Cyber security analyst jobs in Connecticut

Job Title: Cyber Security Threat Analyst/ IT Security Specialist Duration: 6-12+ Months COMPLETE SKILL MATRIX : Cyber Security Threat Analyst/ IT Security Security aspects of multiple platforms, operating systems, software, communications, and network protocols Security CISSP or CISM certification is a plus What are the Job Responsibilities: Use Tanium and other tools to view data, indicators of compromise-IOCs, collect inventory to identify threats and relate them to the areas of the organization. Use the analytical information from a diverse set of tools - Splunk, ArcSight, syslog, Tanium, to name a few- to their best advantage to identify threats and trends in addition to current state reactive behavior. Configure components to effectively detect and report incidents & and follow escalation workflows Work with cross functional teams to perform activities including planning, providing technical leadership, and tracking projects and key task dates. Uses Security monitoring tools to review, investigate, and recommend appropriate corrective actions for data security incidents. Work with engineering to assist with recommendations regarding direction of tools and applications. Who Is Our Ideal Candidate: Bachelor's degree in Computer Science, Engineering, or a directly related field. Four to six years of professional IT experience. Experience in security aspects of multiple platforms, operating systems, software, communications, and network protocols. Requires excellent analytical ability, consultative and communication skills, and strong judgment. Must be highly skilled and proficient in problem solving, with an aptitude to learn new technologies. Ability to regularly exercise independent judgment and discretion. Excellent end users support skills Ability to multitask and handle multiple priorities Must be resourceful, creative, innovative, results driven, and adaptable Nice to have: Security CISSP or CISM certification is a plus Additional Information

Connecticut Children's is the only health system in Connecticut that is 100% dedicated to children. Established on a legacy that spans more than 100 years, Connecticut Children's offers personalized medical care in more than 30 pediatric specialties across Connecticut and in two other states. Our transformational growth establishes us as a destination for specialized medicine and enables us to reach more children in locations that are closer to home. Our breakthrough research, superior education and training, innovative community partnerships, and commitment to diversity, equity and inclusion provide a welcoming and inspiring environment for our patients, families and team members. At Connecticut Children's, treating children isn't just our job - it's our passion. As a leading children's health system experiencing steady growth, we're excited to expand our team with exceptional team members who share our vision of transforming children's health and well-being as one team. Manage and continuously improve a Cyber Security Compliance program. This would include conducting security business and infrastructure compliance reviews, security risk assessments for internal/external information assets. Education and/or Experience Required: * Education Required: Bachelor's degree in Information Systems or equivalent * Experience Required: Minimum of six (6) years of enterprise security related work experience. Minimum of four (4) years incident response/forensics experience. Previous 24 x 7 operations experience License and/or Certification Required: Required: Certified Information Systems Security Professional (CISSP) within 1 year of hire. Preferred: CISM, PCI QSA, GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA). Knowledge, Skills and Abilities: Knowledge * Experience and proficiency with: Anti-Virus, HIPS, IDS/IPS, Network Captures, Host-Based & Network Forensics. * Knowledge of Linux, UNIX, Windows OS, Active Directory and other operating systems. * Knowledge of database platforms such as MS SQL, Oracle, and MySQL. * Experience with a scripting language (e.g. Powershell, Python) Skills: * Excellent written communication and presentation skills with the ability to present complex security issues to a variety of audiences, including senior executives Abilities: * Must be self-directed, able to manage individual projects or act as part of a larger team * Experienced in performing security audits, risk analysis, forensics and penetration testing. Actively monitor systems and networks for potential intrusions. Lead, conduct and maintain security risk assessments, identify security vulnerabilities, develop recommendations, document findings and remediation plans. Manage remediation plans toward closure. Define security standards & incident response plans to detect, respond and recover from security incidents using a risk based methodology. * Develop and document security policies and procedures, training and awareness. Serve as a security expert reviewing and recommending security controls for network, application designs, operating systems, endpoint protection, mobile device implementations of new/updated applications and services. * Ensure business and technical requirements are aligned to security policies and are implemented within regulatory and corporate compliance. Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; related to forensics and incident response.

