to ensure security policies and goals are met in infrastructure and development contexts. Stay current on IT security trends and news including evolving standards. Collaborate and communicate effectively with cross functional colleagues at all levels. Other duties as assigned. Working Conditions: Remote office environment with extensive close PC and keyboard use, constant sitting, and frequent phone communication. Must be able to navigate multiple computer screens. A reliable, high-speed, hard-wired internet connection required to support remote or hybrid work. Must be comfortable being on camera for virtual training and meetings. Work in excess of standard workweek, including evenings and occasional weekends, to meet business need. Internally with all departments. Externally with auditors, clients, technology partners, and other various entities. Together, we can be more. We can be better. Moda Health seeks to allow equal employment opportunities for all qualified persons without regard to race, religion, color, age, sex, sexual orientation, national origin, marital status, disability, veteran status or any other status protected by law. This is applicable to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absences, compensation, and training. For more information regarding accommodations, please direct your questions to Kristy Nehler & Danielle Baker via our ***************************** email.

As an Application Security Engineer, you'll help drive Concora Credit's Mission to enable customers to Do More with Credit - every single day. The impact you'll have at Concora Credit: We are seeking a highly skilled Application Security Engineer to strengthen our application and product security posture across web, mobile, and cloud-based platforms. The ideal candidate will have deep hands-on experience in secure application development practices, threat modeling, and vulnerability management - with a proven track record of sustained collaboration and communication with development teams and supporting security programs within the financial services industry and PCI DSS compliance environments. The candidate's success will be dependent on their ability to Integrate with multiple teams and be a collaborative and guiding presence. We hire people, not positions. That's because, at Concora Credit, we put people first, including our customers, partners, and Team Members. Concora Credit is guided by a single purpose: to help non-prime customers do more with credit. Today, we have helped millions of customers access credit. Our industry leadership, resilience, and willingness to adapt ensure we can help our partners responsibly say yes to millions more. As a company grounded in entrepreneurship, we're looking to expand our team and are looking for people who foster innovation, strive to make an impact, and want to Do More! We're an established company with over 20 years of experience, but now we're taking things to the next level. We're seeking someone who wants to impact the business and play a pivotal role in leading the charge for change. Responsibilities As our Application Security Engineer, you will: Collaborate daily with development and project teams, assisting developers and architects to ensure compliance with established security standards and secure design principles. Identify, prioritize, and mitigate vulnerabilities based on OWASP Top 10, SANS CWE Top 25, and industry best practices. Lead application security assessments and reviews for web, mobile, and API-based systems throughout the SDLC. Collaborate with internal DevOps and other Dev teams to integrate, manage, and report on automated vulnerability scanning, SAST, DAST, and SCA platforms both as stand-alone tools and within CI/CD pipelines. Partner with DevOps and engineering teams to embed security controls early in the development process (“shift left”). Conduct secure code reviews and support developers in understanding and remediating findings. Conduct and coordinate penetration tests for internal systems and web and mobile applications to validate vulnerability findings and assess real-world exploitability. Champion secure coding practices and deliver targeted security training and awareness to engineering teams. Perform threat modeling and risk assessments for new applications and system changes. Support and maintain PCI DSS compliance as it relates to application security and data protection. Collaborate with infrastructure and cloud security teams to ensure consistent protection across the technology stack. Contribute to continuous improvement of the organization's secure SDLC and AppSec frameworks. These duties must be performed with or without reasonable accommodation. We know experience comes in many forms and that many skills are transferable. If your experience is close