Cyber Security Analyst Jobs in Cambridge, MA

About UFP MedTech: UFP Technologies is a designer and custom manufacturer of comprehensive solutions for medical devices, sterile packaging, and other highly engineered custom products. UFP is an important link in the medical device supply chain and a valued outsource partner to most of the top medical device manufacturers in the world. The Company's single-use and single-patient devices and components are used in a wide range of medical devices and packaging for minimally invasive surgery, infection prevention, wound care, wearables, orthopedic soft goods, and orthopedic implants. UFP Technologies, Inc. offers a competitive benefits package, including but not limited to: * Medical, Dental, Vision, Life, Disability Insurance * 401K with a matching contribution * Paid time off, Paid holidays, Employee discounts and much more! Location: Must live within commutable distance to UFP's Corporate Headquarters in Newburyport, MA. This position is on-site in Newburyport, MA. Qualified applicants must be eligible to work in the United States to be considered for this opportunity. Employment based visa sponsorship (including H-1B sponsorship) is not available for this position. Cyber Security Analyst Summary: The Cyber Security Analyst is responsible for assisting with the day-to-day operations of securing the firm's various information systems. The Cyber Security Analyst is tasked with providing technical expertise in all areas of network, system, and application security. Works closely with the various team members in the Information Technology department to ensure that systems and networks are always designed, developed, deployed, and managed with an emphasis on strong, effective security and risk management controls. The Cyber Security Analyst leads the firm's vulnerability management program, manages the annual cybersecurity assessments and penetration tests, and researches and reports on emerging threats to help the firm take pre-emptive risk mitigation steps. Effectively correlates and analyzes security events within UFP's systems environment to proactively detect threats and mitigate attacks before they occur. Cyber Security Analyst Duties and Responsibilities: * Studies evolving threats and other industry developments related to cyber security. * Researches / evaluates emerging cyber security threats and ways to manage them. * Plans for disaster recovery and creates contingency plans in the event of any security breaches. * Monitors for attacks, intrusions and unusual, unauthorized or illegal activity. * Tests and evaluates security products. * Designs new security systems or upgrades existing ones. * Uses advanced analytic tools to determine emerging threat patterns and vulnerabilities. * Runs internal security scans, coordinates mitigation and tracks results. * Investigates security alerts and is a part of the incident response team. * Monitors identity and access management, including monitoring for abuse of permissions by authorized system users. * Liaises with stakeholders in relation to cyber security issues and provides future recommendations. * Generates reports for both technical and non-technical staff and stakeholders. * Maintains an information security risk register and assists with internal and external audits relating to information security. * Creates and conducts employee training programs related to cyber security. * Monitors and mitigates 'phishing' emails and 'pharming' activity including conducting employee training and re-training. * Assists with the creation, maintenance and delivery of cyber security awareness training for colleagues. * Coordinates the creation and maintenance of cyber security policies and standards. * Responds and manages helpdesk tickets related to cyber security. * Coordinates projects related to cyber security such as CMMC certification. * Performs all other duties as assigned or needed. Cyber Security Analyst Qualification Requirements: * Bachelor's in cyber security or related discipline. * Hands-on experience. * 2+ years of systems administration in an active directory environment. * 2+ years of cyber security experience. * Security+ certification. * Experience / familiarity with the following : * IT Security Frameworks (NIST, GDPR, PCI, ISO 27001, CMMC, etc.) * IT Security Tools (Nessus, Kali Linux, Metaspolit, Wireshark, etc.) * Azure / Office 365 * Endpoint, server and network malware detection * SQL Server * SharePoint * ERP systems * Security+ * Scripting language (Powershell, Python, etc.) * Linux To apply for this job please create a profile with us through our online application system. Click the "Apply" box in the upper right-hand corner to start the application process. Or, if you already have a social media account with LinkedIn, Google, or Facebook you can use your log in credentials to apply. UFP Technologies, Inc. is an Equal Opportunity/Affirmative Action employer Minorities/Women/Veterans/Disabled. #UFP #CORP #NBPT

Basic Qualifications Requires a Bachelor's degree in Systems Engineering, or a related Science, Engineering or Mathematics field. Also requires 5+ years of job-related experience, or a Master's degree plus 3 years of job-related experience. Agile experience preferred. CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required. Responsibilities for this Position We are seeking a Systems Security Engineer who has experience in the design and development of NSA-certified Cybersecurity devices. Key Responsibilities: Design and develop specifications for mission-critical NSA-certified Cybersecurity devices Develop real-time multi-threaded Embedded System architecture using Model-based Systems Engineering (MBSE) tools and techniques Collaborate with software and validation engineering teams to deliver high-speed data solutions Analyze and maintain system security requirements throughout product development lifecycle Conduct trade studies, perform functional analysis, and design system security. Preferred Skills and Experiences: NSA approved Cryptography/Encryption Security requirements analysis Real-Time multi-threaded Embedded System architecture and development Model-based Systems Engineering (MBSE) CISSP certification or similar INCOSE ASEP, CSEP, or ESEP certification We value candidates who possess: Drive to expand knowledge and experience in designing complex systems Ability to define project scope, schedule, and expected results Initiative to complete assignments and ability to engage in technical direction and leadership Our Commitment to You: An exciting career path with opportunities for continuous learning and development Research-oriented work with award-winning teams Competitive benefits package #CJ3 Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $133,499.00 - USD $140,000.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Location: This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Alternate locations may be considered. The Senior Azure Cloud Security Analyst is responsible for managing the delivery of information and network security systems and/or technology services, which may include server, desktop, software, network, and database components. How You Will Make An Impact: * Provides trouble resolution on complex problems and leads implementations for system and network security technologies. * Develops testing plans to ensure quality of implementation; coordinates and prepares the reporting of data security events and incidents. * Provides system and network architecture support for information and network security technologies; provides technical support to business and technology associates in risk assessments and implementation of appropriate information security procedures. * Standards and technologies; represents major upgrades and reconfigurations in change control; design & analyze mix of vendor services meeting business and information security requirements; maintains relationship with key vendors. * Leads lights on initiatives to consolidate equipment and/or implement business relocations; determine and perform complex configuration changes to meet business and information security requirements; perform capacity analysis; recommend and implement capacity increases; serve as the technical escalation for results of preventative maintenance routines; supervise preventative maintenance. * Represents infrastructure security support in significant projects and performs the most complex operations and administration tasks; respond to level 3 & 4 change and problem requests without supervision; lead level 1 & 2 incident recoveries and root cause analysis. Minimum Requirements: * Requires a bachelor's degree or equivalent combination of education and experience that would provide the knowledge to perform such work. * Experience must include a minimum of 2 to 3 years experience in a support & operations or design & engineering role in any of the following areas: access management or network security technologies, servers, networks, Network communications, telecommunications, operating systems, middleware, disaster recovery, collaboration technologies, hardware/software support or other infrastructure services role; or any combination of education and experience, which would provide an equivalent background. * Requires experience providing top-tier support for 3 or more of the information security technology areas: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security. Preferred Skills, Capabilities and Experiences: * Technical security certifications (e.g. Systems Security Certified Practitioner) strongly preferred. Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ******************************************** for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.

