Cyber security analyst jobs in East Lansing, MI

*****CANDIDATE MUST BE US Citizen (due to contractual/access requirements)***** **For candidates residing within a 50-mile radius of a Highmark office, a hybrid work schedule of three days per week (Tuesday, Wednesday, and Thursday) in the office is required.** The Cyber User Behavior Engineer is a pivotal role at Highmark, dedicated to enhancing our organization's security by cultivating a robust "security-first" culture. This individual will lead the design, implementation, and ongoing management of comprehensive security awareness programs. Their primary responsibility will be to educate, train, and inspire all Highmark employees to effectively identify and report security threats, ensuring adherence to Highmark's security policies and industry best practices. This role is crucial in minimizing human-centric security risks and fostering a vigilant and informed workforce. **ESSENTIAL RESPONSIBILITIES** + Develop, implement, and continuously improve a proactive program to identifying internal threats. + Establish close relationships with business stakeholders outside of the security discipline, working closely with privacy, physical security, fraud, legal, human resources and senior leadership. + Perform predictive analysis of behavior, anomalies, and concerns to identify internal threats. + Execute campaigns designed to improve enterprise security posture. + Continually enhance insider risk program to increase efficiencies and measure program effectiveness and report accordingly on progress. + Utilize change management methodologies to mitigate identified security risks. + Provide insider threat support to security operations and incident response teams in advance of and during cyber security incidents. + Ensure clear lines of communication including but not limited to; transparency to the business on upcoming security initiatives, identifying impact to the business and to consumers, helping shape remediation, and developing external and internal communications. + Ensure the education and awareness program is aligned with the Information Security Program, Policies and Standards. + Other duties as assigned or requested. **EDUCATION** **Required** + Bachelor's Degree in Business Education, Marketing or Information Systems **Substitutions** + Six (6) years relevant, progressive experience **Preferred** + Bachelors in Information Security **EXPERIENCE** **Required** + 3 years in IT or IT Security Focus + 3 years of Insider Threat Program focus To include: + 3 years with Human Intelligence (HUMINT) **OR** as an Open-source Intelligence Analyst **Preferred** + 1-3 years in a Security Awareness or adjacent role **LICENSES or CERTIFICATIONS** **Required** + None **Preferred** + Security + **OR** + GSEC **OR** + CISSP **OR** + CERT Insider Threat + SANS Security Awareness Professional (SSAP) Proofpoint Certified Security Awareness Specialist **SKILLS** + Change Management + Presentation Delivery + Prioritizing + Analytical and Logical Reasoning/Thinking + Communication Skills + Cyber Security + User Behavior + Continuous Improvement **Language (Other than English):** None **Travel Requirement:** 0% - 25% **PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS** **Position Type** Office-based Teaches / trains others regularly Frequently Travel regularly from the office to various work sites or from site-to-site Rarely Works primarily out-of-the office selling products/services (sales employees) Never Physical work site required Yes Lifting: up to 10 pounds Occasionally Lifting: 10 to 25 pounds Rarely Lifting: 25 to 50 pounds Never **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._ _As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._ _Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J272819

**Are You Ready to Make It Happen at Mondelēz International?** **Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.** The Cloud Security Analyst is responsible for ensuring the security, compliance, and operational integrity of enterprise workloads across cloud environments, including mostly AWS, Azure, and Google Cloud Platform. This role provides hands-on security expertise, drives cloud governance maturity, and partners closely with engineering, operations, and compliance teams to reduce risk and strengthen the organization's multi-cloud security posture. **Key Responsibilities** **Cloud Security Posture Management (CSPM)** + Monitor and manage security posture across AWS, Azure, and GCP using CSPM tools such as Wiz and Falcon Cloud Security. + Identify misconfigurations, vulnerabilities, and high-risk assets + Track and document remediation efforts. + Develop