to what we're looking for, consider applying. Diversity has made us the entrepreneurial and innovative company that we are today. Qualifications Requirements: 3-5 years of experience in Application Security, Secure Software Development, or related fields. Solid understanding of OWASP Top 10, secure coding standards, vulnerability management, penetration testing methodologies, and common web/mobile vulnerabilities. Hands-on experience with security testing tools (e.g. Sonarqube, Tenable WAS, Burp Suite, OWASP ZAP, Veracode, or similar). Experience integrating AppSec tools into DevOps pipelines (Azure DevOps, Git, etc.). Experience performing or managing web application penetration tests using tools such as Burp Suite, OWASP ZAP, or manual techniques aligned with OWASP Testing Guide. Strong familiarity with PCI DSS and other financial regulatory compliance frameworks. Practical knowledge of web technologies (REST, JavaScript, HTML5, CSS, JSON) and at least one modern programming language (e.g., Java, C#, Python, JavaScript, Swift). Experience securing mobile applications (iOS and Android) through static and dynamic analysis. Excellent communication skills and ability to work cross-functionally with engineering and compliance teams. What's In It For You: Medical, Dental and Vision insurance for you and your family Relax and recharge with Paid Time Off (PTO) 6 company-observed paid holidays, plus 3 paid floating holidays 401k (after 90 days) plus employer match up to 4% Pet Insurance for your furry family members Wellness perks including onsite fitness equipment at both locations, EAP, and access to the Headspace App We invest in your future through Tuition Reimbursement Save on taxes with Flexible Spending Accounts Peace of mind with Life and AD&D Insurance Protect yourself with company-paid Long-Term Disability and voluntary Short-Term Disability Concora Credit provides equal employment opportunities to all Team Members and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Employment-based visa sponsorship is not available for this role. Concora Credit is an equal opportunity employer (EEO). Please see the Concora Credit Privacy Policy for more information on how Concora Credit processes your personal information during the recruitment process and, if applicable, based on your location, how you can exercise your privacy rights. If you have questions about this privacy notice or need to contact us in connection with your personal data, including any requests to exercise your legal rights referred to at the end of this notice, please contact caprivacynotice@concoracredit.com.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Category Engineering Hire Type Employee Job ID 13881 Base Salary Range $129000-$193000 Remote Eligible No Date Posted 08/01/2026 We Are: At Synopsys, we drive the innovations that shape the way we live and connect. Our technology is central to the Era of Pervasive Intelligence, from self-driving cars to learning machines. We lead in chip design, verification, and IP integration, empowering the creation of high-performance silicon chips and software content. Join us to transform the future through continuous technological innovation. You Are: You are a proactive and analytical Cyber Security Engineer who thrives on challenges and is passionate about safeguarding complex digital environments. With a strong background in vulnerability management and a deep understanding of enterprise security, you excel at identifying, assessing, and remediating vulnerabilities across diverse infrastructures. Collaboration is second nature to you; you engage effectively with teams across geographies and cultures, building strong partnerships to drive security initiatives forward. Your communication skills enable you to articulate risks, propose solutions, and influence decision-makers at all levels. With a strong sense of ownership, you are comfortable working independently and taking initiative, yet you also thrive in dynamic, fast-paced environments where teamwork is key. If you are eager to make a measurable impact on the security posture of a global technology leader, Synopsys is the place for you. We are currently hiring for our Hillsboro, Oregon office; however, we are also accepting applications from candidates interested in joining our offices located in Austin, Texas or Morrisville, North Carolina. What You'll Be Doing: * Managing the end-to-end vulnerability life cycle, from initial discovery through resolution and closure. * Leading the development, maintenance, and enhancement of vulnerability management data and reporting platforms for enterprise-wide visibility. * Designing and implementing comprehensive reports and dashboards tailored to demonstrate assessment scope, remediation progress, and risk posture for various