Cyber security analyst jobs in Fort Collins, CO

ATTENTION MILITARY AFFILIATED JOB SEEKERS - Our organization works with partner companies to source qualified talent for their open roles. The following position is available to Veterans, Transitioning Military, National Guard and Reserve Members, Military Spouses, Wounded Warriors, and their Caregivers . If you have the required skill set, education requirements, and experience, please click the submit button and follow the next steps. Unless specifically stated otherwise, this role is "On-Site" at the location detailed in the job post. Clearance Level - Must Be Able to Obtain Top Secret/SCI Polygraph U.S. Person Required Yes Travel Percentage Clearance Level - Must Currently Possess Top Secret/SCI U.S. Citizenship Required Yes Is Relocation Available Yes Job Description Technical advisor for the Information Systems (IS) security requirements necessary for the protection of all sensitive information processed, stored, and/or transmitted through the use of the IS. Interprets government requirements, prepare, validate, and maintain documentation in support of the Risk Management Framework (RMF). Also implements and oversees the program security plans, policies, and procedures necessary to ensure compliance with all company and government requirements. The Enterprise Assurance Strategic Capabilities Unit delivers critical assurance disciplines that protect and enable people, data and missions. We provide a comprehensive approach to managing risk across the enterprise for current and future information environments where the business and missions execute. We apply the use of innovative tools and robust processes to ensure mission and business success. What You'll Do: Schedule, conduct, and administer security tests and evaluations programs to ensure that all the applicable IS are operating in accordance with security requirements. Maintain a configuration management system to track and control all components of IS used in support of programs. Identify, evaluate, and document all IS and provide guidance on what controls and countermeasures may be appropriate to mitigate vulnerabilities and threats Perform audits of all IS, investigation anomalies, and record and report findings, as required. Coordinate and/or conduct detailed inquiries; assess potential damage; and develop, document, implement, and monitor corrective action plans. Perform data spill containment and clean up per customer direction. Ability to identify and respond to potential cyber threats to company equities utilizing advanced software applications and information provided by government partners and open-source intelligence gathering. May coordinate the response and recovery activities from information security incidents. This includes collaboration with appropriate response partners, assist with determining the root cause of cyber incidents and work with stakeholders and responsible parties to remediate any identified control gaps or failures. May perform data breach response, cyber risk/security assessments, and remain involved in phases such as penetration testing, vulnerability scanning, and log configuration. May participate in engagements related to preemptive data breach response; analytic and reporting for litigation, data breaches, and regulatory response; workplace and employment issues, including theft of trade secrets; and investigations related to network breaches/unauthorized access of data through computer forensics and incident response. May perform duties as a cyber security threat hunter; track threat actors; responsible for reviewing system log events and data packets to proactively detect advanced threats that evade traditional security solutions; participate in developing processes, procedures, and training for new technologies. Identify and manage Plan of Action & Milestones (POA&Ms) through remediation as well as develop corrective action plans for each POA&M; monthly progress reporting to management. Promote information security awareness. Maintain a regular and predictable work schedule. Establish and maintain effective working relationships within the department, the Strategic Business Units, Strategic Capabilities Units and the Company. Interact appropriately with others in order to maintain a positive and productive work environment. Perform other duties as necessary. On-Site Work Environment: This position requires regular in-person engagement by working on-site five days each normally scheduled week in the primary work location. Travel and local commute between company campuses and other possible non-company locations may be required. Working Conditions: Work is performed in an office environment, laboratory, cleanroom, or production floor. Additional Qualifications/Responsibilities Required Education, Experience, & Skills Related Bachelor's and 2 or more years of related experience Each higher-level degree, i.e., Associate's, Bachelor's Degree, Master's Degree or Ph.D., may substitute for additional years of experience. Related certifications may count towards years of related experience. Related technical experience may be considered in lieu of education. Degree must be from a university, college, or school which is accredited by an agency recognized by the US Secretary of Education, US Department of Education. A current, active TS/SCI security clearance is required with the ability to obtain and maintain a TS/SCI Polygraph. 8140 compliant certification. Preferred Education, Experience, & Skills A current, active TS/SCI with Polygraph security clearance. Pay Information Full-Time Salary Range: $77809 - $132275