Up to $105K 25553 Pinnacle Partners is assisting our client in their search for an Information Security Analyst to join their team in the Marlborough, MA area. This successful resource will be responsible for developing and executing IT security strategies and initiatives. RESPONSIBILITIES: Deploy and administer Microsoft Purview to support data protection, classification, and governance Monitor and analyze security alerts and events to identify and respond to threats and vulnerabilities Review and update security policies to address threats and regulatory changes Oversee end-user security awareness programs to promote best practices and reduce risk Track and report key security metrics, incident trends, and compliance status to stakeholders REQUIREMENTS: Bachelor's degree in related field 2-5 years of experience in a Security role Working knowledge of infrastructure, networking protocols, and security frameworks PREFERRED SKILLS: Purview experience Familiarity with securing cloud environments Experience identifying and mitigating security incidents Working knowledge of vulnerability assessment tools Knowledge of security standards and frameworks such as ISO/IEC 27001, NIST CSF Understanding of Governance, RISK, and Compliance GRC frameworks TERMS: This is a direct hire opportunity with a salary up to $105K based on experience. They offer benefits including medical, dental, and vision coverage along with additional perks.

Job Title: Cyber Security Analyst Overture Partners' client has an immediate need for Cyber Security Analyst. To secure an interview for this role, candidates must meet the following criteria: Must Haves: 3+ years in threat hunting, SOC analysis, or cyber threat intelligence Strong grasp of MITRE ATT&CK, kill chain models, and adversary tactics Hands-on experience with SIEM (e.g., CrowdStrike, Sentinel, QRadar) and EDR tools Familiarity with email protection platforms (e.g., Mimecast, Defender) Proficient in Python or PowerShell for scripting and automation Strong analytical and communication skills Preferred Certifications: Security+, CySA+, GSEC, CSA, or SC-200 What the Client Needs you to Do: Your primary responsibilities will include threat hunting, data analysis, and early detection of cyber threats to identify patterns, uncover hidden threats, and improve our overall security posture to protect the organization’s digital assets. Proactively hunt for threats across endpoints, networks, and cloud environments Analyze security telemetry from SIEM, EDR, and other sources to identify anomalies and IOCs Develop and fine-tune detection rules, alerts, and dashboards Conduct investigations into suspicious activity and generate detailed reports Work with threat intel to correlate findings and improve detection methodologies Support vulnerability management and remediation tracking Stay up-to-date with emerging threats and attack techniques

With 80,000 customers across 150 countries, UKG is the largest U.S.-based private software company in the world. And we're only getting started. Ready to bring your bold ideas and collaborative mindset to an organization that still has so much more to build and achieve? Read on. At UKG, you get more than just a job. You get to work with purpose. Our team of U Krewers are on a mission to inspire every organization to become a great place to work through our award-winning HR technology built for all. Here, we know that you're more than your work. That's why our benefits help you thrive personally and professionally, from wellness programs and tuition reimbursement to U Choose - a customizable expense reimbursement program that can be used for more than 200+ needs that best suit you and your family, from student loan repayment, to childcare, to pet insurance. Our inclusive culture, active and engaged employee resource groups, and caring leaders value every voice and support you in doing the best work of your career. If you're passionate about our purpose - people -then we can't wait to support whatever gives you purpose. We're united by purpose, inspired by you. About the Team As a Senior Security and Threat Monitoring Analyst, you will be part of UKG's Global Security Operations Center (GSOC) team investigating events of interest and incidents within UKG's FedRAMP authorized computing environments. About the Role You will facilitate and follow UKG's standard processes to investigate, contain, eradicate, and respond in a continued and unified effort to protect the confidentiality, integrity, and availability of UKG, our partners' and customers' data and services. You will be an escalation point for all incidents, analyzing, confirming, re-prioritizing if necessary and remediating those identified threats within the UKG FedRAMP authorized computing environments. You will leverage your skills, experience, and creativity to perform initial, forensically sound collection and analysis, methodologies to contain, eradicate, and recover from realized threats such as zero-day, ransomware, malware and other APT's. Additionally, you will be responsible for participating in incident response activities as part of the Cyber Incident Response Team (CIRT) or as the Cyber Incident Response Lead (CIRL), providing strong technical and environmental knowledge during the incident. You will lead efforts, post incident, in reporting and continuous improvement recommendations to enhance UKG's security posture through process development, tool rationalization, detection technique and automation enhancement opportunities and enablement/training possibilities. Due to the nature of the work, you are required to have occasional on-call duties on weekends and/or holidays. Additional work hours may also be required during an incident investigation. Responsibilities: * Review tickets escalated from junior analysts to confirm the priority, category and accuracy of the details and conditions. * Pivot to additional security tools to obtain and ascertain context or information and any other pertinent information to inform on the most effective and efficient mitigation/remediation actions. * Escalate tickets as required to GSOC Director for additional scrutiny and incident declaration. * Collaborate with UKG internal and external groups to develop and execute containment, eradication, and recovery strategies for lower priority incidents. * Identify, approve, and implement blocking, listing and other mechanisms to promote a robust security posture. * Participate in the Cyber Incident Response Plan (CIRP) process as part of the Cyber Incident Response Team (CIRT) or as the Cyber Incident Response Lead (CIRL) to lead and/or support mitigating and/or remediating critical incidents. * Participate in post-incident activities including coordinating and providing input within the requisite reports and identifying areas for continuous improvements within the GSOC enablement, processes or technology. * Provide mentoring and enablement of junior analysts globally to expand and extend UKG's GSOC capabilities and experiential capacities. Basic Qualifications: * Working professional with 4-6 years of relevant Security/SOC experience * 4-6 years of experience with common attack vectors on the network layer, different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). * 4-6 years of experience with cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored) and cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). * Working knowledge of FedRAMP requirements, processes and procedures * Bachelor's degree in computer science or a related discipline * CISSP, CCSP, GIAC or other relevant cyber security certifications Preferred Qualifications: * Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). * Knowledge of cybersecurity, incident response methodologies, privacy principles, cyber threats, vulnerabilities, and detection methodologies and techniques for detecting intrusions. * Experience with Splunk, ServiceNow SIR, EDR solutions, email security tools, and cloud environments (GCP, Azure). * Knowledge and experience in reverse engineering to understand how an information asset works and analyzing system components to identify potential vulnerabilities. * Knowledge and experience in developing automations using scripting languages like Python and PowerShell to automate various tasks and improve accuracy, enhance task consistency, and increase scalability. * Knowledge and experience in conducting and participating in security audits and assessments. * Understanding and experience in developing and delivering relevant and value-add operational metrics to support and provide visibility into the GSOC program. * Knowledge of new and emerging cybersecurity technologies, threats, and threat vectors. * Knowledge and experience in designing, executing, and reporting threat hunting activities. * Knowledge and experience around offensive security (ethical hacking) techniques to identify and mitigate/remediate vulnerabilities in the UKG environment. * Knowledge and experience in cyber forensic procedures and how to extract information and generate reports in support of incident response and other advanced requirements. Where we're going UKG is on the cusp of something truly special. Worldwide, we already hold the #1 market share position for workforce management and the #2 position for human capital management. Tens of millions of frontline workers start and end their days with our software, with billions of shifts managed annually through UKG solutions today. Yet it's our AI-powered product portfolio designed to support customers of all sizes, industries, and geographies that will propel us into an even brighter tomorrow! Equal Opportunity Employer UKG is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, disability, religion, sex, age, national origin, veteran status, genetic information, and other legally protected categories. View The EEO Know Your Rights poster UKG participates in E-Verify. View the E-Verify posters here. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. The pay range for this position is $99,800.00 to $143,450.00 USD, however, base pay offered may vary depending on skills, experience, job-related knowledge and location. This position is also eligible for a short-term incentive and a long-term incentive as part of total compensation. Information about UKG's comprehensive benefits can be reviewed on our careers site at ***************************