stakeholders. * Conducting in-depth vulnerability assessments to identify weaknesses, recommend countermeasures, and deliver timely, actionable reports to key stakeholders. * Driving automation initiatives to streamline vulnerability management processes and improve operational efficiency. * Monitoring vulnerability disclosure mailing lists and threat intelligence feeds to proactively assess emerging threats relevant to Synopsys infrastructure and applications. * Contributing to the ongoing strategic direction and maturity of Synopsys' vulnerability management capabilities. * Supporting compliance and risk management efforts by recommending security controls and corrective actions to mitigate identified vulnerability risks. The Impact You Will Have: * Strengthening Synopsys' security posture by proactively identifying and mitigating vulnerabilities across a global infrastructure. * Increasing stakeholder confidence with clear, actionable, and timely communication of security risks and remediation efforts. * Driving alignment between technical teams, risk management, and compliance through collaborative solutions and best practices. * Reducing the organization's exposure to evolving threats by staying ahead of the latest vulnerability disclosures and threat intelligence. * Supporting Synopsys' mission to deliver secure, high-performance products and services to customers worldwide. What You'll Need: * Bachelor's degree in Computer Science, Information Systems, Electrical Engineering, or equivalent experience. * 5+ years of experience designing and implementing vulnerability management programs in large, global enterprise environments. * Strong data analytics skills with the ability to analyze large datasets and proficiency in using databases/data warehouses and visualization tools (e.g., Grafana, Power BI, Tableau, or similar). * Extensive hands-on experience with enterprise vulnerability scanning tools such as Rapid7 Nexpose, Qualys, Tenable Nessus, and Unified Vulnerability Management (UVM) solutions. * Proven experience managing vulnerabilities in cloud environments, including GCP, AWS, and Azure. * Familiarity with security testing tools (e.g., Kali/Metasploit, Burp Suite) and a solid understanding of common computer weaknesses, exploits, and configuration issues. * Proficiency in using the Common Vulnerability Scoring System (CVSS) for vulnerability assessment and prioritization. * Experience with software development and scripting languages (such as Python, Bash, or PowerShell) to automate workflows and processes. Candidates must be U.S. citizens residing in the United States to meet federal regulations. Who You Are: * A strategic thinker with exceptional problem-solving and analytical skills. * Highly collaborative, with a proven ability to work effectively in cross-functional, geographically distributed teams. * Excellent communicator, able to present complex technical information clearly to both technical and non-technical audiences. * Self-motivated, organized, and able to work independently with minimal supervision. * Adaptable and resilient in dynamic, fast-paced environments. * Committed to continuous learning and staying current on evolving security trends and technologies. The Team You'll Be A Part Of: You'll join the Synopsys Attack Surface Management team, a highly skilled and collaborative group dedicated to identifying and managing security vulnerabilities across the company's global infrastructure, applications, and services. The team values innovation, knowledge sharing, and continuous improvement, working together to proactively defend Synopsys against ever-evolving cyber threats. As part of this team, you'll have the opportunity to shape the future of vulnerability management at Synopsys and make a direct impact on the company's security posture. Rewards and Benefits: We offer a comprehensive range of health, wellness, and financial benefits to cater to your needs. Our total rewards include both monetary and non-monetary offerings. At Synopsys, we want talented people of every background to feel valued and supported to do their best work. Synopsys considers all applicants for employment without regard to race, color, religion, national origin, gender, sexual orientation, age, military veteran status, or disability. In addition to the base salary, this role may be eligible for an annual bonus, equity, and other discretionary bonuses. Synopsys offers comprehensive health, wellness, and financial benefits as part of a competitive total rewards package. The actual compensation offered will be based on a number of job-related factors, including location, skills, experience, and education. Your recruiter can share more specific details on the total rewards package upon request. The base salary range for this role is across the U.S.