Do you want to be part of a business that genuinely values entrepreneurialism, innovation and individual accountability? We focus on our customers and are proud of the difference our technology makes. We partner with some of the biggest manufacturing companies in the world and our technical innovations are used to enhance well-known brands across multiple industries. Information Security Analyst Title Information Security Analyst Department IT Location Niwot, CO Reports To IT Infrastructure and Operations Manager About Us Established in 1972, Particle Measuring Systems is a global leader for micro-contamination monitoring equipment improving the performance of clean manufactures in the semiconductor and pharmaceutical industries. We're a growing technology company in Niwot, Colorado, the heart of the Rocky Mountains. We offer an exceptional and rewarding work environment in a great place to live. Our employees enjoy challenging projects in the development and manufacture of light scattering particle counters and diverse technologies and applications. Your Impact We are looking for an Information Security Analyst who will contribute to the success of the IT Team, applying their expertise in Security to support the achievement of team and company goals and deliver innovative, reliable solutions. In this role, the successful candidate will collaborate effectively with colleagues and cross-functional teams, demonstrate strong problem-solving and decision-making skills, and maintain a commitment to professional excellence, quality and continuous improvement. The Role Particle Measuring Systems is seeking an Information Security Analyst to protect the confidentiality, integrity, and availability of organizational information assets. This role supports the implementation and maintenance of the company's information security program, ensuring compliance with internal policies, regulatory requirements, and industry standards (e.g., ISO 27001, NIST, GDPR). The analyst will work and collaborate closely with teams and leadership to achieve a strong controlled environment that enhances and protects the organization from threats and risks. You will work closely with the business functions to identify and mitigate areas of risk, monitor security controls, and promote a culture of security awareness across the organization. Job Responsibilities Security Governance & Compliance Support the development, implementation, and maintenance of information security policies, standards, and procedures. Conduct and document regular security risk assessments and audits. Oversee program of Penetration testing within the various functions of the business Participate in compliance activities with frameworks such as ISO 27001, NIS2, and CMMC. Coordinate and track remediation of identified security risks or control gaps. Assist in vendor and third-party risk assessments, ensuring due diligence and alignment with security and privacy requirements. Security Operations & Monitoring Monitor and analyze alerts from security tools (e.g., SIEM, EDR, vulnerability management systems). Investigate potential security incidents and support incident response processes. Assist with any incident response processes that may arise within the business Perform regular vulnerability scans and assist with patch management coordination. Collaborate with Group to ensure overall compliance with Security is achieved. Maintain an up-to-date understanding of emerging threats and vulnerabilities relevant to our business. Data Protection & Access Management Enforce and monitor access control policies and user account management practices. Support data classification, encryption, and data loss prevention initiatives. Ensure secure handling and disposal of sensitive or regulated data. Awareness & Training Conduct or coordinate employee security awareness and phishing simulation programs. Promote a culture of cybersecurity and privacy across all departments. Continuous Improvement Contribute to the evaluation and implementation of new security tools or processes. Participate in post-incident reviews and lessons-learned sessions to enhance controls. Support IT projects by providing security input during planning and implementation phases. Other Continuously evaluate processes for improvements in efficiency, quality, and safety. This job description is not intended to be all-inclusive. Responsibilities may evolve over time, and other related duties may be assigned to meet the ongoing needs of the company. Required Qualifications Bachelor's degree in information technology, Cybersecurity, Computer Science, or related field. 3-5 years of experience in information security, cybersecurity, or IT risk management. Experience with security frameworks (ISO 27001, NIST, CIS Controls). Familiarity with network security, endpoint protection, identity and access management, and incident response. Strong analytical and problem-solving skills. Excellent written and verbal communication. Detail-oriented with a risk-based approach to decision making. Ability to work collaboratively across technical and non-technical teams. Commitment to continuous learning and professional development Preferred Qualifications Certifications CompTIA Security+ GIAC Security Essentials (GSEC) Work Environment & Physical Requirements This role primarily operates in an office/lab/manufacturing environment. Must be able to sit, stand, and use a computer for extended periods of time. Occasional lifting of up to 20 lbs. may be required. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions of this role. Hybrid work option available (onsite and remote flexibility). May require participation in off-hours incident response or audits. Compensation & Benefits Competitive base salary range: $85000 - 130000 Our compensation philosophy: we offer competitive pay based on market data, including local, national, and industry benchmarks. For new hires, offers are generally within the established min- to mid-point of the range for the role, with flexibility to recognize experience, skills, and education. Our approach ensures fair pay internally while remaining competitive externally and allows room for growth. Comprehensive benefits package: Health coverage: medical, dental, vision, fsa, onsite clinic (CO employees), life insurance 401(k) retirement plan with company match Vacation, holiday, and leave policies Tuition reimbursement, Employee recognition programs, Employee assistance programs Particle Measuring Systems is proud to be an Equal Opportunity Employer and are committed to building an inclusive and supportive workplace where everyone can thrive.