dashboards, metrics, and reporting for cloud compliance and risk reduction. **Identity, Access & Entitlement Security** + Review and enforce least-privilege access across cloud and hybrid environments. + Maintain identity guardrails (SSO, MFA, conditional access). + Conduct periodic access reviews and support privileged access governance. **Cloud Security Engineering** + Partner with engineering teams to design secure architectures following NIST, CIS, and company standards. + Validate Infrastructure-as-Code for compliance. + Support deployment and maintenance of cloud-native security controls. **Threat Detection & Incident Response** + Analyze cloud alerts and support cloud-focused incident response. + Coordinate with SOC teams to refine monitoring rules. **Governance, Risk & Compliance** + Contribute to cloud security policies, standards, and baselines. + Perform compliance reviews for CIS, NIST, ISO 27001. + Support audits and evidence gathering. **DevSecOps & Automation** + Work with DevOps teams to embed security into CI/CD pipelines. + Implement automated security checks. + Create scripts to automate security tasks. **Collaboration & Stakeholder Engagement** + Serve as a trusted partner to cloud engineering, network, application, and GRC teams. + Provide secure design guidance and threat modeling support. + Communicate risks clearly to technical and executive stakeholders. **What extra ingredients you will bring:** + 5+ years of experience in cloud security or cloud engineering. + Hands-on experience securing AWS, Azure, and GCP. + Strong understanding of IAM, network security, encryption, and cloud shared responsibility models. + Experience with CSPM tools, such as Wiz and Falcon Cloud Security. + Solid understanding of IaC concepts. + Familiarity with SIEM/SOAR and compliance frameworks. **Salary and Benefits:** The base salary range for this position is $106,300 to $146,190; the exact salary depends on several factors such as experience, skills, education and location. In addition to base salary, this position is eligible for participation in a highly competitive bonus program with possibility for overachievement based on performance and company results. In addition, Mondelez International offers the following benefits: health insurance, wellness and family support programs, life and disability insurance, retirement savings plans, paid leave programs, education related programs, paid holidays and vacation time. Some of these benefits have eligibility requirements. Many of these benefits are subsidized or fully paid for by the company. No Relocation support available **Business Unit Summary** The United States is the largest market in the Mondelēz International family with a significant employee and manufacturing footprint. Here, we produce our well-loved household favorites to provide our consumers with the right snack, at the right moment, made the right way. We have corporate offices, sales, manufacturing and distribution locations throughout the U.S. to ensure our iconic brands-including Oreo and Chips Ahoy! cookies, Ritz, Wheat Thins and Triscuit crackers, and Swedish Fish and Sour Patch Kids confectionery products -are close at hand for our consumers across the country. Mondelēz Global LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Applicants who require accommodation to participate in the job application process may contact ************ for assistance. For more information about your Federal rights, please see eeopost.pdf ; EEO is the Law Poster Supplement ; Pay Transparency Nondiscrimination Provision ; Know Your Rights: Workplace Discrimination is Illegal **Job Type** Regular Information Security Technology & Digital At Mondelēz International, our purpose is to empower people to snack right through offering the right snack, for the right moment, made the right way. That means delivering a broader range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about. We have a rich portfolio of strong brands - both global and local. Including many household names such as Oreo, bel Vita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the number 1 position globally in biscuits, chocolate and candy as well as the No. 2 position in gum Our 80,000 Makers and Bakers are located in our operations in more than 80 countries and are working to sell our products in over 150 countries around the world. They are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen, and happen fast. Join us and Make It An Opportunity! Mondelez Global LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Applicants who require accommodation to participate in the job application process may contact ************ for assistance.