We are the movers of the world and the makers of the future. We get up every day, roll up our sleeves and build a better world -- together. At Ford, we're all a part of something bigger than ourselves. Are you ready to change the way the world moves? The Enterprise Cyber Security Cloud Security team is responsible for working with other security and cloud services teams to ensure alignment and collaboration in securing Ford's public cloud infrastructure. The teams work closely together to identify security gaps in the cloud environments and address them. The Cloud Security team is responsible for identifying, evaluating, and recommending cloud security tools and functions to enhance security around Ford's public cloud. The team is also responsible for developing and managing the following Security Services in Ford's public cloud environments: - Cloud Security Automation Development - GCP/Azure Security Compliance - GCP VPC Service Control - GCP Cloud Armor/ Azure WAF **What you'll do...** + Partner with other Cloud Security team members to identify and develop automation for security related workflows and audits (VPC SC, DLP, Exceptions, Org Policy, etc..). + Lead evaluation and develop an understanding of tools needed to address security gaps. + Lead/Collaborate with EPEO Services teams on security gap remediation. **You'll have...** + Bachelor's degree in Computer Science, Information Technology or related OR a combination of education and experience + 5+ years of scripting and automation experience + Proven experience in developing and implementing automation using scripting languages such as + Python, PowerShell, or Go, particularly for API integrations, security tool orchestration, and custom audit scripts. + Solid understanding and practical experience with Git and GitHub for version control, collaborative development, and security automation pipeline management. + Familiarity with CI/CD pipelines and automated deployment tools (e.g., Jenkins, Azure DevOps, GitHub Actions) to integrate security automation into the software development lifecycle. + Knowledge of Infrastructure-as-Code (IaC) principles and tools like Terraform. + Strong knowledge of security best practices and guidelines (at the enterprise-level) related to GCP and Azure Cloud deployments as well as common web application frameworks + Understand the functionality and secure usage of various GCP services: VPCs, IAM, security groups, compute engine, cloud storage, Security Command Center, VPC Service Control, Cloud DLP and Cloud Armor + Customer focused and strong team orientation + Self-starter and fast-learner + Strong communication and interpersonal skills + Strong problem solving and Analytical/Reasoning skills + Strong drive for results and ability to work independently + Demonstrated commitment to quality and project timing + Familiarity with the agile project planning process and use of Rally. + Document processes & procedures and developing other documentation. **Even better, you may have...** + Understand the functionality and secure usage of various Azure services: Virtual Machines, Virtual Networks, Azure Active Directory, App Services, Azure SQL Databases, Storage Accounts, Kubernetes, Containers, Key vaults. You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply! As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder...or all of the above? No matter what you choose, we offer a work life that works for you, including: - Immediate medical, dental, vision and prescription drug coverage - Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more - Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more - Vehicle discount program for employees and family members and management leases - Tuition assistance - Established and active employee resource groups - Paid time off for individual and team community service - A generous schedule of paid holidays, including the week between Christmas and New Year's Day - Paid time off and the option to purchase additional vacation time. For a detailed look at our benefits, click here: ******************************* This position is a range of salary grades 7-8. Visa sponsorship is not available for this position. SOUTHEAST MI RESIDENTS: This role is posted as remote unless you reside within 50 miles of Dearborn, MI-in which case we request on-site presence up to 4 days a week. Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call **************. \#LI-Remote **Requisition ID** : 54783