With 80,000 customers across 150 countries, UKG is the largest U.S.-based private software company in the world. And we're only getting started. Ready to bring your bold ideas and collaborative mindset to an organization that still has so much more to build and achieve? Read on. At UKG, you get more than just a job. You get to work with purpose. Our team of U Krewers are on a mission to inspire every organization to become a great place to work through our award-winning HR technology built for all. Here, we know that you're more than your work. That's why our benefits help you thrive personally and professionally, from wellness programs and tuition reimbursement to U Choose - a customizable expense reimbursement program that can be used for more than 200+ needs that best suit you and your family, from student loan repayment, to childcare, to pet insurance. Our inclusive culture, active and engaged employee resource groups, and caring leaders value every voice and support you in doing the best work of your career. If you're passionate about our purpose - people -then we can't wait to support whatever gives you purpose. We're united by purpose, inspired by you. **About the Team** As a Senior Security and Threat Monitoring Analyst, you will be part of UKG's Global Security Operations Center (GSOC) team investigating events of interest and incidents within UKG's FedRAMP authorized computing environments. **About the Role** You will facilitate and follow UKG's standard processes to investigate, contain, eradicate, and respond in a continued and unified effort to protect the confidentiality, integrity, and availability of UKG, our partners' and customers' data and services. You will be an escalation point for all incidents, analyzing, confirming, re-prioritizing if necessary and remediating those identified threats within the UKG FedRAMP authorized computing environments. You will leverage your skills, experience, and creativity to perform initial, forensically sound collection and analysis, methodologies to contain, eradicate, and recover from realized threats such as zero-day, ransomware, malware and other APT's. Additionally, you will be responsible for participating in incident response activities as part of the Cyber Incident Response Team (CIRT) or as the Cyber Incident Response Lead (CIRL), providing strong technical and environmental knowledge during the incident. You will lead efforts, post incident, in reporting and continuous improvement recommendations to enhance UKG's security posture through process development, tool rationalization, detection technique and automation enhancement opportunities and enablement/training possibilities. Due to the nature of the work, you are required to have occasional on-call duties on weekends and/or holidays. Additional work hours may also be required during an incident investigation. **Responsibilities:** - Review tickets escalated from junior analysts to confirm the priority, category and accuracy of the details and conditions. - Pivot to additional security tools to obtain and ascertain context or information and any other pertinent information to inform on the most effective and efficient mitigation/remediation actions. - Escalate tickets as required to GSOC Director for additional scrutiny and incident declaration. - Collaborate with UKG internal and external groups to develop and execute containment, eradication, and recovery strategies for lower priority incidents. - Identify, approve, and implement blocking, listing and other mechanisms to promote a robust security posture. - Participate in the Cyber Incident Response Plan (CIRP) process as part of the Cyber Incident Response Team (CIRT) or as the Cyber Incident Response Lead (CIRL) to lead and/or support mitigating and/or remediating critical incidents. - Participate in post-incident activities including coordinating and providing input within the requisite reports and identifying areas for continuous improvements within the GSOC enablement, processes or technology. - Provide mentoring and enablement of junior analysts globally to expand and extend UKG's GSOC capabilities and experiential capacities. **Basic Qualifications:** - Working professional with 4-6 years of relevant Security/SOC experience - 4-6 years of experience with common attack vectors on the network layer, different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). - 4-6 years of experience with cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored) and cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). - Working knowledge of FedRAMP requirements, processes and procedures - Bachelor's degree in computer science or a related discipline - CISSP, CCSP, GIAC or other relevant cyber security certifications **Preferred Qualifications:** - Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). - Knowledge of cybersecurity, incident response methodologies, privacy principles, cyber threats, vulnerabilities, and detection methodologies and techniques for detecting intrusions. - Experience with Splunk, ServiceNow SIR, EDR solutions, email security tools, and cloud environments (GCP, Azure). - Knowledge and experience in reverse engineering to understand how an information asset works and analyzing system components to identify potential vulnerabilities. - Knowledge and experience in developing automations using scripting languages like Python and PowerShell to automate various tasks and improve accuracy, enhance task consistency, and increase scalability. - Knowledge and experience in conducting and participating in security audits and assessments. - Understanding and experience in developing and delivering relevant and value-add operational metrics to support and provide visibility into the GSOC program. - Knowledge of new and emerging cybersecurity technologies, threats, and threat vectors. - Knowledge and experience in designing, executing, and reporting threat hunting activities. - Knowledge and experience around offensive security (ethical hacking) techniques to identify and mitigate/remediate vulnerabilities in the UKG environment. - Knowledge and experience in cyber forensic procedures and how to extract information and generate reports in support of incident response and other advanced requirements. **Where we're going** UKG is on the cusp of something truly special. Worldwide, we already hold the #1 market share position for workforce management and the #2 position for human capital management. Tens of millions of frontline workers start and end their days with our software, with billions of shifts managed annually through UKG solutions today. Yet it's our AI-powered product portfolio designed to support customers of all sizes, industries, and geographies that will propel us into an even brighter tomorrow! Equal Opportunity Employer UKG is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, disability, religion, sex, age, national origin, veteran status, genetic information, and other legally protected categories. View The EEO Know Your Rights poster (https:****************************************************************************************** UKG participates in E-Verify. View the E-Verify posters here (https:************************************************************************************ . It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. The pay range for this position is $99,800.00 to $143,450.00 USD, however, base pay offered may vary depending on skills, experience, job-related knowledge and location. This position is also eligible for a short-term incentive and a long-term incentive as part of total compensation. Information about UKG's comprehensive benefits can be reviewed on our careers site at https:******************* (https:*******************) It is the policy of Ultimate Software to promote and assure equal employment opportunity for all current and prospective Peeps without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status entitled to protection under federal, state, or local anti-discrimination laws. This policy governs all matters related to recruitment, advertising, and initial selection of employment. It shall also apply to all other aspects of employment, including, but not limited to, compensation, promotion, demotion, transfer, lay-offs, terminations, leave of absence, and training opportunities.