Meta's Product Security team is seeking a experienced hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people. You will be relied upon to provide engineering and product teams with the web, mobile, or native code security expertise necessary to make informed product decisions. Come help us make life hard for the bad guys. **Required Skills:** Product Security Engineer, AI Responsibilities: 1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more 2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities 3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products **Minimum Qualifications:** Minimum Qualifications: 4. BS or MS in Computer Science or a related field, or equivalent experience 5. 8+ years of experience finding vulnerabilities in interpreted languages. Knowledge of best practice secure code development 6. Experience with exploiting common security vulnerabilities 7. Knowledge of common exploit mitigations and how they work 8. Coding and scripting experience in one or more general purpose languages **Preferred Qualifications:** Preferred Qualifications: 9. Experience creating software that enables security processes, especially those leveraging AI/ML for automation or augmentation 10. Experience integrating or building AI-powered tools to assist with vulnerability detection, code review, or threat modeling 11. Experience creating software that enables security processes 12. 8+ years of experience finding vulnerabilities in C/C++ code 13. Contributions to the security community (public research, blogging, presentations, bug bounty) 14. Demonstrated ability to collaborate with AI researchers or engineers to apply AI in security workflows **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Skills Required: SIEM - IBM QRadar Vulnerability Management - Qualys Scanning Asset Management Remedy Networking Cisco Firewalls - Checkpoint Load Balancer F5 Experience Required: 5+ years with a SIEM (QRadar included) Installation and configuration of QRadar SIEM Vulnerability Assessments PCI Compliance & Scanning Network engineering Network/Security Design & Documentation Experience Preferred: Ability and experience to train other staff in the QRadar SIEM Education Required: Security Training Additional Information Thanks & Regards Aravind ************

Skills Required: SIEM - IBM QRadar Vulnerability Management - Qualys Scanning Asset Management Remedy Networking Cisco Firewalls - Checkpoint Load Balancer F5 Experience Required: 5+ years with a SIEM (QRadar included) Installation and configuration of QRadar SIEM Vulnerability Assessments PCI Compliance & Scanning Network engineering Network/Security Design & Documentation Experience Preferred: Ability and experience to train other staff in the QRadar SIEM Education Required: Security Training Additional InformationThanks & Regards Aravind ************

Role: Embedded/Automotive Cyber Security Software Engineer Duration: Long Term Experience Level: 6+ years Responsibilities Drive Embedded Software Cybersecurity Architecture and Security Features Development Develop Threat Models and Conduct Risk Assessment Implementation of Low-Level Cybersecurity Requirements Provide Architectural Inputs for Design of Various Security Features incorporated in product Provide guidance and technical direction to other members on the delivery team Support and review product Cybersecurity Engineering through the various phases of Automotive product development: - Concept, Design, Concept Validation, Operations and Maintenance Proven Technical Skills and Experiences Automotive E/E architectures for vehicle control and connected cars services. Experience with embedded software engineering and IoT systems Experience of Implementing security features using HSM/Trust zones on ARM based platforms Secure Software Development within RTOS/AUTOSAR Experience with Agile Toolchain Management Capabilities within Component and Unit-Level Cybersecurity Tests, including development and execution Experience of Implementing Security on Android and Linux based OS at the application and Kernel level Familiarity with vehicle network architecture, modules, and protocols (CAN etc.) Implementation of various security concepts like Secure boot, Secure Authentication, HSM, cryptography Experience of working on connected cars with automotive Tier1s/OEMs Skills required B.E. or B.Tech./B.S degree in Computer Science, Electrical/Electronic Engineering 6+ years of experience in Cybersecurity experience in product security (preferred automotive Cybersecurity) Cybersecurity standard (ISO/SAE 21434), regulations (UN R155, UN R156) Risk Management (ISO/SAE 21434 preferred, or ISO 31000) Product-specific technical knowledge High level of interpersonal skills to work effectively in a geographically dispersed team Experience working in any flavor of the Agile Software Development method e.g. SCRUM