As an Application Security Engineer, you'll help drive Concora Credit's Mission to enable customers to Do More with Credit - every single day. The impact you'll have at Concora Credit: We are seeking a highly skilled Application Security Engineer to strengthen our application and product security posture across web, mobile, and cloud-based platforms. The ideal candidate will have deep hands-on experience in secure application development practices, threat modeling, and vulnerability management - with a proven track record of sustained collaboration and communication with development teams and supporting security programs within the financial services industry and PCI DSS compliance environments. The candidate's success will be dependent on their ability to Integrate with multiple teams and be a collaborative and guiding presence. We hire people, not positions. That's because, at Concora Credit, we put people first, including our customers, partners, and Team Members. Concora Credit is guided by a single purpose: to help non-prime customers do more with credit. Today, we have helped millions of customers access credit. Our industry leadership, resilience, and willingness to adapt ensure we can help our partners responsibly say yes to millions more. As a company grounded in entrepreneurship, we're looking to expand our team and are looking for people who foster innovation, strive to make an impact, and want to Do More! We're an established company with over 20 years of experience, but now we're taking things to the next level. We're seeking someone who wants to impact the business and play a pivotal role in leading the charge for change. Responsibilities As our Application Security Engineer, you will: Collaborate daily with development and project teams, assisting developers and architects to ensure compliance with established security standards and secure design principles. Identify, prioritize, and mitigate vulnerabilities based on OWASP Top 10, SANS CWE Top 25, and industry best practices. Lead application security assessments and reviews for web, mobile, and API-based systems throughout the SDLC. Collaborate with internal DevOps and other Dev teams to integrate, manage, and report on automated vulnerability scanning, SAST, DAST, and SCA platforms both as stand-alone tools and within CI/CD pipelines. Partner with DevOps and engineering teams to embed security controls early in the development process (“shift left”). Conduct secure code reviews and support developers in understanding and remediating findings. Conduct and coordinate penetration tests for internal systems and web and mobile applications to validate vulnerability findings and assess real-world exploitability. Champion secure coding practices and deliver targeted security training and awareness to engineering teams. Perform threat modeling and risk assessments for new applications and system changes. Support and maintain PCI DSS compliance as it relates to application security and data protection. Collaborate with infrastructure and cloud security teams to ensure consistent protection across the technology stack. Contribute to continuous improvement of the organization's secure SDLC and AppSec frameworks. These duties must be performed with or without reasonable accommodation. We know experience comes in many forms and that many skills are transferable. If your experience is close to what we're looking for, consider applying. Diversity has made us the entrepreneurial and innovative company that we are today. Qualifications Requirements: 3-5 years of experience in Application Security, Secure Software Development, or related fields. Solid understanding of OWASP Top 10, secure coding standards, vulnerability management, penetration testing methodologies, and common web/mobile vulnerabilities. Hands-on experience with security testing tools (e.g. Sonarqube, Tenable WAS, Burp Suite, OWASP ZAP, Veracode, or similar). Experience integrating AppSec tools into DevOps pipelines (Azure DevOps, Git, etc.). Experience performing or managing web application penetration tests using tools such as Burp Suite, OWASP ZAP, or manual techniques aligned with OWASP Testing Guide. Strong familiarity with PCI DSS and other financial regulatory compliance frameworks. Practical knowledge of web technologies (REST, JavaScript, HTML5, CSS, JSON) and at least one modern programming language (e.g., Java, C#, Python, JavaScript, Swift). Experience securing mobile applications (iOS and Android) through static and dynamic analysis. Excellent communication skills and ability to work cross-functionally with engineering and compliance teams. What's In It For You: Medical, Dental and Vision insurance for you and your family Relax and recharge with Paid Time Off (PTO) 6 company-observed paid holidays, plus 3 paid floating holidays 401k (after 90 days) plus employer match up to 4% Pet Insurance for your furry family members Wellness perks including onsite fitness equipment at both locations, EAP, and access to the Headspace App We invest in your future through Tuition Reimbursement Save on taxes with Flexible Spending Accounts Peace of mind with Life and AD&D Insurance Protect yourself with company-paid Long-Term Disability and voluntary Short-Term Disability Concora Credit provides equal employment opportunities to all Team Members and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Employment-based visa sponsorship is not available for this role. Concora Credit is an equal opportunity employer (EEO). Please see the Concora Credit Privacy Policy for more information on how Concora Credit processes your personal information during the recruitment process and, if applicable, based on your location, how you can exercise your privacy rights. If you have questions about this privacy notice or need to contact us in connection with your personal data, including any requests to exercise your legal rights referred to at the end of this notice, please contact caprivacynotice@concoracredit.com.