We are looking for a highly experienced and motivated Senior Security Analyst who is passionate about advanced security monitoring, detection engineering, and threat hunting. As a Senior Security Analyst at DigitalOcean, you will lead and own critical aspects of our security monitoring program, shaping how we detect, respond to, and prevent threats. You will leverage deep expertise to engineer sophisticated detection capabilities, develop comprehensive metrics to measure program effectiveness, and drive continuous improvement across alerting and response functions. You will be a trusted member of Infrastructure Security and will collaborate closely with other cross-functional teams to close detection gaps and elevate the organization's overall security posture. What You'll Be Doing: Lead real-time monitoring, triage, and analysis of complex security events, providing verifiable assessments of threats and incident severity. Engineer advanced detection use cases, leveraging deep knowledge of adversary TTPs to design and implement scalable alerting solutions. Develop, track, and report on key metrics for security monitoring effectiveness and incident response performance, using data to drive improvements. Own and evolve the security monitoring program strategy, ensuring alignment with evolving threat landscapes and business priorities. Perform proactive threat hunting and hypothesis-driven investigations to uncover hidden or emerging threats within DigitalOcean's environments. Mentor and guide lower level analysts, reviewing escalated incidents and providing technical leadership during incident response. Coordinate threat analysis using historical data and architecture diagrams to identify attack vectors. Collaborate with Security and engineering teams to close monitoring gaps and improve overall security. Optimize security tools and processes to reduce false positives, improve detection fidelity, and automate response workflows where appropriate. Lead the creation and maintenance of detailed playbooks, runbooks, and documentation to standardize detection and response efforts. What We'll Expect From You: 5+ years of hands-on experience with SIEM platforms and endpoint detection tools, with proven impact on security monitoring programs. Demonstrated expertise in engineering and tuning complex detection rules and alerting logic across diverse environments. Deep understanding of network and endpoint security, attack methodologies, threat actor tactics, and mitigation strategies. Experience in proactive threat hunting, vulnerability management, and coordinating with red teams or penetration testers. Proven leadership in driving security program initiatives, setting metrics, and influencing cross-team security strategy. Excellent communication skills for technical documentation, incident reporting, and mentoring less experienced analysts. Proven experience with scripting and query languages (Python, Bash, SQL) to automate detection and response workflows. Demonstrated proficiency with operating systems like Linux, Windows, and mac OS. Why You'll Like Working for DigitalOcean: We innovate with purpose. You'll be a part of a cutting-edge technology company with an upward trajectory, who are proud to simplify cloud and AI so builders can spend more time creating software that changes the world. As a member of the team, you will be a Shark who thinks big, bold, and scrappy, like an owner with a bias for action and a powerful sense of responsibility for customers, products, employees, and decisions. We prioritize career development. At DO, you'll do the best work of your career. You will work with some of the smartest and most interesting people in the industry. We are a high-performance organization that will always challenge you to think big. Our organizational development team will provide you with resources to ensure you keep growing. We provide employees with reimbursement for relevant conferences, training, and education. All employees have access to LinkedIn Learning's 10,000+ courses to support their continued growth and development. We care about your well-being. Regardless of your location, we will provide you with a competitive array of benefits to support you from our Employee Assistance Program to Local Employee Meetups to flexible time off policy, to name a few. While the philosophy around our benefits is the same worldwide, specific benefits may vary based on local regulations and preferences. We reward our employees. The salary range for this position is $90,000 - $125,000 based on market data, relevant years of experience, and skills. You may qualify for a bonus in addition to base salary; bonus amounts are determined based on company and individual performance. We also provide equity compensation to eligible employees, including equity grants upon hire and the option to participate in our Employee Stock Purchase Program. We value diversity and inclusion. We are an equal-opportunity employer, and recognize that diversity of thought and background builds stronger teams and products to serve our customers. We approach diversity and inclusion seriously and thoughtfully. We do not discriminate on the basis of race, religion, color, ancestry, national origin, caste, sex, sexual orientation, gender, gender identity or expression, age, disability, medical condition, pregnancy, genetic makeup, marital status, or military service. *This is a remote role. #LI-Remote #LI-SK1