+ As a Cyber Engineer, you will be responsible for maintaining systems, performing reviews, and evaluating configurations. + You will handle daily tasks and requests using the corporate IT ticketing system. + The role focuses on the hardening and improvement of existing systems to reduce risk to the systems and/or data. **Responsibilities:** + Maintain existing systems and ensure their proper functioning, identifying a baseline operation and identify an issue outside of the baseline. + Review the configuration of different systems, including consoles to evaluate system configurations for security controls. + Handle daily requests through the corporate IT ticketing system to onboard devices onto the network and address system issues. + Work with other teams to address findings. + Influence others to reduce risk and increase the resiliency of the system to cyber events. + Conduct vulnerability assessments and security evaluations of complex systems. + Develop and maintain comprehensive security testing plans. + Automate security testing processes for networks, systems, and applications where possible. + Develop meaningful metrics to reflect the security posture of the environment. + Produce actionable, threat-based reports on security review results. + Consult with platform managers and systems administrators on security review results and remediation strategies. + Install, operate, and maintain various cybersecurity products. + Implement routine security reviewing processes. + Collaborate closely with the organization's architect to implement design recommendations and requirements in the work environment. **Experience:** + At least 5 years of hands-on experience working with operating systems + Knowledge with security testing frameworks, such as OWASP. + Excellent organizational and time management skills. + Strong critical thinking and analytical abilities. **Skills:** + Proficient knowledge of: Unix/Linux systems, Mac OS + Desired Qualifications: + Knowledge of application development processes and proficiency in at least one programming or scripting language (Python, PowerShell, ETC.). + Windows client/server environments, VMware/Citrix + Cloud environments and technologies (e.g., AWS, Azure) + Certifications such as CCNA, NCSA, Linux Essentials, CompTIA-Security+, (ISC)2-SSCP **Education:** + Bachelor's or equivalent experience. **About US Tech Solutions:** US Tech Solutions is a global staff augmentation firm providing a wide range of talent on-demand and total workforce solutions. To know more about US Tech Solutions, please visit *********************** (********************************** . US Tech Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Genoa Employment Solutions is currently seeking an Information Security Engineer to join our Security Team. Provides senior level leadership and guidance in all areas relating to information security in order to align and establish information security architecture and strategy with business requirements. Primary Job Responsibilities: 1. Leads and conducts audits of corporate information systems to ensure compliance with security policies, NIST security controls, PCI-DSS and applicable state and federal laws and regulations. 2. Identifies functionality requirements, performs implementation and advanced security administration of tools (e.g. SIEM, vulnerability management, web application firewall). 3. Trains and transitions day-to-day support of security tools to information security analysts. 4. Establishes control-related standards and procedures and prepares project status reports for senior management. 5. Designs and coordinates business resumption and recovery test and evaluation plans for security, in support of disaster recovery and business continuity plans. 6. Identifies potential risk items and subsequent remediation of vulnerabilities in the environment. 7. Supports day-to-day monitoring of logs and alerts from firewalls, log management, intrusion detection systems and content filtering controls, etc. 8. Performs forensic analysis and investigation of log alerts and malware. 9. Provides advanced security analysis and guidance to the information security analyst and administrator team members. 10. Provides advanced technical problem solving in configuration and utilization of all security enabled applications, systems and network devices. 11. Provides advanced technical analysis of commercial and government customer requirements and controls.

360 IT Professionals is a Software Development Company based in Fremont, California that offers complete technology services in Mobile development, Web development, Cloud computing and IT staffing. Merging Information Technology skills in all its services and operations, the company caters to its globally positioned clients by providing dynamic feasible IT solutions. 360 IT Professionals work along with its clients to deliver high-performance results, based exclusively on the one of a kind requirement. Job Description We are looking to fill a position for Jr. Security Analyst in Lansing MI. Qualifications At least 1 years of relevant experience is required. Additional Information In person interview is acceptable.