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

The Security Engineer will focus on hardening and isolating K3s clusters to minimize blast radius in the event of compromise. This includes enforcing Linux security modules (SELinux, AppArmor), leveraging TPM for secure boot and attestation, implementing least privilege across nodes and workloads, and ensuring multi-tenant isolation within hybrid Kubernetes environments (x86, ARM, accelerators). Responsibilities Security Architecture & Policy Enforcement Design and implement security-first cluster configurations for K3s nodes. Enforce mandatory access control (MAC) using SELinux and AppArmor profiles for pods and system services. Integrate TPM-based attestation and secure boot for cluster nodes to ensure trust in hardware and OS integrity. Establish node, pod, and namespace isolation strategies to reduce lateral movement risk. Harden cluster components (API server, etcd, kubelet) following CIS and NSA Kubernetes security benchmarks. Blast Radius Reduction Define and enforce workload sandboxing strategies (seccomp, AppArmor, SELinux contexts, gVisor/Kata if applicable). Configure minimal privilege policies (RBAC, PodSecurityStandards, NetworkPolicies) to ensure least-privilege execution. Implement namespace, node pool, and hardware partitioning to confine workloads and protect sensitive applications. Apply resource quotas, limits, and scheduling constraints to contain denial-of-service blast radius. Integration with Identity & Secrets Management Work with Security team to ensure strong identity, authentication, and authorization models. Integrate TPM-backed secrets storage and HSM/KMS systems for cryptographic operations. Ensure secure distribution of workload secrets with solutions like SealedSecrets, HashiCorp Vault, or SOPS. Runtime & Supply Chain Security Enforce image signing and verification with cosign or Notary. Integrate SBOM scanning and vulnerability management into CI/CD pipelines. Monitor workloads for runtime anomalies (Falco, Cilium Tetragon, or equivalent). Apply kernel hardening measures (seccomp-bpf, kernel lockdown, IMA/EVM with TPM). Monitoring & Incident Response Build observability hooks for security events (audit logs, syscall monitoring, TPM attestations). Define blast radius response runbooks for compromised pods or nodes. Work with SRE and Security teams to test chaos/security drills simulating breaches. Deliverables K3s cluster baseline hardened with SELinux and AppArmor profiles. TPM-enabled secure boot and node attestation pipeline. Enforced PodSecurityStandards and workload sandboxing (seccomp, gVisor/Kata optional). Documentation of isolation strategies (namespaces, node pools, network segmentation). Audit-ready evidence of compliance with CIS/NSA Kubernetes security benchmarks. Security runbooks for containment and blast radius reduction. Required Skills & Experience Strong knowledge of K3s/Kubernetes internals, especially security features. Hands-on experience with SELinux, AppArmor, seccomp, and Linux capabilities. Experience with TPM (Trusted Platform Module) for secure boot and attestation. Deep understanding of Pod Security (PodSecurityPolicies/Standards, OPA/Gatekeeper/Kyverno). Experience implementing RBAC, NetworkPolicies, and workload isolation at scale. Proficiency in Linux kernel security mechanisms and debugging. Familiarity with container runtimes (containerd, CRI-O, gVisor, Kata) and their security implications. Strong background in incident response, forensic data collection, and audit logging in Kubernetes. Nice to Have Contributions to Kubernetes SIG-Security or open-source security tooling. Experience with supply chain security frameworks (SLSA, NIST 800-190). Familiarity with confidential computing (TEE/SGX/SEV) for workload isolation. Hands-on with Cilium Tetragon, Falco, or other runtime security tools. Knowledge of air-gapped deployments and hardened Linux distributions (e.g., Flatcar, Bottlerocket).

Job Description At Pacific Seafood, we do more than just provide the world with the healthiest proteins on the planet. We are a family-owned, excellence-driven organization committed to being the brand of choice in the marketplace and the employer of choice in the community. We believe in servant leadership, investing in our team members' personal and professional growth, and rewarding performance. We live by the core values of our Diamond Philosophy: Teamwork, Productivity, Quality, and Excellence-which means consistently doing your best and always striving to do better. Summary: The Senior Security Engineer at Pacific Seafood is a key role in our information technology team supporting efforts to strengthen, enhance, and protect the security posture of our enterprise environment. This position involves leading security initiatives, monitoring and improving security controls, driving incident response and partnering across IT and business teams and is ideal for someone who is proactive, highly analytical, calm under pressure and passionate about building a security by design culture. Key Responsibilities: 1. Security Engineering & Architecture: Establish, maintain and implement enterprise security best practices, policies and hardening standards Participate in architectural reviews and provide security requirements for new systems, applications, cloud resources and infrastructure Integrate new security technologies into existing environments and ensure secure configuration of all systems 2. Threat Detection & Vulnerability Management: Leverage and centralize all logging platforms Conduct proactive threat hunting, log analysis and behavioral detection reviews Perform vulnerability scanning, prioritization, and remediation planning with cross