Job Title: Senior Security Analyst Duration: 6 Months (Tentative) Job Type: Contract We are seeking a highly motivated Senior Security Analyst to join a Security and Access Control Team supporting enterprise-level IT security initiatives. This is an excellent opportunity for a skilled professional to contribute to a mission-critical environment that prioritizes data protection, compliance, and system integrity. The ideal candidate will have a strong technical background and hands-on experience in access management, security controls, and policy enforcement in large-scale IT environments. Key Responsibilities: Conduct risk and security assessments for IT projects, including recommending controls and secure application configurations Provision and de-provision user accounts and roles in line with defined security policies and access control matrices Administer user account management for healthcare and insurance-related platforms Maintain documentation of account management activities using a ticketing system Develop, implement, and enforce security policies and procedures aligned with industry best practices and regulatory requirements Troubleshoot security issues, perform root cause analysis, and recommend remediation steps Participate in design and testing of secure administrative interfaces and role-based access models Enhance and document standard operating procedures related to security operations and audits Respond to security incidents, conduct analysis, and support forensic investigations as needed Oversee vulnerability scanning tools, schedule scans, and assist in remediation planning Produce both routine and ad hoc reports for compliance and operational transparency Serve as a backup for the Security Lead and perform quality assurance checks on account provisioning Execute special projects and support ongoing security improvement efforts Required Qualifications: 3-5 years of professional experience as a Security Analyst or in a similar information security role Solid understanding of IT security concepts, access control principles, and audit readiness Strong written and verbal communication skills with the ability to interact across technical and non-technical stakeholders Experience working with internal/external auditors, compliance teams, and executive leadership Proficiency in Microsoft Office applications, including Word, Excel, PowerPoint, and Outlook Excellent problem-solving, analytical, and organizational skills Ability to manage and prioritize multiple projects and tasks in a fast-paced environment Working knowledge of application security and network infrastructure is preferred Prior experience in government or healthcare environments is a plus Education & Certifications: Bachelor's degree in Computer Science, Information Systems, or a related field (or equivalent work experience) Security certifications such as CISM, CISA, or CISSP are preferred but not required

p style="min-height:1. 5em"We are seeking a detail-oriented and highly skilled Security Analyst to join our team in Boston and shape the future of Cybersecurity. As a Security Analyst at 7AI, you will leverage your expertise of the security landscape to review and analyze AI Agent investigations, ensuring accuracy and completeness, ultimately helping to build our multi-agent platform. You will be integral in building and maintaining the reliability of our AI Agents, working in tandem with Engineering and Product to inform our roadmap as we build. If you want to build the next generation of Cybersecurity and put AI in the hands of defenders, please apply below. /pp style="min-height:1. 5em"Key Responsibilities:/pul style="min-height:1. 5em"lip style="min-height:1. 5em"Review and validate alerts and investigations completed by the AI Agents for accuracy and completeness. /p/lilip style="min-height:1. 5em"Collaborate with the Engineering and Product teams to provide feedback and assist in optimizing the AI platform. /p/lilip style="min-height:1. 5em"Develop internal playbooks, standard operating procedures and tools that will guide the AI Agents to perform quality investigations. /p/lilip style="min-height:1. 5em"Stay current with emerging cybersecurity trends, vulnerabilities, and new attack techniques, especially the field of AI-driven attacks. /p/lilip style="min-height:1. 5em"Investigate flagged security incidents, analyzing potential threats and confirming the findings generated by AI. /p/lilip style="min-height:1. 5em"Recommend mitigation strategies and remediation steps to train the AI to reduce the threat surface. /p/lilip style="min-height:1. 5em"Correlate findings from multiple sources, including network logs, endpoint data, and threat intelligence, to validate AI-generated reports. /p/lilip style="min-height:1. 5em"Assist with ongoing threat monitoring, triage, and prioritization of security incidents. /p/li/ulp style="min-height:1. 5em"Required Qualifications:/pul style="min-height:1. 5em"lip style="min-height:1. 5em"4+ years of experience in a Security Analyst or similar role within the cybersecurity field. /p/lilip style="min-height:1. 5em"Hands-on experience with incident response for Cloud and Identity alerts, and at least two of Email, EDR, Threat Intel and Networking alerts. /p/lilip style="min-height:1. 5em"Strong understanding of security monitoring tools and techniques (SIEM, IDS/IPS, IDP, etc. ). /p/lilip style="min-height:1. 5em"Experience analyzing and investigating security alerts from multiple sources, including intrusion detection systems, network monitoring tools, and endpoint protection platforms. /p/lilip style="min-height:1. 5em"Familiarity with the latest cybersecurity threats, attack vectors, and vulnerabilities. /p/lilip style="min-height:1. 5em"Strong analytical and problem-solving skills, with the ability to verify AI-driven analysis and make independent security decisions. /p/lilip style="min-height:1. 5em"Scripting experience with languages such as Python/p/lilip style="min-height:1. 5em"Data querying experience with SIEM technologies (SPL, KQL, FQL, SQL, etc). /p/li/ul

Job Description At OneStudyTeam (a Reify Health company), we specialize in speeding up clinical trials and increasing the chance of new therapies being approved with the ultimate goal of improving patient outcomes. Our cloud-based platform, StudyTeam, brings research site workflows online and enables sites, sponsors, and other key stakeholders to work together more effectively. StudyTeam is trusted by the largest global biopharmaceutical companies, used in over 6,000 research sites, and is available in over 100 countries. Join us in our mission to advance clinical research and improve patient care. One mission. One team. That's OneStudyTeam. We are seeking a Senior Security Compliance Analyst with expertise in Governance, Risk, and Compliance (GRC) to support and enhance our security and compliance programs within the healthcare industry. This role is critical in ensuring adherence to industry regulations, responding to customer audits, and maintaining compliance with ISO 27001, HIPAA, and other security frameworks. The ideal candidate will be a detail-oriented compliance expert who can navigate complex regulatory environments, assist with internal/external audits, and drive continuous improvement in security governance. What You'll Be Working On Audit & Compliance Management Lead and support customer security audits, responding to security questionnaires and demonstrating compliance with security frameworks. Prepare, coordinate, and manage ISO 27001 audits, including evidence collection, control implementation, and auditor engagement. Ensure ongoing compliance with HIPAA, NIST CSF, and other regulatory requirements applicable to healthcare data security. Develop and maintain policies, procedures, and security documentation to meet regulatory and contractual obligations. Perform gap analyses and risk assessments to identify and remediate compliance risks. Governance & Risk Management Manage and improve security governance frameworks, ensuring alignment with industry best practices and business objectives. Conduct third-party vendor risk assessments, ensuring compliance with security policies and contractual obligations. Monitor security controls, ensuring effectiveness and continuous improvement in alignment with security frameworks. Support security awareness training initiatives, ensuring employees understand compliance responsibilities. Regulatory & Framework Support Stay current on ISO 27001, HIPAA, NIST 800-53, and other relevant standards, translating them into actionable security controls. Assist in defining security metrics and reporting on compliance status and risk posture to leadership. Work closely with legal, security, IT, and business teams to align compliance requirements with security operations. What You'll Bring to OneStudyTeam 8+ years of experience in GRC, compliance, risk management, or IT audit, with a focus on ISO 27001, HIPAA, and HITRUST. Experience leading ISO 27001 audits, including ISMS implementation and external audit coordination. Strong understanding of NIST CSF, SOC 2, GDPR, and other security frameworks. Hands-on experience with customer security audits, including responding to security questionnaires and managing security assessments. Ability to perform risk assessments, policy reviews, and compliance gap analyses. Familiarity with GRC tools (e.g., OneTrust, LogicGate, Archer, Vanta, Drata) is a plus. Certifications (Preferred): ISO 27001 Lead Auditor/Implementer, CISSP, CISM, CISA, HITRUST CCSFP, CRISC. We value diversity and believe the unique contributions each of us brings drives our success. We do not discriminate on the basis of race, sex, religion, color, national origin, gender identity, age, marital status, veteran status, or disability status. Note: OneStudyTeam is unable to sponsor work visas at this time. If you are a non-U.S. resident applicant, please note that OneStudyTeam works with a Professional Employer Organization. As a condition of employment, you will abide by all organizational security and privacy policies. This organization participates in E-Verify (E-Verify's Right to Work guidance can be found here).