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements. **Required Skills:** Detection & Response Security Engineer, Threat Intelligence Responsibilities: 1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work 3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services 4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions 5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems **Minimum Qualifications:** Minimum Qualifications: 9. 8+ years threat intelligence experience 10. B.S. or M.S. in Computer Science or related field, or equivalent experience 11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services 12. Experience developing and delivering information on threats, incidents and program status for leadership 13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures 14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework 15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 16. Proven track record of managing and executing on short term and long term projects 17. Ability to work with a team spanning multiple locations/time zones 18. Ability to prioritize and execute tasks with minimal direction or oversight 19. Ability to think critically and qualify assessments with solid communications skills 20. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 21. Experience recruiting, building, and leading technical teams, including performance management 22. Experience close collaborating with incident responders on incident investigations 23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 24. Familiarity with malware analysis or network traffic analysis 25. Familiarity with nation-state, sophisticated criminal, or supply chain threats 26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 27. Experience in one or more query languages such as SQL 28. Experience authoring production code for threat intelligence tooling 29. Experience conducting large scale data analysis 30. Experience working across the broader security community **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Join a team focused on the success of our customers, the success of our communities, and the success of each other. Farm Credit East (FCE) is the leading provider of loans and farm advisory services to farm, forest product, fishing, and other agricultural business owners across the northeast with $13.5 billion in total loan volume and $29 million in annual financial services revenue from 18,000 customers across our 8-state territory. We are One Team Working Together with a focus on our five pillars: Outstanding Customer and Employee Experience, Quality Growth, Operational Excellence, Commitment to our Communities, and Protecting Customer Information. As part of our commitment to protecting customer information and enabling operational excellence, the Security Solutions Analyst plays a key role in supporting the secure design, implementation, and documentation of systems and cybersecurity initiatives. This role serves as a technical liaison between the Information Security team and internal and external stakeholders, including Farm Credit Financial Partners, Inc. (FPI). The analyst represents Information Security in the Architecture Review Board (ARB), evaluates strategic projects for security alignment, and ensures that security requirements are embedded in technical decisions and implementation plans. The analyst applies Security by Design principles, ensuring that systems and solutions are architected with security as a foundational principle. This includes adherence to internal standards, regulatory requirements, and industry best practices throughout the lifecycle of technology initiatives. The value drivers for this role are as follows: Secure Enablement of Initiatives Data Protection and Governance Support Alignment with Standards and Risk Appetite Operational Resilience and Incident Readiness Cross-Team Collaboration and Technical Alignment Come join a collaborative, customer-focused team at Farm Credit East! Duties and Responsibilities Security Architecture, Standards & Project Evaluations Represent Information Security in the Architecture Review Board (ARB) for all projects requiring architectural review. Evaluate strategic and technical initiatives for alignment with security architecture, regulatory requirements and risk posture. Conduct threat modeling to assess cybersecurity risk related to new projects and technologies. Apply security by design principles to ensure security is embedded throughout project lifecycles. Ensure solutions adhere to internal security standards, NIST CSF principles, and applicable regulatory frameworks. Ensure security standards are defined, are accurate, up-to-date, and aligned with FCE's risk appetite and industry best practices. Conduct security evaluations of internal and third-party systems, including encryption, patching, APIs, data residency, incident response, and third-party risk indicators. Review configurations and security controls for AI-enabled systems, including generative, agentic, and embedded AI. Evaluate risks related to model behavior, data usage, integration points, and alignment with internal standards and responsible AI security practices. Provide security oversight throughout the full lifecycle of systems, from design to deployment to decommissioning. System Configuration Oversight & Technology Service Provider Collaboration Provide guidance and maintain oversight for the configuration and security settings of all FCE systems. Partner with FPI and/or other outside vendors to ensure system configurations, access policies, and integration points meet FCE's security requirements. Participate in joint planning and review sessions to support shared initiatives and maintain architectural alignment. Maintain visibility into FPI-managed implementations and ensure security expectations are clearly communicated, documented, and tracked. Participate in change management process to assess the security impact of system changes, upgrades and new deployments. Initiative Coordination, Implementation Support & Incident Readiness Serve as a bridge between business and security to ensure cybersecurity initiatives are implemented effectively, securely and in alignment with organizational goals. Facilitate secure implementation of systems in alignment with architectural principles and engineering best practices. Monitor initiative progress and ensure readiness for integration with managed services. Ensure systems are configurated to support incident detection, logging, and response capabilities. Assist in tuning and optimizing security tools in collaboration with FPI or other external parties, such as data loss prevention (DLP), endpoint protection, and threat detection platform to improve visibility and reduce false positives. Lead the implementation of data classification and labeling, including applying classification rules, tagging sensitive data, and testing configurations to ensure accuracy and effectiveness. Contribute to incident readiness by validating that systems and integrations support timely response and containment of security events. Documentation, Reporting & Governance Develop and maintain technical documentation (e.g., workflows, configuration guides, implementation checklists). Maintain dashboards and reporting tools to track progress and security posture. Support audits, readiness assessments, and leadership reporting. Contribute to the development and maintenance of architecture standards and security metrics. Security by Design Enablement Facilitate effective communication of security risks and best practices for both technical and non-technical audiences. Champion Security by Design philosophy for embedding cybersecurity design thinking into organizational processes and enabling technologies. Contribute to internal education efforts by developing technical guides, reference material, and awareness content