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Woven by Toyota is enabling Toyota's once-in-a-century transformation into a mobility company. Inspired by a legacy of innovating for the benefit of others, our mission is to challenge the current state of mobility through human-centric innovation - expanding what “mobility” means and how it serves society. Our work centers on four pillars: AD/ADAS, our autonomous driving and advanced driver assist technologies; Arene, our software development platform for software-defined vehicles; Woven City, a test course for mobility; and Cloud & AI, the digital infrastructure powering our collaborative foundation. Business-critical functions empower these teams to execute, and together, we're working toward one bold goal: a world with zero accidents and enhanced well-being for all. TEAMThe security team at Woven by Toyota is on the cutting edge of many challenging security problems.We identify emerging security threats in autonomous vehicles and help design more secure systems.We work closely with internal platform teams to provide a secure development environment through tooling and automation, allowing developers to innovate quickly without compromising security. WHO ARE WE LOOKING FOR?We are looking for a Senior Security Risk Technical Specialist to lead information security risk management engagements such as technical risk assessments pertaining to Woven by Toyota's businesses and engineering work. You will identify risks and vulnerabilities by working with diverse internal and external stakeholders of varied technical and business backgrounds. You will work with technical product teams on assessing any security risks and manage those risks through their lifecycle. You will be expected to work with both highly technical teams and senior management. While this is a risk assurance position, given the cutting edge nature of projects that we work on (IoT, autonomous driving, vehicle OS), we are seeking a candidate with strong technical insight. Woven by Toyota Security demands high standards, so a passion and discipline around security and delivery is critical. A high level of ownership and accountability is a must. In this role you will report to an engineering manager, in a hybrid capacity requiring your presence on-site three days per week.RESPONSIBILITIES Lead/perform risk assessment engagements for products (IoT, autonomous driving, AI etc), enterprise, and related information systems or processes. Manage technical, process and human related information security risks and ensure compliance for information security policies and regulatory requirements by conducting technical, procedural and operational review of business processes and system controls Communicate and escalate risk issues to the appropriate level and department from frontline teams to senior management Evaluate technology and business-related controls for integrating business and information system security and risk mitigation efforts for products and enterprise. Coordinate and validate business risk justification documents for internal and external governance programs Manage third party risk with both internal and external stakeholders MINIMUM QUALIFICATIONS Bachelor or Masters degree in Information Security and/or related field 6+ years experience in Information Security 3+ years technical security experience securing products incorporating emerging technologies like IoT, AI, Automotive operating systems 1+ year of experience within Information Risk Management, IT audit or Security Governance function 1+ year of experience with regulatory compliance and information security management frameworks (e.g., ISO27001/ISO27002, NIST CSF, CMMC) Experience in highly regulated industries, ideally with retail product exposure and impact Technical expertise in the security field and experience with security architecture and ability to challenge risk assessments on the technical side Experience with multiple risk assessment methods including threat modeling (STRIDE, etc) High level of independence and autonomy in leading and performing engagements, including conducting interviews, with a complex set of corporate stakeholders Experience in IT auditing and technical assessments of networks, operating systems, cloud environments, etc Excellent written and verbal communication skills and ability to adapt communication to the audience skillset and level of responsibilities NICE TO HAVES Japanese language proficiency 5+ years of technical security experience out of the required 6+ years of Information Security experience 3+ years of experience within Information Risk Management, IT audit or Security Governance function 3+ years of experience with regulatory compliance and information security management frameworks (e.g., ISO27001/ISO27002, NIST CSF, CMMC) 1+ year of development and coding experience ideally in IoT, AI, automotive OS Experience with compliance especially security and privacy regulations Experience building enterprise governance, risk, and compliance programs Hands-on experience in configuring and working with GRC tools Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA) WHAT WE OFFERWe are committed to creating a modern work environment that supports our employees and their loved ones. We offer many options of the best programs to allow you to do your most meaningful work and to help you shape the future of mobility.・Excellent health, wellness, dental and vision coverage・A rewarding 401k program・Flexible vacation policy・Family planning and care benefits Our Commitment・We are an equal opportunity employer and value diversity.・Any information we receive from you will be used only in the hiring and onboarding process. Please see our privacy notice for more details.