SourcePro Search is conducting a search for a Information Security Analyst. As Information Security Analyst (ISA), reporting to the Director of Information Technology and working closely with the Chief Information Officer, this position will be responsible for the administration, implementation, and oversight of the Firm's Information Security Management Systems (ISMS) to effectively safeguard all data stored on premises and in the cloud. They will be responsible for ongoing development and improvement of an extensive security strategy for the Firm. The security professional will suggest tools and techniques to achieve security goals and to record the process related to gathering and maturing Threat Intelligence. The Information Security Analyst will work in collaboration with the Network team to offer support for security tools and technologies such as firewall, proxy server, remote access, and others. They will research and investigate the potential impact of new threats and exploits to improve detection and response capabilities. This person will work closely with senior IT management on information security-centric initiatives related to compliance, risk management, and data privacy and protection strategies for the organization, in alignment with relevant laws, regulations, and industry standards. Additionally, this role will coordinate security related responses to prospective client requests for proposals (RFPs), as well as audits for existing clients. ESSENTIAL FUNCTIONS: • Participates in the development, risk assessment, communications, status reporting, and execution of, enterprise-wide information security, compliance, risk, and privacy strategies. • Administers and monitors security platforms Firm-wide and lias with third party providers to coordinate response to security events and vulnerability assessments • Responsible for updating and revision of Information Security policies and SOPs; works with CIO and Data Protection Committee to ensure policies meet business requirements and align with US federal, state, and UK regulations. • Assesses existing IT policies, guidelines, procedures and standards to discover security related gaps and create or align firm documentation, as necessary. • Coordinates vendor engagements for IT Risk Assessments to identify, assess, and remediate threats internally and with 3rd party vendors. • Collaborates on the development or selection of regular Information Security and Compliance training to all employees and assists in delivery and auditing of compliance training. • With the CIO and Director of IT, participates in and helps direct the Firm's incident response efforts when system compromise or information loss is suspected, in an effort to minimize any negative impact. • Supports the ongoing administration, design and use of network segmentation tools and underlying concepts. • Supports development of testing and evaluation plans, including cyber test activities. • Works with third party vendors to plan for and execute penetration testing. • Ensures that security controls are integrated into new systems and applications. • Assists with other projects and initiatives at the direction of the CIO and Director of IT. QUALIFICATIONS: • Bachelor's degree in computer science, Information Security, Information Technology or related field. • Minimum of three (3) years of work experience in the field of information security and compliance, or equivalent combination of education and work experience. • Experience working with a variety of automation tools, firewall systems, and other technologies used in cybersecurity. • Sound professionalism with incident response events. • Exceptional oral and written communication skills and the ability to articulate highly technical information for real world business impact at a senior management level. • Strong time management, prioritization, problem-solving, and organizational skills, and the ability to work effectively in a high-pressure environment. • Strong interpersonal skills and ability to work effectively with diverse levels of constituencies. • Flexibility and capacity to respond calmly, efficiently, and effectively in stressful situations. • Able to meet set deadlines and work effectively under pressure. • Ability to maintain confidentiality of matters and other Firm business information. ****************************

Location: This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Alternate locations may be considered. The Senior Azure Cloud Security Analyst is responsible for managing the delivery of information and network security systems and/or technology services, which may include server, desktop, software, network, and database components. How You Will Make An Impact: * Provides trouble resolution on complex problems and leads implementations for system and network security technologies. * Develops testing plans to ensure quality of implementation; coordinates and prepares the reporting of data security events and incidents. * Provides system and network architecture support for information and network security technologies; provides technical support to business and technology associates in risk assessments and implementation of appropriate information security procedures. * Standards and technologies; represents major upgrades and reconfigurations in change control; design & analyze mix of vendor services meeting business and information security requirements; maintains relationship with key vendors. * Leads lights on initiatives to consolidate equipment and/or implement business relocations; determine and perform complex configuration changes to meet business and information security requirements; perform capacity analysis; recommend and implement capacity increases; serve as the technical escalation for results of preventative maintenance routines; supervise preventative maintenance. * Represents infrastructure security support in significant projects and performs the most complex operations and administration tasks; respond to level 3 & 4 change and problem requests without supervision; lead level 1 & 2 incident recoveries and root cause analysis. Minimum Requirements: * Requires a bachelor's degree or equivalent combination of education and experience that would provide the knowledge to perform such work. * Experience must include a minimum of 2 to 3 years experience in a support & operations or design & engineering role in any of the following areas: access management or network security technologies, servers, networks, Network communications, telecommunications, operating systems, middleware, disaster recovery, collaboration technologies, hardware/software support or other infrastructure services role; or any combination of education and experience, which would provide an equivalent background. * Requires experience providing top-tier support for 3 or more of the information security technology areas: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security. Preferred Skills, Capabilities and Experiences: * Technical security certifications (e.g. Systems Security Certified Practitioner) strongly preferred. Job Level: Non-Management Exempt Workshift: 1st Shift (United States of America) Job Family: IFT > IT Security & Compliance Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ******************************************** for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.