Are you looking for a unique opportunity to be a part of something great? Want to join a 17,000-member team that works on the technology that powers the world around us? Looking for an atmosphere of trust, empowerment, respect, diversity, and communication? How about an opportunity to own a piece of a multi-billion dollar (with a B!) global organization? We offer all that and more at Microchip Technology Inc. People come to work at Microchip because we help design the technology that runs the world. They stay because our culture supports their growth and stability. They are challenged and driven by an incredible array of products and solutions with unlimited career potential. Microchip's nationally-recognized Leadership Passage Programs support career growth where we proudly enroll over a thousand people annually. We take pride in our commitment to employee development, values-based decision making, and strong sense of community, driven by our Vision, Mission, and 11 Guiding Values; we affectionately refer to it as the Aggregate System and it's won us countless awards for diversity and workplace excellence. Our company is built by dedicated team players who love to challenge the status quo; we did not achieve record revenue and over 30 years of quarterly profitability without a great team dedicated to empowering innovation. People like you. Visit our careers page to see what exciting opportunities and company perks await! Job Description: Position Overview Microchip's Frequency and Timing Division is a world leader in precise time solutions and sets the world's standard for time. The division generates, distributes and applies precise time for the communications, aerospace/defense, IT infrastructure, and metrology industries. Microchip's customers, from communications service providers and network equipment manufacturers to governments and their suppliers worldwide, are able to build more reliable networks and systems by using the company's advanced timing technologies, atomic clocks, services, and solutions. Microchip products support today's precise timing standards, including GPS-based timing, IEEE 1588 (PTP), Network Time Protocol (NTP), and Synchronous Ethernet. Our Government Systems group in Boulder, CO is seeking an Senior Engineer II- Information Security Systems (ISSE) to provide technical support in the design, implementation, and sustainment of cybersecurity capabilities across complex enterprise and mission systems. The ISSE ensures compliance with governing standards and frameworks, including NIST Risk Management Framework (RMF), NIST SP 800-53, ICD 503, CNSSI 1253, and DISA STIGs. This role requires technical aptitude to troubleshoot Linux and Windows servers, end-user nodes, Cisco switches, and enterprise shared storage systems, while applying continuous monitoring practices to maintain compliance and strengthen mission assurance. Key ResponsibilitiesSecurity Engineering & Architecture Engineer and integrate security controls into system and network architectures, including virtualized platforms, shared storage, and mission networks. Translate NIST and CNSS security controls into technical designs and secure implementations. Technical Troubleshooting & Support Provide advanced troubleshooting for: Linux and Windows servers (configuration, patching, service integrity). Linux and Windows end-user workstations/nodes (endpoint compliance and hardening). Cisco switches and network devices (VLANs, ACLs, port security, logging). Shared drives and enterprise file systems (permissions, access auditing, data protection). Collaborate with administrators and engineers to resolve technical issues while maintaining compliance. Continuous Monitoring Implement and sustain continuous monitoring for common and system-specific controls, including automated vulnerability scanning, patch compliance, and SIEM log analysis. Correlate monitoring results across systems, assess control effectiveness, and recommend remediation strategies. Conduct technical security assessments using Tenable, DISA STIGs, CSO Benchmarks, and related NIST guidelines. Analyze results, prioritize risk, and lead remediation with system and network teams. Requirements/Qualifications: Active Top Secret/SCI clearance w/ CI Poly. US citizenship Bachelor's degree in Cybersecurity, Computer Science, or related discipline (or equivalent experience). 7+ years of cybersecurity engineering experience with demonstrated expertise in NIST RMF and related standards. Proven ability to troubleshoot and support Linux/Windows servers and endpoints, Cisco network devices, and enterprise storage systems. Hands-on experience with compliance and monitoring tools (Tenable/ACAS, Splunk/ELK, HBSS/ESS). Occasional travel to client sites in other states. Trips typically last 3-5 days and occur less than once per quarter. Benefits Wellness & Medical Benefits effective on your First Day of Employment Gold Standard in Medical, Prescription Drug, Dental & Vision Benefits Quarterly Employee Cash Bonus Plan Restricted Stock Grant Employee Stock Purchase Plan Tuition Reimbursement 401K Retirement Savings Plan Spending Accounts Life Insurance Long Term Care Legal Employee Assistance Plan Paid Time Off Vacation Pay Absence Time - "Sick Pay" 