to promote security best practices. Promote a culture of security through collaboration, training, and knowledge sharing across departments. Translate technical tasks into business impact for non-technical stakeholders to support decision-making Support awareness and adoption of data classification and labeling frameworks, ensuring users understand how to handle sensitive information appropriately. Job Qualifications and Requirements: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field required. Master's degree or equivalent experience preferred. Minimum of 3-5 years of experience in cybersecurity, information security, or security engineering roles. Hands-on experience with security architecture or engineering support, including secure system design, configuration, and implementation. Experience working with data protection technologies, such as data loss prevention (DLP), data classification and labeling, trainable classifiers, and endpoint protection. Experience collaborating with managed service providers or external technology partners to implement and maintain secure systems. Exposure to governance frameworks such as NIST CSF, CIS Controls, or ISO 27001, with an understanding of how to align security standards with organizational risk appetite. Participation in architecture review boards (ARBs) or similar governance bodies is a strong plus. Experience supporting change management processes, including security impact assessments for system changes and deployments. Strong background in technical documentation, process mapping, and reporting to support visibility and compliance. Security-related certifications such as CISSP, CCSP or equivalent are preferred. Certifications in architecture or engineering support (e.g., ITIL, TOGAF, cloud security) are a plus. We offer hybrid work options after two weeks of employment with Farm Credit East. Hybrid work options are determined based on job role and balancing the needs of the customers, the team, and individual work performance. This will be reviewed based on manager discretion. Compensation and Benefits: Salary Range: $80,000 to $120,000 commensurate with experience Short-Term Incentive to reward business results Retirement Contributions : 401k match up to 6% of salary; or for those unable to take full advantage of the 401(k) match, verified student loan payments may qualify for an employer match in your 401(k) up to 6% of salary Defined Contribution retirement plan funded at 2-9% of salary depending on years of service Time Off: 15-25 days of vacation leave per year, depending on years of service 12 days of holiday leave per year 7.5 days of sick leave in your first year, followed by 12 days of sick leave per year thereafter; unlimited rollover of unused sick leave year to year Paid Parental Leave: Up to 80 hours of paid leave for birthing, non-birthing, and adoptive parents Family Care Leave: Additional leave options available under FMLA and company policy Health and Insurance: Comprehensive medical, dental, and vision plans, including preventive care and wellness programs to support your overall health and well-being Health Savings Account Life insurance at 2x base pay Accidental Death and Dismemberment insurance at 2x base pay Long-term disability insurance at 2/3 base pay Additional Benefits: Tuition reimbursement Continuing education and training Employee Assistance Program offering a wide variety of tools and resources Benefits Eligibility: Eligibility Begins: First of the month following your hire date Eligible Employees: Full-time employees working 30+ hours per week; Part-Time employees working 20+ hours per week. Farm Credit East is an Equal Opportunity Employer. As an Equal Opportunity Employer, we do not discriminate on the basis of race, color, religion, national origin, sex, sexual orientation, gender identity or expression, age, marital status, parental status, political affiliation, disability status, protected veteran status, genetic information or any other status protected by federal, state or local law. It is our goal to make employment decisions that further the principle of equal employment opportunity by utilizing objective standards based upon an individual's qualifications for a specific job opening. In compliance with the Americans with Disabilities Act (“ADA”), if you have a disability and would like a reasonable accommodation in order to apply for a position with Farm Credit East, please call ************** or e-mail ************************************

For over 75 years, BIC has been creating ingeniously simple and joyful products that are a part of every heart and home. As a member of our team, you'll be a part of reigniting a beloved brand as we continue to reimagine everyday essentials in new, sustainable and responsible ways. Our "roll up your sleeves and get the job done" approach to work creates an environment where self-starters, problem solvers and innovative thinkers thrive. BIC team members are empowered to take ownership of their careers and bring their unique perspectives to the table to make a meaningful impact on our mission. It's a colorful world - make your mark by joining the BIC team today. As Senior Cybersecurity Engineer, you will collaborate and partner with a global, cross-functional team to build cybersecurity capabilities and improve maturity. This role involves designing, implementing, and managing security technology to protect the company from cyber threats. Besides, you will support incident response, investigations, playbook development and efforts to identify and mitigate risk. In this role you will: Analyze, triage, and investigate alerts from various sources to determine the appropriate response or escalation Document analysis, findings, and actions for case management and metrics Support security incident response planning, procedure/playbook development and investigations Participate in on-call rotation for off-hours escalations Administer, optimize, and maintain the health of security tools, such as endpoint protection and response (EDR), network detection and response (NDR), and logging pipelines (Syslog/Cribl). Assist with remediation of identified security risks Minimum 6 years' experience in Information Technology or Cybersecurity IT or cybersecurity certifications from industry recognized sources preferred What you bring to BIC: Minimum 6 years' experience in Information Technology or Cybersecurity IT or cybersecurity certifications from industry recognized sources preferred Prior experience interpreting or analyzing log data and working with log pipelines Triaging alerts from various sources, following playbooks, and escalating legitimate issues Knowledge of security tools such as endpoint protection, firewalls, intrusion prevention, SIEM and EDR (CrowdStrike) Strong understanding of Windows server and desktop operating systems, networking fundamentals, security concepts, Active Directory, Microsoft Azure, Office 365. In-depth analytical and problem-solving skills to resolve complex issues BIC is an Equal Opportunity Employer. We strongly commit to hiring people with different backgrounds and experiences to help us build better products, make better decisions, and better serve our customers. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, veteran status, disability status, or similar characteristics. All employment is decided based on qualifications, merit, and business need. BIC is not seeking assistance or accepting unsolicited resumes from search firms for this employment opportunity. Regardless of past practice, all resumes submitted by search firms to any team member at BIC via email, or directly to a BIC team member in any form without a valid written search agreement in place for that position will be deemed the sole property of BIC, and no fee will be paid in the event the candidate is hired by BIC as a result of the referral or through other means.