Sr. ISSO Employment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: * Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. * Maintain responsibility for managing cybersecurity risk from an organizational perspective. * Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. * Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. * Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). * Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. * Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. * Provide subject matter expertise for cyber security and trusted system technology. * Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. * Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. * Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. * Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: * Bachelor's Degree. * A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. * eMASS experience. * Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. * Strong desktop publishing skills using Microsoft Word and Excel. * Experience with industry writing styles such as grammar, sentence form, and structure. * Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: * CISSP, CASP, or a similar certificate is preferred. * Master's Degree in Cybersecurity or related field. * Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. * Demonstrated ability to work well independently and as a part of a team. * Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: ************************************* For more information about CGS please visit: ************************** or contact: Email: ******************* $118,560 - $171,253.33 a year

Were a growing bank that recognizes and values talented people. Were consistently recognized both nationally and locally as a Top Place to Work and our team members are as important to us as our core values. What You'll Do: Reviews system logs and real time alerts for the Banks infrastructure to identify trends, investigate abnormalities, and report exceptions to the Banks Information Security Program. Participates in the Information Security Committee and creates meeting dashboards. Coordinates the Banks User Access Program for all systems both on premise and those hosted by third parties including but not limited to the initial set up of users, ongoing reviews, and removal of users due to terminations/separations. Monitors the Banks IT related accepted risks for adding, updating, and removing accepted risks based on changes in technology and vulnerabilities. Assists with the initial configuration review of third party hosted systems to determine compliance with the Banks policies and procedures. Gathers industry alerts and information from information security focused groups (Financial Services Information Sharing and Analysis Center, the FDIC, etc.) to alert the Information Security Committee of the potential threats and recommends action steps commensurate with the risk level. Monitors the configuration of bank wide applications to verify they meet the standards required by the Information Security Program. Updates the Information Security Program and corresponding cybersecurity policies, procedures, and controls annually based on regulatory changes, feedback from the Information Security Committee, and the results of audits and assessments. Coordinates the scheduled reviews of systems logs to verify appropriate system changes and employee access rights to verify alignment with job responsibilities. Performs scans on internal devices to identify vulnerabilities and provide guidance to system administrators for remedial actions. Analyzes the integrity of changes made to the Banks network through the Patch Management program, Change Management Program, user access changes, and system modification forms. Develops and conducts information security training for employees to make them aware of the Banks information security policies and procedures. Monitors team members adherence to the Banks Information Security Program through clean desk audits, phishing testing, and other testing outlined in the Information Security Testing Program. Research, implement, and maintain an information security framework through ongoing compliance monitoring of the framework. Develops and coordinates information security training for customers through the Banks statements and social media platforms. Assists with the Banks responses to potential cybercrime activity and data breaches according to the Banks Incident Response Policy. Assists customers with recovering from fraudulent transactions by identifying the recovery steps necessary based on the transaction type and coordinating the follow up with other departments as needed. Completes or participates in the preparation of risk assessments that are performed for new critical technologies, applications, or devices that are implemented, revised, and/or installed. Works with Information Services and system administrators to select appropriate technology vendors that support regulatory and best practice requirements and researches information security tools. Enforces the Banks record retention program for electronic documents and classifies these records in accordance with the Banks Classification of Information Policy. Supports the Risk Management Department with risk management related tasks as required. Performs all duties consistent with applicable Federal and State laws and regulations as well as Bank Policies Performs other related duties as assigned Exceeds customer expectations by following the guidelines outlined in the Customer Experience Program This position is Hybrid once you have assimilated into the team (1 day onsite per week) Requirements: Five or more years experience in the information security field, preferably in the banking industry; and Bachelors degree (B.A.) with a focus on business and/or technology; or Equivalent combination of education and experience. Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and/or Certified Information Security Manager (CISM) designation(s) are preferred, but not required.

Directly accountable for safeguarding the organization's information assets. The role involves designing, implementing, and enforcing security protocols and procedures that mitigate risks and ensure compliance. With heavy focus in information security operations, including vulnerability management, incident/event management, compliance management, policy/procedure development and information security awareness. This responsibility will be carried out through the development of information security requirements, planning, design, implementation, and periodic audit/validation of effectiveness of all security controls. Accountabilities: + Determine information security requirements by evaluating and researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; and identifying integration issues. + Design, and implement security controls for our infrastructure and critical systems. + Verify information security systems effectiveness by developing and implementing testing and validation processes to periodically audit systems. + Collaborate with managed security service provider (MSSP) to ensure their services are effectively delivered to our organization and validate that alerts are properly acted upon to mitigate identified threats. + Support security incident response activities utilizing security tools (SIEM/SOAR) + Collaborate in the development of a Business Continuity and Disaster Recovery plan. + Prepare system security reports by collecting, analyzing, and summarizing data and trends. + Track and understand emerging security practices and threats. Leverage this knowledge to improve security configurations across the enterprise and hunt for potential or active threats. + This role will be responsible for monitoring Healthcare industry and regulatory trends to ensure prompt and complete action plans are developed and implemented to address such requirements. + Serve as the liaison for audit activities related to the areas of information security. + This will also include maintaining ongoing cybersecurity risk profile using the recommended industry tools, and being certain that activities which keep us aligned with our target levels are implemented. + Demonstrable expertise in implementing, managing, and fine-tuning security controls using a variety of security tools and frameworks. Specific experience with Palo Alto firewalls and Palo Alto suite of security tools, Fortinet Fortigate Firewalls, Meraki, Active Directory and other infrastructure tools as identified. + In-depth experience with Identity and Access Management (IAM), specifically in designing and implementing IAM solutions for provisioning, de-provisioning, and role-based access controls within the organization. Familiarity with industry standard IAM solutions and best practices is a must. + Familiarity with monitoring and managing security incidents, including the use of Security Information and Event Management (SIEM) tools. + Proven track record in working with cross-functional teams to address security and compliance challenges, specifically in a Healthcare environment. + Experience in developing and implementing security policies and procedures that align with industry regulations such as PCI and HIPPA. + Previous involvement in handling external and internal audits related to information security, along with remediation of identified issues. + A high level of problem-solving skills and the ability to communicate in a clear, concise manner. + Must be able to communicate effectively in both oral and written form and explain technical concepts in non-technical terms to staff and prepare clear and concise written communications. + Must be able to manage multiple projects/tasks concurrently; and prioritize requests and complete assignments within an estimated timeframe; and organize, schedule, and coordinate a variety of activities and projects. + Must have the ability to learn new software and hardware packages and adapt to changes in technology. Qualifications: + Bachelor's Degree in computer science or Equivalent work experience + At least 5 years of experience in information security preferred + Excellent written communication skills. + Strong organizational and planning skills. + Demonstrates a high degree of personal integrity and practices ethical standards. Must remain objective and independent when completing assignments, and consistently demonstrate the ability to hold information in confidence. + Demonstrated proactiveness and an ability to work independently and self-directed in managing multiple concurrent projects. + Excellent analytical and problem-solving skills. **Anticipated salary range:** $79,700 - $119,490 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 5/28/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Our client is executing a critical enterprise-wide initiative to enhance browser security and reduce vulnerabilities caused by unmanaged browser extensions. With over 4,000 Chrome extensions in use across the organization, this role will support the Browser Security Engineering team by providing data-driven insights and recommendations to guide policy enforcement and extension management. Key Responsibilities: Data Analysis & Reporting: Review and analyze data exports from the Google Admin Console related to Chrome extension usage. Clean, structure, and interpret large datasets using Excel and other analytical tools. Identify trends, anomalies, and usage patterns to support risk assessments and business impact evaluations. Stakeholder Communication: Engage with end users to understand the business justification behind installed browser extensions. Document and categorize extension use cases to support decision-making. Present findings in a clear, actionable format to both technical and non-technical stakeholders. Consultation & Policy Support: Collaborate closely with the Browser Engineering team to recommend extensions for removal based on data insights and business context. Provide input to help shape new browser security policies and extension control strategies. Support change management efforts by contributing to user communication plans and feedback loops. Compensation: $10/hr to $20/hr Exact compensation may vary based on several factors, including skills, experience, and education. Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401K retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law. We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form (****************************************** Og4IQS1J6dRiMo) . The EEOC "Know Your Rights" Poster is available here (*********************************************************************************************** . To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: *************************************************** . Skills and Requirements Proficiency in Excel, including pivot tables, advanced formulas, and data visualization. Experience working with data exports from the Google Admin Console or similar enterprise tools. Strong analytical and problem-solving skills with the ability to translate data into actionable insights. Excellent communication skills, especially in gathering and documenting user feedback. Ability to work collaboratively with cross-functional teams including IT, security, and end users. Familiarity with browser security concepts and enterprise IT environments. Experience supporting cybersecurity or IT infrastructure projects. Background in user research, business analysis, or stakeholder engagement. null We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to ********************.