**General information** **Ref #** 21228 **Remote?** No **Ally and Your Career** * Ally Financial only succeeds when its people do - and that's more than some cliché people put on job postings. We live this stuff! We see our people as, well, people - with interests, families, friends, dreams, and causes that are all important to them. Our focus is on the health and safety of our teammates as well as work-life balance and diversity and inclusion. From generous benefits to a variety of employee resource groups, we strive to build paths that encourage employees to stretch themselves professionally. We want to help you grow, develop, and learn new things. You're constantly evolving, so shouldn't your opportunities be, too? **The Opportunity** At Ally, you get a startup feel, but experience the benefits of a company that has worked out the kinks and is fulfilling its purpose. We are always evolving and see that as a good thing. From owning our work to seeing its impact in the real world, our team is relentless in finding new ways technology can help make experiences better and help people. We are problem solvers, we value diverse thinking, we support one another, and we challenge ourselves to think bigger in the journey to deliver customer-obsessed tech solutions. To read more about what our tech team does, be sure to visit our tech blog at ally.tech We are looking for a talented and trustworthy application security engineer. Primary responsibilities include acting as a subject matter expert, performing AppSec testing activities, coordinating vendor pen testing with development teams, and coaching developers. To ensure success, you should have advanced knowledge of computer and internet security systems, advanced level web application penetration testing skills, and the ability to automate processes, reporting, and governance activities. Candidates must have the skills necessary to identify security flaws and provide actionable recommendations on how to improve security and protect information systems and data. At this time, Ally will not sponsor a new applicant for employment authorization for this position. **The Work Itself** * Lead the effort to build an effective API Security program: * Work with key stakeholders on gateway and cloud teams to develop a process to build a comprehensive inventory of API's, endpoints, routes, etc. * Enhance current AppSec processes and routines to include technical controls to enforce compliance and governance requirements across the API ecosystem. * Perform penetration testing against products and systems, including web applications, web services, and mobile devices. * Work closely with engineering to design, test, and maintain AppSec processes implementation * Collaborate with DevSecOps to implement, maintain, and improve shift-left scanning processes * Assist with coordination of vendor pen testing services with internal development teams. * Collaborate with stakeholders to develop remediation strategies. * Demonstrating practical/working exploitation of security flaws. * Develop and enhance processes to automate the delivery of application security metrics. * Review security scan output for false positives. Assist developers with remediation. * Serve as an application security subject matter expert for all areas. * Participate in threat modeling exercises. * Effectively communicate vulnerability details, risks, and potential impacts to, application owners, developers, stakeholders, and partners. * Act as a mentor for junior team members/interns. * Design, implement, and support security-focused tools and services. * Develop tools that improve security testing, reporting, and monitoring. * Other duties as assigned. **The Skills You Bring** Principal Expectations: * 3-5 years of experience in manual penetration testing of web and mobile applications. * Identify, research, and evaluate current vulnerabilities, provide remediation and configuration guidance. * Collaborate with stakeholders to develop remediation strategies. * Ability to interact with company personnel at all levels and across all business units to comprehend business imperatives. A strong customer/client focus, with the ability to manage expectations appropriately, to provide a superior customer/client experience and build long-term relationships. * Competent to work independently at an advanced technical level. * Produce well-written, detailed reports that describe vulnerabilities/risks and that provide specific remediation guidance. Requirements: * Understanding of cloud technologies and environments (AWS, Azure, Google). * Ability to demonstrate a clear understanding, at an enterprise level, of application, network, infrastructure, and data security architecture. * Excellent analytical skills, able to manage multiple projects under strict timelines, work well in a demanding dynamic environment, and meet overall objectives. * Ability to work under pressure and manage competing priorities. * Knowledge of web application frameworks, deployment technologies and security software. * Scripting capabilities for creating custom scripts to identify/exploit vulnerabilities. * Strong writing skills to produce detailed reports for consumption by stakeholders at all levels from operations to executive. Desired Skillset, Experience, and/or Training: * Proven work experience in manual secure code review. * Experience working with GitLab Ultimate CI/CD technology, shift-left tools, and application security workflows. * GPEN, OSCP, CISSP, GWAPT, CEH, OffSec or similar certifications. * Desired scripting