Community Health Network of Connecticut, Inc. (CHNCT) is currently seeking an Information Security Specialist. This is a full-time, hybrid position requiring 2 days per week onsite in our Wallingford, CT office. Primary Responsibilities: Under the direction of the Director of Information Security, the Information Security Specialist is responsible for operations, auditing, and technical monitoring of CHNCT's Information Security and related activities. These activities include but are not limited to implementing and maintaining Information Security related systems, policies and processes in compliance with applicable security regulations (i.e., HIPAA and State of CT Security laws), and establishing and developing security-related operating procedures and standards. Works directly with contracted vendors for the implementation and maintenance of security hardware, software and services. Assists with the selection and evaluation of security related state-of-the-art systems. Tasks Performed: Monitors and maintains all aspects of the information security program. As a COMPUTER SECURITY INCIDENT RESPONSE TEAMS (CSIRT) member, logs and responds to incidents including communication of potential violations of the company's information security policies to CHNCT's Chief Information Security Officer. Independently acts to prevent or deter security breaches or intrusions that threaten the integrity of mission critical data or applications. Monitors email and Data Loss Prevention logs and responds to potential policy or regulatory violations. Monitors Phishing alerts and end user notifications. Audits network and file permissions structure and password and account maintenance. Assists in the development and testing of the Disaster Recovery and Business Continuity Plans. Processes exception requests and performs risk analysis on these and other customer requests. Actively reviews threat alerts and determines relevance and criticality to the organization. Contributes to project activities as a project team member or ad-hoc as requested. Other duties as assigned. Essential Functions: Implementation and maintenance of Information security related software, hardware and systems. Systems include but are not limited to phishing identification and prevention, Internet content filtering, Data Loss Prevention (DLP), Intrusion Detection/Prevention (IDS/IPS), Endpoint Detection and Response (EDR), Log Management, and Advanced Threat Mitigation. Duties include information security policy administration and configuration, security related server management, Disaster Recovery Planning, proactively identifying or rapidly responding to customer security issues and security events. Desired Education: 2 years post-secondary schooling Desired Degree: Associate's degree Desired Major: Computer Assurance or Computer Science Desired Job Experience: 3+ years' direct information security experience, preferably in healthcare Other Qualifications: Security+ or other security-related certification. Hands on exposure to providing information security operational support in a medium to large scale healthcare organization preferred. Knowledgeable in the management and setup of security related software and hardware Working knowledge of security administration, DLP, or other information security systems. Knowledge of EDR, EPP, IDS/IPS, AD and network infrastructure. Detail oriented, with meticulous attention to system and procedure documentation. CHNCT Offers Great Benefits: Medical, dental and vision coverage options Flexible spending and health savings accounts Group term life insurance A 401(k) plan with company-match and immediate vesting Voluntary accidental injury coverage Tuition reimbursement and continuing education opportunities A generous paid-leave bank and company holidays Wellness program We are dedicated to having a workplace where everyone feels valued, respected, and empowered to succeed. We embrace a wide range of perspectives and backgrounds, ensuring fair treatment and opportunities for all employees. We value our team's rich array of experiences and viewpoints, which contribute to our innovative and collaborative environment.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Position Synopsis: Individual will be relied upon to perform a variety of cyber security implementation and/or assessment activities involving power plant upgrades and/or new power plant projects. The individual will assist with planning, organizing, and preparing all activities related to cyber security when modifications are made at nuclear power facilities. This includes the development of DA/CDA lists, CDA assessments, performance of cyber security walkdowns, cyber security testing, and Cyber Security Assessment Team (CSAT) presentations. The individual will become familiar with codes and standards applicable to the nuclear power industry as well as possess a working knowledge of applicable NRC regulations. Typical activities include developing specifications and/or modification packages, defining design scope, developing design criteria documents, identifying, and selecting equipment, and configuration and testing of digital devices. The individual must be able to work on project teams with other engineers to evaluate conditions as well as proposed modifications which will improve plant performance, safety, and reliability. The individual will receive close supervision on unusual or difficult problems and general review of all aspects of work.