functional teams 3. Incident Response & Security Operations: Oversee the incident response lifecycle including detection, containment, eradication and recovery Develop incident response playbooks and runbooks, and post-incident review documentation Support endpoint detection and response, antivirus tools, server/endpoint security controls 4. Network, Analysis & Security: New Network Device Detection and Threat Determination Device Anomalous Communication Detection and Remediation Network segmentation strategy Firewall Device and User Policy Determination Other duties as assigned Additional responsibilities may be assigned as deemed necessary to support the overall goals and objectives of the position. What you bring to Pacific Seafood: Required: Bachelor's degree in Computer Science or equivalent professional experience Minimum of five years of related experience in information security or infrastructure security Strong experience with Active Directory, Azure Entra ID, MFA, and identity lifecycle management Hands-on experience with endpoint and server security tools including EDR, anti-virus, and configuration baselines Working knowledge of firewalls, enterprise networking, and network security policies Experience with centralized logging solutions, SIEM tools, and vulnerability scanners Ability to analyze technical and non-technical controls, identify gaps, and propose remediations Experience conducting internal security audits, investigations, and compliance reviews Strong communication, documentation, and problem-solving skills Ability to travel as necessary; valid driver's license Preferred: Experience leading enterprise-wide security projects or architectural reviews Palo Alto Security toolset experience (Strata, IoT, PanOS, Cortex XDR) Experience with Microsoft Exchange, Microsoft Purview, and email security tools Experience with privileged access management (PAM) systems Threat hunting and SIEM rule development experience (Sentinel, LogRhythm, etc.) Security certifications such as CISSP, GSEC, CEH, or equivalent Total compensation: At Pacific Seafood your base wage is only a portion of your overall compensation package. We invest in our Team Members through a comprehensive and attractive total rewards package, including but not limited to: Health insurance benefits options, including medical, prescription, vision, dental, basic group life and short term disability. Flexible spending accounts for health flex and dependent care expenses 401(k) Retirement Plan options with generous annual company profit sharing match Paid time off for all regular FT team members, to include sick days, paid holidays, vacation and personal time Employee Assistance Program- Confidential professional counseling, financial, and legal assistance provided at no charge to Team Members and immediate family members Product purchase program Pacific Seafood is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Powered by JazzHR mBmt6CwGJB

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. **Required Skills:** Security Engineer - IR Threat Intelligence Responsibilities: 1. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 2. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 3. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 4. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems 5. Engage constructively in cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions **Minimum Qualifications:** Minimum Qualifications: 6. 5+ years threat intelligence experience 7. Bachelor's degree or equivalent experience in Security 8. Familiarity with campaign tracking techniques and ability to convert the tracking results to long term countermeasures 9. Familiarity with threat modeling framework, such as Diamond Model or/and MITRE ATT&CK framework 10. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 11. Proven track record of managing and executing on short term and long term projects 12. Ability to work with a team spanning multiple locations/time zones 13. Ability to prioritize and execute tasks with minimal direction or oversight 14. Ability to think critically and qualify assessments with solid communications skills 15. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 16. Experience close collaborating with incident responders on incident investigations 17. Familiarity with malware analysis or network traffic analysis 18. Familiarity with nation-state, sophisticated criminal, or supply chain threats 19. Production of file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 20. Experience in one or more query languages such as SQL 21. Experience writing production code for threat intelligence tooling 22. Experience conducting large scale data analysis 23. Experience working across the broader security community **Public Compensation:** $154,000/year to $217,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Let's do great things, together! About Moda Founded in Oregon in 1955, Moda is proud to be a company of real people committed to quality. Today, like then, we're focused on building a better future for healthcare. That starts by offering outstanding coverage to our members, compassionate support to our community and comprehensive benefits to our employees. It keeps going by connecting with neighbors to create healthy spaces and places, together. Moda values diversity and inclusion in our workplace. We aim to demonstrate our commitment to diversity through all our business practices and invite applications from candidates that share our commitment to this diversity. Our diverse experiences and perspectives help us become a stronger organization. Let's be better together. Position Summary The Operations Analyst is a technical role within Moda's Information