experience: One or more of Python, JavaScript, PowerShell, shell script, Ruby, PHP, LUA etc. * Bachelor's degree in Information Technology or Computer Science, or equivalent experience. * Inherent passion for information security and service excellence. * The ability to adapt to new situations and the desire to learn and stay current with AppSec trends, threats, and risks.n call 24/7. * Coding experience such as JavaScript or API. \#LI-Hybrid **How We'll Have Your Back** * Ally's compensation program offers market-competitive base pay and pay-for-performance incentives (bonuses) based on achieving personal and company goals. But Ally's total compensation - or total rewards - extends beyond your paycheck and is designed to support and enrich your personal and professional life, including: * Time Away: competitive holiday and flexible paid-time-off, including time off for volunteering and voting. * Planning for the Future: plan for the near and long term with an industry-leading 401K retirement savings plan with matching and company contributions, student loan and 529 educational assistance programs, tuition reimbursement, and other financial well-being programs. * Supporting your Health & Well-being: flexible health and insurance options including dental and vision, pre-tax Health Savings Account with employer contributions and a total well-being program that helps you and your family stay on track physically, socially, emotionally, and financially. * Building a Family: adoption, surrogacy, and fertility support as well as parental and caregiver leave, back-up child and adult/elder day care program and childcare discounts. * Work-Life Integration: other benefits including LifeMatters Employee Assistance Program, subsidized and discounted Weight Watchers program and other employee discount programs. Who We Are: Ally Financial is a customer-centric, leading digital financial services company with passionate customer service and innovative financial solutions. We are relentlessly focused on "Doing it Right" and being a trusted financial-services provider to our consumer, commercial, and corporate customers. For more information, visit ************* Ally is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity or expression, pregnancy status, marital status, military or veteran status, genetic disposition or any other reason protected by law. Where permitted by applicable law, must have received or be willing to receive the COVID-19 vaccine by date of hire to be considered, if not currently employed by Ally. We are committed to working with and providing reasonable accommodation to applicants with physical or mental disabilities. For accommodation requests, email us at *************. Ally will not discriminate against any qualified individual who is capable of performing the essential functions of the job with or without reasonable accommodation. **_Base Pay Range:_** An individual's position in the range is determined by the scope and responsibilities of the role, work experience, education, certification(s), training, and additional qualifications. We review internal pay, the competitive market, and business environment prior to extending an offer. **Emerging:** 135000 **Experienced:** 185000 **Expert:** 235000 Incentive Compensation: This position is eligible to participate in our annual incentive plan

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Onsite -100% in Chelsea, MI The Torque Security VRT (Vehicle Reaction Test) Engineer is responsible for designing, coordinating and conducting the Torque Security safety audit for new powertrain applications for both spark ignited engines and electrified powertrain systems. The Engineer will plan, then conduct or supervise, a highly detailed series of electrical and CAN fault injections designed to test the Torque Security system's capacity to detect failures and perform the necessary remedial action. The engineer will generate reports, conduct test concern reviews with feature calibrators, and assist in investigations into software/logic errors uncovered during testing. The Engineer will manipulate and utilize large and complex sets of engine mapping data to analyze and solve complex system problems as they relate to functional safety, will work cross functionally with engine development, powertrain controls and vehicle teams to identify solutions that achieve program requirements. The candidate should expect to travel 1-3 weeks throughout the year for system validation/verification. Responsibilities include but not limited to: Develop test plans, and validate torque security diagnostic strategies to ensure compliance with system requirements and meet safety release requirements at appropriate program milestones. Execute verification test plans to confirm diagnostic functionality and system robustness. Analyze large and complex engine mapping datasets to identify and resolve system-level issues related to functional safety. Generate technical reports and documentation to support calibration and validation activities. Collaborate with feature calibrators to review test concerns and support root cause investigations of software or logic issues. Work cross-functionally with engine development, powertrain controls, and vehicle integration teams to deliver solutions that meet program goals. Coordinate and participate in corrective action meetings to drive improvements through calibration and software updates. Travel 1-4 weeks annually for system validation and verification activities. Support vehicle testing and attend in-person meetings at the Auburn