Basic Qualifications Requires a Bachelor's degree in Systems Engineering, or a related Science, Engineering or Mathematics field. Also requires 2+ years of job-related experience or a Master's degree. Agile experience preferred. CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required. Responsibilities for this Position We are seeking a Systems Security Engineer who has experience in the design and development of NSA-certified Cybersecurity devices. Key Responsibilities: Design and develop specifications for mission-critical NSA-certified Cybersecurity devices Collaborate with software and validation engineering teams to deliver high-speed data solutions Develop real-time multi-threaded Embedded System architecture using Model-based Systems Engineering (MBSE) tools and techniques Analyze and maintain system security requirements throughout product development lifecycle Conduct trade studies, perform functional analysis, and design system security. Preferred Skills and Experiences: NSA approved Cryptography/Encryption Security requirements analysis Real-Time multi-threaded Embedded System architecture and development Model-based Systems Engineering (MBSE) CISSP certification or similar INCOSE ASEP, CSEP, or ESEP certification We value candidates who possess: Drive to expand knowledge and experience in designing complex systems Ability to define project scope, schedule, and expected results Initiative to complete assignments and ability to engage in technical direction and leadership Our Commitment to You: An exciting career path with opportunities for continuous learning and development Research-oriented work with award-winning teams Competitive benefits package #CJ3 Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $107,529.00 - USD $114,000.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Directly accountable for safeguarding the organization's information assets. The role involves designing, implementing, and enforcing security protocols and procedures that mitigate risks and ensure compliance. With heavy focus in information security operations, including vulnerability management, incident/event management, compliance management, policy/procedure development and information security awareness. This responsibility will be carried out through the development of information security requirements, planning, design, implementation, and periodic audit/validation of effectiveness of all security controls. Accountabilities: + Determine information security requirements by evaluating and researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; and identifying integration issues. + Design, and implement security controls for our infrastructure and critical systems. + Verify information security systems effectiveness by developing and implementing testing and validation processes to periodically audit systems. + Collaborate with managed security service provider (MSSP) to ensure their services are effectively delivered to our organization and validate that alerts are properly acted upon to mitigate identified threats. + Support security incident response activities utilizing security tools (SIEM/SOAR) + Collaborate in the development of a Business Continuity and Disaster Recovery plan. + Prepare system security reports by collecting, analyzing, and summarizing data and trends. + Track and understand emerging security practices and threats. Leverage this knowledge to improve security configurations across the enterprise and hunt for potential or active threats. + This role will be responsible for monitoring Healthcare industry and regulatory trends to ensure prompt and complete action plans are developed and implemented to address such requirements. + Serve as the liaison for audit activities related to the areas of information security. + This will also include maintaining ongoing cybersecurity risk profile using the recommended industry tools, and being certain that activities which keep us aligned with our target levels are implemented. + Demonstrable expertise in implementing, managing, and fine-tuning security controls using a variety of security tools and frameworks. Specific experience with Palo Alto firewalls and Palo Alto suite of security tools, Fortinet Fortigate Firewalls, Meraki, Active Directory and other infrastructure tools as identified. + In-depth experience with Identity and Access Management (IAM), specifically in designing and implementing IAM solutions for provisioning, de-provisioning, and role-based access controls within the organization. Familiarity with industry standard IAM solutions and best practices is a must. + Familiarity with monitoring and managing security incidents, including the use of Security Information and Event Management (SIEM) tools. + Proven track record in working with cross-functional teams to address security and compliance challenges, specifically in a Healthcare environment. + Experience in developing and implementing security policies and procedures that align with industry regulations such as PCI and HIPPA. + Previous involvement in handling external and internal audits related to information security, along with remediation of identified issues. + A high level of problem-solving skills and the ability to communicate in a clear, concise manner. + Must be able to communicate effectively in both oral and written form and explain technical concepts in non-technical terms to staff and prepare clear and concise written communications. + Must be able to manage multiple projects/tasks concurrently; and prioritize requests and complete assignments within an estimated timeframe; and organize, schedule, and coordinate a variety of activities and projects. + Must have the ability to learn new software and hardware packages and adapt to changes in technology. Qualifications: + Bachelor's Degree in computer science or Equivalent work experience + At least 5 years of experience in information security preferred + Excellent written communication skills. + Strong organizational and planning skills. + Demonstrates a high degree of personal integrity and practices ethical standards. Must remain objective and independent when completing assignments, and consistently demonstrate the ability to hold information in confidence. + Demonstrated proactiveness and an ability to work independently and self-directed in managing multiple concurrent projects. + Excellent analytical and problem-solving skills. **Anticipated salary range:** $79,700 - $119,490 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 5/28/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************