Security team and will play a vital role in keeping the organization's proprietary and sensitive information secure. This position works interdepartmentally to investigate issues, identify and correct flaws in security systems, solutions, and programs, and recommend measures to improve the company's overall security posture. Acting as a liaison between Security and IT management, the analyst assists IT strategy and architecture design from a security perspective and identifies issues, concerns, or recommendations as the organization grows its technology infrastructure and processes. This is a FT WFH position. Pay Range $70,496.52 - $91,647.55 annually (depending on experience) *This role may be classified as hourly (non-exempt) depending on the applicant's location. Actual pay is based on qualifications. Applicants who do not exceed the minimum qualifications will only be eligible for the low end of the pay range. Please fill out an application on our company page, linked below, to be considered for this position. ************************** GK=27768922&refresh=true Benefits: Medical, Dental, Vision, Pharmacy, Life, & Disability 401K- Matching FSA Employee Assistance Program PTO and Company Paid Holidays Required Skills, Experience & Education: Bachelor's or master's in Computer Science, Information Security, Cybersecurity, or a related field. 5+ years of experience as a security operations analyst or in related fields such as IT audit, enterprise risk management, penetration testing, or red team/incident response. Experience with common security tools such as SIEM platforms, EDR solutions, and cloud platforms (e.g., Microsoft Azure, Amazon AWS). Knowledge of Microsoft Azure configuration and management is highly desirable. 3+ years of experience with regulatory compliance and information security management frameworks (e.g., HIPAA, NIST, IS0 27000, or COBIT). Strong documentation and reporting skills, including the ability to record security events, investigations, and recommendations for technical and non-technical audiences. Excellent collaboration and communication skills with the ability to influence and work effectively across cross-functional teams. Industry recognized cybersecurity certification (e.g., CISSP, CISM, CompTIA Security+) preferred. Primary Functions: Defend against cybersecurity incidents and identify, analyze, communicate, and contain incidents as they occur. Monitor systems and networks for security alerts, notifications, and issues including patching and update process issues and investigate and document any security issues or events that may occur. Own and drive the investigation of security events and other cybersecurity incidents including review, triage, and response to alerts and notifications. Take a lead role in the documentation of security events and incidents and the assessment of the damage they cause. Review threat intelligence and analyze the current threat landscape and apply threat analysis to Moda's infrastructure systems and networks to identify and address vulnerabilities or exploitable attack paths. Build and drive proactive threat hunting programs including detailed threat analysis of exploitable vulnerabilities leading to actionable remediation plans. Work with IT resources and architects to develop and implement cloud security strategies to facilitate migration of key assets into a public cloud hosted environment. Advise on installation and configuration of security controls, systems, and software to protect systems and information infrastructure and recommend enhancements based on compliance requirements and industry best practices. Work with IT and Security leadership to perform tests or support external testing such as network penetration tests, vulnerability testing, and disaster response failover tests to uncover network vulnerabilities. Advise on installation and configuration of security controls, systems, and software to protect systems and information infrastructure and recommend enhancements based on compliance requirements and industry best practices. Take a proactive and operational role in creating the best practices for IT security companywide. Support cybersecurity risk assessment activities. Work with both Security and IT management to ensure security policies and goals are met in infrastructure and development contexts. Stay current on IT security trends and news including evolving standards. Collaborate and communicate effectively with cross functional colleagues at all levels. Other duties as assigned. Working Conditions: Remote office environment with extensive close PC and keyboard use, constant sitting, and frequent phone communication. Must be able to navigate multiple computer screens. A reliable, high-speed, hard-wired internet connection required to support remote or hybrid work. Must be comfortable being on camera for virtual training and meetings. Work in excess of standard workweek, including evenings and occasional weekends, to meet business need. Internally with all departments. Externally with auditors, clients, technology partners, and other various entities. Together, we can be more. We can be better. Moda Health seeks to allow equal employment opportunities for all qualified persons without regard to race, religion, color, age, sex, sexual orientation, national origin, marital status, disability, veteran status or any other status protected by law. This is applicable to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absences, compensation, and training. For more information regarding accommodations, please direct your questions to Kristy Nehler & Danielle Baker via our ***************************** email.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************