Position Synopsis: Individual will be relied upon to perform a variety of cyber security implementation and/or assessment activities involving power plant upgrades and/or new power plant projects. The individual will assist with planning, organizing, and preparing all activities related to cyber security when modifications are made at nuclear power facilities. This includes the development of DA/CDA lists, CDA assessments, performance of cyber security walkdowns, cyber security testing, and Cyber Security Assessment Team (CSAT) presentations. The individual will become familiar with codes and standards applicable to the nuclear power industry as well as possess a working knowledge of applicable NRC regulations. Typical activities include developing specifications and/or modification packages, defining design scope, developing design criteria documents, identifying, and selecting equipment, and configuration and testing of digital devices. The individual must be able to work on project teams with other engineers to evaluate conditions as well as proposed modifications which will improve plant performance, safety, and reliability. The individual will receive close supervision on unusual or difficult problems and general review of all aspects of work. Other Required Qualifications (minimum): All applicants must possess excellent verbal and written communication skills and can effectively present technical topics. Proficient with Microsoft Office software; Word, Excel, Visio, PowerPoint, etc. as well as competency in software applications for email and databases. Effective time management skills are required. Ability to pass security and drug screening and maintain unescorted nuclear plant access is required. Successful candidate will be required to understand and comply with company policies, procedures and processes. Overtime work is required. Travel is required to client sites with occasional periods of field/office work. Desired Qualifications: MS in Computer Science, Computer Information Systems, or Computer Engineering. Holds a current qualification to write cyber security assessments [e.g., Cyber Security Specialist (CSS)] with an existing licensed nuclear facility. Currently badged and is a member of a critical group of an existing licensed nuclear facility. Education Required (minimum): BS in Computer Science or equivalent. Cyber Certifications with additional experience will also be considered. Experience Required (minimum): Minimum 7 years of experience in an engineering environment. Knowledge of cyber security concepts in the nuclear industry is required. 3 years of experience at a working nuclear plant with plant systems training specific to the site. Proficient in performing cyber documentation for critical digital assets. Capable of being responsible and leading cyber work for associated design engineering projects. Leading the presentation of assessments or projects at CSATs and project team meetings involving cyber decisions and deliverables. Submittal Requirements: Resume and cover letter are to be emailed to ***********************************. Posting Requirements: This posting will be available from the Posted Date to the Removal Date period. Resumes received after the Removal Date (noted above) will not be considered. Note: Relocation assistance is not available for this position .

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Full-time Description The Risk Management Security Analyst is responsible for assisting Access Health CT (AHCT) with its Information Security Risk Management Program, satisfying both regulatory compliance requirements and managing security risk to an acceptable level. This role is a hands-on role that will be responsible for actively identifying, detecting, monitoring, maintaining, analyzing, advising, and responding to ongoing IT security and compliance needs under the guidance of the Associate Director, IT Security & Compliance. The individual selected for this role will collaborate with various cross-functional teams inclusive of partners and vendors in identifying, evaluating, categorizing, tracking and monitoring enterprise IT security risk and will assist with development and maintenance of IT security controls in adherence with federal and other government required cyber security frameworks. Furthermore, the individual in this role will be responsible for assisting with development, automation, and ongoing maintenance of end-to-end risk register and related risk management work streams and processes (i.e., risk assessments, risk mitigation strategies, etc.) by utilizing existing Archer Governance, Risk, and Compliance (GRC) platform and other state-of-the-art security tools. This role reports to the Associate Director of IT Security and Compliance and has no direct reports. *Please note that this position is available to individuals authorized to work in the U.S. without the need for sponsorship . Responsibilities Conduct third-party security risk assessments and security reviews in accordance with regulatory requirements. Collaborate with IT, Legal, product owners, and business teams to ensure appropriate IT Security and Compliance requirements are incorporated into new and ongoing engagements and initiatives. Support development, maintenance, and operation of a centralized enterprise cyber risk register and associated activities in Archer GRC platform. Define and report on key risk metrics to Management on regular basis. Liaise with IT, Legal, product owners, and business teams to provide accurate and timely responses to internal and external IT Security and Compliance inquiries and related activities. Assist with technical vulnerability assessments and security reviews of infrastructure, network, applications, and databases, utilizing Nessus scanning software and other state- of- the- art security tools. Facilitate, track, and manage vulnerability remediation based on risk categorization, with timely assessing and communicating risk, documenting, and reporting on mitigation status. Actively monitor, analyze, and generate reports on company's security landscape utilizing SIEM and other state- of- the- art security tools. Provide guidance, technical expertise, and training to the enterprise to ensure optimal use of the Archer GRC platform. Develop and maintain technical documentation, such as security control implementations, System Security Plan (SSP), user guides, process documentation, and configuration details. Identify opportunities for process optimization, automation, and streamlining tasks. Participate actively in frequent regulatory submissions and inquiries. Manage and continuously monitor remediation plans for compliance and mitigation of