10 Paid Holidays U.S. Export Controls Requirements: This job requires access to technology, materials, software or hardware that is controlled by the export laws of the United States. Candidates are required to provide proof of either US citizenship, Permanent US residency or classification as a protected individual as defined in 8 USC 1324b (a) (3). Travel Time: 0% - 25% Physical Attributes: Bending at Waist, Carrying, Feeling, Handling, Hearing, Kneeling, Other, Pulling, Pushing, Reaching, Seeing, Talking, Works Alone, Works Around Others Physical Requirements: 70% sitting; 15% walking; 15% standing; 100% in doors; Usual business hours Pay Range: We offer a total compensation package that ranks among the best in the industry. It consists of competitive base pay, restricted stock units, and quarterly bonus payments. In addition to these components, our package includes health benefits that begin day one, retirement savings plans, and an industry leading ESPP program with a 2 year look back feature. Find more information about all our benefits at the link below: Benefits of working at Microchip The annual base salary range for this position, which could be performed in Colorado, is $70,000-$198,000.* *Range is dependent on numerous factors including job location, skills and experience. Application window will remain open until qualified candidates have been identified. Microchip Technology Inc is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. For more information on applicable equal employment regulations, please refer to the Know Your Rights: Workplace Discrimination is Illegal Poster. To all recruitment agencies: Microchip Technology Inc. does not accept unsolicited agency resumes. Please do not forward resumes to our recruiting team or other Microchip employees. Microchip is not responsible for any fees related to unsolicited resumes.

Join the Market Leader in Electric Power Data and Analytics Solutions The electrical grid is the largest and most complicated machine ever built. Yes Energy's industry-leading electric power trading analytics software provides real-time visibility into the massive amount of data generated by the North American electrical grid daily. Our unique and innovative view of the data informs real-time trading decisions and mid-to-long-term investment decisions that keep utility prices low, support the energy transition, and keep the grid running. It's both challenging work and work with a purpose. Be a part of our successful, growing business during international transformation. Position Summary As a Security Analyst II, you will be helping keep the grid safe and our customers secure. You will be part of our growing Security & Compliance team, building security automations, creating baselines for on-premises and cloud environments, assisting teams with vulnerability scans and management, supporting our compliance team with evidence gathering and audits, and more. This is an opportunity to be part of a small team with increasing importance and responsibility. You will help Yes Energy stay secure into the future. Position Details Salary range: 80,000 - 95,000 Location: Yes Energy Core Offices or Remote Full-time Reporting to: Senior Manager, IT and Compliance Travel requirement: up to 15% to Yes Energy's core offices Primary Responsibilities Review and triage findings from vulnerability scans, penetration tests, and configuration assessments to identify potential security risks. Work with DevOps, engineers, and system owners to remediate vulnerabilities across multi-cloud and on-prem assets. Support secure configuration baselines for AWS, Azure, and Oracle Cloud resources. Monitor cloud environments for misconfigurations and suspicious activity. Assist with IAM policy reviews and privilege audits. Write scripts (Python, PowerShell, or Bash) to automate detection, reporting, or remediation of security issues. Integrate security tools and data into dashboards or workflow systems (e.g., Jira, SIEM, or ticketing). Provide technical evidence and control implementation support for SOC 2, ISO 27001, or customer security assessments. Partner with the compliance team to map technical controls to framework requirements. Assist with incident triage, response, and root cause analysis. Support endpoint protection, log monitoring, and threat intelligence initiatives. Minimum Qualifications Bachelor's degree in a related field or equivalent related experience Minimum of two years of experience with security exposure in information security, systems administration, or DevOps. Proficient in at least one scripting language (Python, PowerShell, or Bash). Strong understanding of operating systems, networking, and cloud fundamentals. Knowledge of security frameworks such as NIST Familiarity with vulnerability management tools (e.g., Tenable, Qualys, Rapid7, AWS Inspector, or Microsoft Defender). Working knowledge of AWS, Azure, and/or Oracle Cloud security controls and services. Comfortable working cross-functionally with engineering, IT, and compliance teams. Knowledge, Skills, and Abilities Ability to travel up to 15% to assist in team building and planning exercises. Strong, professional communication skills, both verbal and written, including the skill in