Hills facility as needed. Requirements: Bachelor of Science degree in Mechanical Engineering, Electrical Engineering, Computer Science, or a related engineering field from an accredited university. Other Engineering disciplines may be considered. Minimum 1-3 years of experience in engine development, powertrain systems development /engine calibration /control systems development / diagnostics within the automotive industry. Strong foundational knowledge of internal combustion engines and powertrain calibration. Proficiency with calibration tools such as INCA and CDA, X-plot Ability to interface with software and read Simulink models via MATLAB tools. Outstanding analytical and problem-solving skills, with the ability to triage and work with complex datasets. Self-motivated, proactive, and capable of working independently and following up with stakeholders. Strong leadership and interpersonal skills, with a collaborative mindset. Excellent written and verbal communication skills, including the ability to present technical content to upper management using tools like PowerPoint. Preferred Requirements: Master of Science degree in Mechanical Engineering or Electrical Engineering, Computer Science from an accredited university 5+ years of experience in engine development, powertrain systems development /engine calibration /control systems development / diagnostics within the automotive industry Calibration process knowledge using design of experiments and advanced optimization techniques Functional Safety standard knowledge with ISO26262 training. Proficient in advanced simulation tools Proficient in Matlab / Simulink Additional Must Haves: Ability to read Simulink Models / use of Matlab Ability to analyze large data files and provide feedback on results in a timely matter and then identify if retest is required or test pass or fail to the lead calibrator. Work necessary Overtime / Weekends per program demands Onsite - 100% in Chelsea, MI with occasion travel to Auburn Hills, MI Will drive a company vehicle and must have a valid driver's license Travel: Potential trip support if needed 1-3 weeks throughout the year Contract to hire opportunity

Meta Platforms, Inc. (Meta), formerly known as Facebook Inc., builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps and services like Messenger, Instagram, and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. To apply, click "Apply to Job" online on this web page. **Required Skills:** Security Engineer Responsibilities: 1. Build tools that enable connectivity to our infrastructure only from Meta owned and managed devices. 2. Build machine attestation and secure certificate storage solutions to enable strong client trust. 3. Deploy systems that help mitigate security risks by understanding and controlling what software is allowed to execute on our client devices. 4. Develop, validate, and enforce our client security policies. 5. Build and deploy tools and automation that proactively detect and respond to security risks and threats to internal corporate services. 6. Advise and collaborate with other teams. 7. Telecommuting from anywhere in the U.S. allowed. **Minimum Qualifications:** Minimum Qualifications: 8. Requires Bachelor's Degree (or foreign equivalent) in Computer Science, Engineering or a related field and 1 year of experience in the job offered or a computer-related occupation 9. Requires 12 months of experience involving the following: 10. PHP, Golang, Python, C/C++, Rush, or Ruby 11. Designing and deploying security infrastructure such as PKI, key management, and certificate management 12. Endpoint Security & Management 13. Certificate Lifecycle 14. Devices & OS hardening and security policies 15. Identity & Access Management (Authentication & Authorization, SSO) 16. Network Security and 17. Programming and Code Review **Public Compensation:** $178,041/year to $200,200/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Able to provide guidance in all areas relating to information security in order to align and establish information security and strategy with business requirements. Primary Job Responsibilities: Assist with audits of corporate information systems to ensure compliance with security policies, NIST security controls, PCI-DSS and applicable state and federal laws and regulations. Identifies functionality requirements, performs implementation and security administration of tools (e.g. SIEM, vulnerability management, web application firewall). Establishes control-related standards and procedures and prepares project status reports for management. Designs and coordinates business resumption and recovery test and evaluation plans for security, in support of disaster recovery and business continuity plans. Identifies potential risk items and subsequent remediation of vulnerabilities in the environment. Supports day-to-day monitoring of logs and alerts from firewalls, log management, intrusion detection systems and content filtering controls, etc. Performs forensic analysis and investigation of log alerts and malware. Provides security analysis and guidance to the information security analyst and administrator team members. Provides technical problem solving in configuration and utilization of all security enabled applications, systems and network devices. Provides technical analysis of commercial and government customer requirements and controls. Perform other related assigned duties as necessary to complete the Primary Job Responsibilities as described above.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************