risk. Assist with responding to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches. Bridge information security requirements with business processes and IT systems and projects. Analyze and recommend security controls and procedures in business processes related to use of information systems and assets, and monitor for compliance. Develop, administer, and provide advice, evaluation, and oversight for information security training and awareness programs. Maintain a current and comprehensive understanding of relevant industry standards to incorporate into the risk management strategy, framework, and program. Completes other tasks, as assigned. Requirements Qualifications Bachelor's degree in Management Information Systems, Cybersecurity, Computer Science or related Information Technology field and/or equivalent industry experience. A minimum of 3-5 years of combined hands-on experience in Information Security, Information Technology, Audit, or Governance, Risk, and Compliance. One or more of the following security certifications is preferred or in process: Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Global Information Assurance Certification (GIAC) Working knowledge of common Cybersecurity Frameworks including the National Institute of Standards and Technology Cybersecurity Framework (NIST-CSF), NIST SP 800-53, FedRAMP, and Center for Internet Security (CIS) Critical Security Controls. Hands-on experience with GRC platforms and other state-of-the-art security tools. Experience with development and management of metrics and reporting. Applied knowledge with data mapping, risk assessments, third-party risk management, audits, compliance tracking, and security controls management. Solid understanding of cybersecurity best practices and how to implement and apply at a business setting. Demonstrated success in problem solving, project management, business analysis, and data analysis. Solid organizational and excellent verbal and written communication skills. Detail oriented and highly organized, with the ability to thrive in a fast-paced environment and prioritize accordingly. Ability to successfully multi-task while working independently or within a group environment. Ability to collaborate with internal and external stakeholders in an effective manner that produces desired results. Physical Demands: the physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is frequently required to sit, stand, hear, use hands to type data, and utilize a phone or other electronic communication devices. This employee may occasionally have to operate business machines. Specific vision abilities required in this job include close vision and the ability to adjust focus. Work Environment: this is an in-office role on Tuesdays and Wednesdays and a remote role 3 days per week. The noise level in the work environment is usually low to moderate. The role requires the ability to work offsite with stakeholders at their locations, e.g., BITS, DSS. Requires fast-paced deadlines and has a high stress at times. Occasional local travel and some travel within the U.S. Affirmative Action and Equal Opportunity Employer Salary Description $79,000 to $88,000 DOE

Job Description Aquinas Consulting is currently looking to fill an IT Security and Compliance Engineer job for our direct client in East Hartford, CT. In this role, you will design, implement, and manage security controls across cloud and on-prem environments while guiding clients through compliance requirements. You will support audits, assess gaps, and respond to incidents - ensuring clients maintain strong security postures. IT Security and Compliance Engineer Job Responsibilities: Design and implement security architectures across cloud, on-prem, and hybrid client environments Manage and optimize security tools including EDR, MDR, MFA, SIEM, firewalls, and VPNs Collaborate with NOC/SOC partners to monitor threats and respond to incidents Conduct gap assessments and advise on remediation plans for compliance frameworks such as NIST, CMMC, and PCI Support client audits by coordinating evidence collection and documentation Perform vulnerability scans, risk assessments, and configuration reviews Create and maintain security policies, procedures, and environment documentation Deliver security awareness training for internal teams and client personnel Develop and execute incident response playbooks and handle security events Improve security processes and tools, ensuring audit readiness and SLA compliance Stay current on industry trends and recommend new security measures Qualifications: Strong knowledge of servers, network infrastructure, and security technologies (firewalls, VPNs, MFA, SIEM, MDR, EDR) Experience securing cloud platforms such as AWS, Azure, or GCP, including IAM and native controls Familiarity with compliance frameworks such as NIST, CMMC, PCI, ISO 27001, etc. Excellent troubleshooting skills and experience supporting incident response Strong written and verbal communication skills with both technical and non-technical audiences Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience) 4+ years in cybersecurity engineering (MSP/MSSP/SOC experience preferred) Relevant certifications such as CompTIA Security+, CISSP, CISM, GIAC, or ISO 27001 Lead Implementer preferred If you are interested in this IT Security and Compliance Engineer job in East Hartford, CT, please apply now to be connected with a member of our team. Please note: Applying to this role is an agreement to have your information entered into our database and acknowledgement that a recruiter will reach out to you either by phone, email, and/or text message regarding this and similar job opportunities. Aquinas Consulting is a woman and minority owned company headquartered in Milford, CT that provides Engineering, Information Technology (IT), and Manufacturing staffing solutions throughout the US. We take pride in 20 years of service to our clients, our hiring managers, our consultants, and our local community. Aquinas is an affirmative action, equal opportunity employer and committed to considering all qualified applications without regard to race, genetic information, sex, age, color, religion, national origin, veteran status, disability or any other characteristic protected by law. *************************

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