articulating and translating technical language to non-technical customers. Ability to plan for contingencies and anticipate problems. Ability to ask critical questions to assess needs and requirements Preferred Qualifications Experience with SIEM or SOAR platforms (e.g., Splunk, Microsoft Sentinel). Familiarity with infrastructure such as code (Terraform, CloudFormation). Exposure to compliance frameworks such as SOC 2, ISO 27001, or NIST 800-53. Security certifications (Security+, GSEC, AWS Security Specialty, or similar). Endpoint Security/Patching/Inventory experience At Yes Energy, we value connecting directly with candidates. We kindly ask that third-party recruiters and agencies not submit resumes, as we are not open to external recruiting partnerships. ABOUT YES ENERGY Overview Yes Energy delivers real-time market data and electric power trading decision solutions. Over 1,000 market participants use Yes Energy solutions daily. The business is a leader in all aspects of information content collection and management, developing and delivering data and market analytics solutions. Since its inception in 2008, Yes Energy has become a trusted and respected supplier of innovative and reliable solutions focused on the needs of power market analysts, traders, and trade managers. Yes Energy has a team of over 350 amazing professionals in Boulder, CO (HQ); Boston, MA; Chicago, IL; Glendora, CA; Richmond, VA; London, United Kingdom; Auckland, New Zealand, Tokyo, Japan; and Bucharest, Romania. Culture Yes Energy has been named one of the Best Places to Work in Colorado, and we have the culture to prove it. At Yes Energy, we care about saying “Yes” to customers. We like to listen, learn, and develop our solutions in line with their needs. We think about customers as business partners, and when we help them be more successful … we are more successful, too. Around the office, our culture is driven by some pretty fundamental values that we're proud of: We love innovation and solving tough challenges; We are “high standards people” who combine passion and pride with hard work and rewards of all kinds-- in an ethic that is consistent across the company; We're team-focused with a flat hierarchy-- we work in small teams on well-defined projects that directly impact the success of the business; We play to the strengths and experience of each person while each of us also works along a continuum of roles adjacent to our focus area. This presents the challenge of maintaining a broad set of skills as well as an opportunity to learn and contribute in many ways; We are constantly growing. Professional development happens every day and every year. Compensation and Benefits We offer highly competitive salaries and real bonuses that are achievable and that you can impact. Our benefits package is also very competitive, including medical insurance, a 401 (k) Plan with matching, flexible vacation, and flexible work schedules. Yes Energy encourages and funds investment in both formal and informal professional development. At Yes Energy, we are dedicated to building a diverse, inclusive, and authentic workplace. If you're excited about this role but your experience doesn't perfectly align with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles. In accordance with Colorado law, the range provided is Yes Energy's reasonable estimate of the base compensation for this role. The actual amount may be higher or lower based on non-discriminatory factors such as location, experience, knowledge, skills, and abilities. Yes Energy provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, Yes Energy complies with applicable state and local laws governing nondiscrimination in employment in every location where the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Responsible for providing network security expertise related to any of the following: activation and turn up of customer security equipment, failover testing, monitoring network security devices, troubleshooting, investigation of events, debug, investigation of incidents, escalation or mitigation of incidents and events, network security analysis, or deployment of devices. 2-4 years of experience in IT, networking or cybersecurity required. Targeted and Recommended Certifications and Skills: Fortinet / Fortigate Security Experience Needed - Top skill One of the following - NSE4, NSE 5-Analyzer, NSE 5 - Manager, NSE 7 CCNA CCNP Cisco Router/Routing Background IRF- integrated router firewall background Next-Generation Firewall background Routing background Project Date and Time needs: Monday to Friday ** Standard Business Hours **