What you'll do • Design and implement comprehensive data security architectures, with particular focus on database platforms (primarily SQL Server) • Develop and maintain enterprise-wide encryption strategies for securing structured and unstructured data both in transit and at rest, both and both on-premise and in the cloud • Enhance logging, monitoring and SecOps capabilities of enterprise databases and other data stores • Configure and optimize Identity and Access Management (IAM) solutions across data platforms and repositories to align to least privilege principles • Implement Data Loss Prevention (DLP) strategies and controls • Implement and maintain Information Rights Management (IRM) and Digital Rights Management (DRM) solutions • Design and implement data tokenization strategies where appropriate • Secure data processing pipelines and ensure appropriate controls for data workflows • Create and maintain data security documentation, including policies, procedures, and standards • Collaborate with development teams to ensure security best practices in data handling • Conduct vulnerability assessments of the firm's database architecture and associated data storage and processing systems • Assist in monitoring and managing security patching and upgrade processes for database platforms What's required • Bachelor's degree in computer science, cybersecurity, or related technical field • 6+ years of experience in data/database security engineering and governance • Deep expertise in database security, particularly SQL Server • Comprehensive understanding of data warehouse/data lake architectures and tools, particularly Databricks (required) • Subject matter expertise in Object Storage (eg: S3, Azure Blob, etc) and related security • Understanding of Active Directory Delegation (constrained vs. unconstrained) and associated best practices • Experience with 3rd-party SQL Server security governance and monitoring products (eg: Idera, Solarwinds) • Extensive knowledge of encryption technologies for both structured and unstructured data • Broad knowledge of secure data/file sharing solutions and ETL workflows • Experience designing and implementing data tokenization solutions • Experience with data classification and DLP technologies • Scripting/automation capabilities (eg: SQL, PowerShell, Python) • Commitment to the highest ethical standards Qualifications Ivy league colleges education preferred or huge plus. Additional Information All your information will be kept confidential according to EEO guidelines.

Duration: 6+ Months Experienced Firewall administrator for operational implementation, maintenance and configuration of firewalls. Key Responsibilities: Performs maintenance and changes in firewalls as required. Implementation of new firewalls as required Assists with troubleshooting network connectivity as it relates to firewalls Utilizes change management, request, and ticketing systems, documents status updates and problem resolutions Complete All assignments in a timely manner with an acceptable level of quality Maintains documentation related to work area Completes network change requests Follows documented processes, procedures and policies Performs customer service duties and responds to customer and project requests as defined by management Other related duties assigned as needed. Qualifications/Requirements: Bachelor's degree and with 3 to 4 years of operational experience administering Firewalls 4 or more years networking/firewall background Must have networking TCP/IP routing protocol experience Desired Characteristics: In-depth experience in security aspects of multiple platforms, operating systems, software, communications and network protocols is desired Competency in verbal, written, and presentation communications and interpersonal understanding Ability to understand customer's business needs. Leadership of work teams/groups Ability to work with all levels of employees Highly motivated and able to work effectively under minimal supervision in a fast-paced environment Team-oriented, placing priority on quality and the successful completion of team goals Organization and planning skills that include: time management, project coordination and management, and the ability to handle multiple deadlines and associated pressures. Competency in developing effective solutions to business problems Ability to analyze problems and to make decisions REQUIRED SKILLS YEARS OF EXPERIENCE WHEN THE SKILL WAS LAST USED Expert knowledge of Cisco Security products, ASA and Firepower Expert knowledge of NSX Expert knowledge of Palo Alto systems Security Certifications a Plus Must have networking TCP/IP routing protocol experience Networking/firewall background Operational experience administering Firewalls Additional Information All your information will be kept confidential according to EEO guidelines.

115-125k / Hartford CT / Hybrid Role / Security & Complaince We are seeking a Security Engineer with strong technical expertise and a focus on compliance to join our team. The ideal candidate will be responsible for designing, implementing, and maintaining security solutions while ensuring that our systems and processes meet industry standards and regulatory requirements. This role bridges hands-on security engineering with compliance oversight, supporting both technical operations and audit readiness. Key Responsibilities Design, implement, and maintain security tools, systems, and infrastructure. Support compliance initiatives, ensuring alignment with frameworks such as ISO 27001, NIST, SOC 2, HIPAA, or PCI-DSS. Collaborate with internal teams to ensure security controls are implemented and maintained across systems, networks, and applications. Perform risk assessments, vulnerability management, and remediation planning. Develop and maintain security documentation, policies, and standard operating procedures. Assist with audit preparation and evidence gathering for external and internal reviews. Monitor and analyze security alerts, responding to incidents in line with established processes. Provide guidance on secure design and compliance requirements for new systems and projects. Stay up to date with evolving security threats, tools, and compliance requirements. Qualifications 3-5 years of experience as a Security Engineer or similar role. Strong knowledge of network, system, and application security. Experience with compliance frameworks (ISO, NIST, SOC 2, HIPAA, PCI-DSS, etc.). Hands-on experience with security tools (SIEM, IDS/IPS, endpoint protection, vulnerability management, firewalls). Familiarity with cloud security (AWS, Azure, or GCP). Strong understanding of risk management, access control, and encryption. Excellent documentation, communication, and cross-team collaboration skills. Preferred Skills (Nice to Have) Relevant certifications (CISSP, CISM, CISA, Security+, CCSP). Experience supporting compliance audits or certification processes. Knowledge of DevSecOps practices and automation tools. Familiarity with privacy regulations (GDPR, CCPA).