Job Details Level: Experienced Position Type: Full Time Education Level: 4 Year Degree Salary Range: $78068.04 - $97585.05 Salary Job Shift: Day Description We recognize that in order to meet the needs of our communities, we must represent our communities. Our success relies on creating a culture where we have diverse perspectives and a true sense of belonging. This is a journey, and we pledge to do more than simply check the box. When you join the Meritrust team, your benefits will include: * Comprehensive medical insurance plan * Dental and vision insurance * Generous paid-time-off * 12 paid holidays * Annual bonus (based off of annual results/scorecard each year) * 401(k) plan * Wellness program * Tuition assistance * Employee loan discount * Employee Assistance Program (EAP) * Life and disability coverage What sets working for Meritrust apart? * Career development and pathing opportunities to move into leadership roles or other lines of business within MCU such as Commercial Lending, Finance, Marketing, Underwriting, Member Solutions, Training, Human Resources, and more. * Supportive and engaging work environment. * A wellness and sustainable work culture that puts family, Mother Nature, our community, and your health first. * A work environment that encourages personal as much as professional growth, teamwork to make the dream work, and treating everyone equally. * Studies have shown that individuals from marginalized and or historically underrepresented groups may be less likely to apply for jobs unless they meet every one of the qualifications listed. We are most interested in finding the best candidate for the job. We would encourage you to apply for a job at Meritrust Credit Union, even if you don't meet every one of our qualifications listed. This is a full-time position working 40 hours a week, Monday-Friday 8:00am - 5:00pm. POSITION SUMMARY Responsible for executing the Governance, Risk, and Compliance (GRC) program within Information Security team for Meritrust Credit Union (MCU). This position reports to the AVP, Security Analysis. Will work closely with the Risk and Compliance department in ensuring MCU is meeting regulatory requirements and organizational risk tolerance. This position is responsible for maintaining all operational tasks within the information security portfolio including security training, building and reviewing security policies and controls, conducting risk reviews of systems and compliance with information security best practices. ESSENTIAL FUNCTIONS Governance * Stay current with Financial Regulations such as FFIEC guidelines, NCUA requirements, and other compliance regulations. * Familiar with Information Security Frameworks such as PCI DSS, NIST 800-53, FedRAMP, ISO 27001, CIS, MITRE ATT&CK, OWASP Top 10, etc., * Build and integrate the security frameworks into the MCU Information Security Program, ensuring organizational compliance. * Develop, implement, and maintain policies, standards, and procedures to ensure alignment with MCU security objectives and industry best practices. * Design and conduct employee training on compliance, information security, and risk management topics with a focus on safeguarding MCU assets, including member data. Risk Management * Perform risk assessments to identify and mitigate risks related to member data, application security, and security tool health checks. * Analyze and document identified risks, providing actionable mitigation recommendations. * Support the Information Security Incident Response Plan (ISIRP), Business Continuity and Disaster Recovery (BC/DR) plans and assist tabletop exercises to ensure operational resilience. Compliance * Monitor and support compliance efforts related to regulations and frameworks such as NCUA, NIST, ISO, PCI DSS, CIS, MITRE ATT&CK, OWASP Top 10, and other relevant frameworks. * Assist with internal and external audits and regulatory examinations, providing required evidence and ensuring timely remediation of findings. * Conduct regular testing of controls in security policies to ensure effectiveness and alignment with regulatory requirements. * Manage findings from audits, risk assessments, security policies control testing, documenting resolutions and tracking remediation progresses. * Participate in the exceptions management process, conducting documentation, risk acceptance, and periodic reviews of exceptions. * Monitor phishing reports and InfoSec tickets submitted by employees, ensuring proper investigation, resolution, and follow-up. Collaboration & Reporting * Collaborate with IT, compliance/risk management, and operational teams to align cybersecurity objectives with MCU security goals. * Provide regular reporting to leadership on the cybersecurity program status, compliance gaps, and risk trends specific to the credit union sector. * Design, implement, and update InfoSec performance metrics and key risk indicators (KRIs) to measure the maturity and effectiveness of the security program. * Act as a resource for employees on GRC-related inquiries to promote a culture of compliance and security awareness. Qualifications REQUIRED EXPERIENCE * 3-5 years of experience in cybersecurity governance, risk management, compliance, or information security engineering roles, preferably within the financial services, banking or credit union industry. * Demonstrated experience in security controls testing, findings remediation, exceptions management, and information security performance metric monitoring. EDUCATION/CERTIFICATION * A bachelor's degree in information security, Computer Science, Network, Cyber Security or relevant field is preferred. * Advanced Degree/Certifications such as CISSP, CISM, CISA, CEH, and CCSP are preferred. OTHER SKILLS/ABILITIES * Ability to maintain a high level of confidentiality. * Strong understanding of regulations and standards relevant to credit unions, including