Manage and continuously improve a Cyber Security Compliance program. This would include conducting security business and infrastructure compliance reviews, security risk assessments for internal/external information assets. Lead the Incident response and forensics program for Connecticut Children's Medical Hospital to ensure the confidentiality, integrity and availability of enterprise information resources. Provide recommendations to balance cyber risks and enable the business in a secure manner. Improve the overall security posture to meet the expanding and changing business needs of the organization. Education and/or Experience Required: Education Required: Bachelor's degree in Information Systems or equivalent Experience Required: Minimum of six (6) years of enterprise security related work experience. Minimum of four (4) years incident response/forensics experience. Previous 24 x 7 operations experience License and/or Certification Required: Required: Certified Information Systems Security Professional (CISSP) within 1 year of hire. Preferred: CISM, PCI QSA, GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA). Knowledge, Skills and Abilities: Knowledge Experience and proficiency with: Anti-Virus, HIPS, IDS/IPS, Network Captures, Host-Based & Network Forensics. Knowledge of Linux, UNIX, Windows OS, Active Directory and other operating systems. Knowledge of database platforms such as MS SQL, Oracle, and MySQL. Experience with a scripting language (e.g. Powershell, Python) Skills: Excellent written communication and presentation skills with the ability to present complex security issues to a variety of audiences, including senior executives Abilities: Must be self-directed, able to manage individual projects or act as part of a larger team Experienced in performing security audits, risk analysis, forensics and penetration testing. Actively monitor systems and networks for potential intrusions. Lead, conduct and maintain security risk assessments, identify security vulnerabilities, develop recommendations, document findings and remediation plans. Manage remediation plans toward closure. Define security standards & incident response plans to detect, respond and recover from security incidents using a risk based methodology. Develop and document security policies and procedures, training and awareness. Serve as a security expert reviewing and recommending security controls for network, application designs, operating systems, endpoint protection, mobile device implementations of new/updated applications and services. Ensure business and technical requirements are aligned to security policies and are implemented within regulatory and corporate compliance. Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; related to forensics and incident response.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

What you'll do • Design and implement comprehensive data security architectures, with particular focus on database platforms (primarily SQL Server) • Develop and maintain enterprise-wide encryption strategies for securing structured and unstructured data both in transit and at rest, both and both on-premise and in the cloud • Enhance logging, monitoring and SecOps capabilities of enterprise databases and other data stores • Configure and optimize Identity and Access Management (IAM) solutions across data platforms and repositories to align to least privilege principles • Implement Data Loss Prevention (DLP) strategies and controls • Implement and maintain Information Rights Management (IRM) and Digital Rights Management (DRM) solutions • Design and implement data tokenization strategies where appropriate • Secure data processing pipelines and ensure appropriate controls for data workflows • Create and maintain data security documentation, including policies, procedures, and standards • Collaborate with development teams to ensure security best practices in data handling • Conduct vulnerability assessments of the firm's database architecture and associated data storage and processing systems • Assist in monitoring and managing security patching and upgrade processes for database platforms What's required • Bachelor's degree in computer science, cybersecurity, or related technical field • 6+ years of experience in data/database security engineering and governance • Deep expertise in database security, particularly SQL Server • Comprehensive understanding of data warehouse/data lake architectures and tools, particularly Databricks (required) • Subject matter expertise in Object Storage (eg: S3, Azure Blob, etc) and related security • Understanding of Active Directory Delegation (constrained vs. unconstrained) and associated best practices • Experience with 3rd-party SQL Server security governance and monitoring products (eg: Idera, Solarwinds) • Extensive knowledge of encryption technologies for both structured and unstructured data • Broad knowledge of secure data/file sharing solutions and ETL workflows • Experience designing and implementing data tokenization solutions • Experience with data classification and DLP technologies • Scripting/automation capabilities (eg: SQL, PowerShell, Python) • Commitment to the highest ethical standards Qualifications Ivy league colleges education preferred or huge plus. Additional Information All your information will be kept confidential according to EEO guidelines.