FFIEC, NCUA, SOC 2, NIST, ISO, PCI DSS, CIS, MITRE ATT&CK, OWASP Top 10, and other relevant frameworks. * Proficiency in risk assessment methodologies, operational risk management, and compliance management processes. * Experience in monitoring phishing reports, managing InfoSec tickets, designing, launching and monitoring cybersecurity training tools and programs, and collaborating with cross-functional teams to resolve security incidents. * Proficiency in data analytics tools, including coding (e.g., Python, SQL), Excel (e.g., pivot tables, VLOOKUP, macros) to identify anomalies and generate actionable insights. * Ability to design, update, and analyze InfoSec performance metrics and KPIs, and present findings using PowerPoint. * Exceptional organizational and communication skills, with the ability to convert complex issues into actionable insights for stakeholders. * Flexible and capable of working independently, as part of a team, or cross-functionally to improve security performance, efficiency, and effectiveness. * Passion for learning and solving problems. * Experience with cybersecurity tools and GRC platforms is a plus. WORKING CONDITIONS * Standard office conditions. * Low to moderate noise. * Limited lifting up to 50 lbs. This description has been reviewed to ensure that only essential functions and basic duties have been included. Peripheral tasks, only incidentally related to each position, have been excluded. Essential functions, requirements, skills, and abilities included have been determined to be the minimal standards required to successfully perform the positions. In no instance, however, should the duties, responsibilities, and requirements delineated be interpreted as all-inclusive. Additional functions and requirements may be assigned by supervisors as deemed appropriate. In accordance with the Americans with Disabilities Act, it is possible that requirements may be modified to reasonably accommodate disabled individuals. However, no accommodation will be made which may pose serious health or safety risks to the employee or others or which impose undue hardships on the organization. The Credit Union believes that each employee makes a significant contribution to our success. That contribution should not be limited by the assigned responsibilities. Therefore, this is designed to outline primary duties, qualifications, and job scope, but not limited to the incumbent. It is our expectation that each employee will offer his/her services wherever and whenever necessary to ensure the success of our endeavors. s are not intended as and do not create employment contracts. The organization maintains its status as an at-will employer. Employees can be terminated for any reason not prohibited by law. This Job Description is not a complete statement of all duties and responsibilities of this position and may change with or without notice. Final Compensation for this position will be determined by various factors such as relevant work experience, specific skills and competencies, education, certifications, and internal pay equity. We anticipate this position to close within 30 days of posting. Please submit your application at your earliest convenience to be considered. You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Meritrust Credit Union, we encourage you to apply! Thank you for your interest in Meritrust Credit Union.

Job Title: Security Engineer Location: Must reside within a commutable distance of Asheville, NC, or Boulder, CO to work onsite as required. Hybrid/onsite Clearance: Must have an active NOAA Public Trust clearance or active Secret security clearance. Citizenship: US Citizenship Required Position Type: Full Time/Exempt Salary Range: US market data minimum $115,000.00 - $145,000.00 maximum wage range. You will receive a competitive total rewards package that is applicable to the U.S. only. The salary range may vary based on experience, skillset, and geographical location. AttainX, Inc. is seeking a detail-oriented and highly skilled Application Security Analyst to join our federal cybersecurity team. The ideal candidate will have hands-on experience integrating security tools in CI/CD pipelines and identifying vulnerabilities in web applications through both manual testing and automated analysis tools. Qualifications and Education Requirements: Basic Minimum Qualifications: 5+ years of experience in application security or a related field. Identify, analyze, and mitigate application security vulnerabilities using tools like Checkmarx, Invicti, Black Duck, etc. Collaborate with development teams to integrate secure coding practices and prioritize vulnerability remediation throughout the SDLC. Maintain container images supporting different automated CI/CD security scanning phases. Hands-on experience with static and dynamic application security testing (SAST/DAST). Familiarity with tools such as Invicti, Checkmarx, Black Duck, and similar platforms. Strong understanding of secure coding practices and application vulnerabilities (e.g., OWASP Top 10). Experience working within a Cloud Environment required. (AWS experience preferred) Experience with CI/CD tools and pipelines, integrating security throughout the software development lifecycle (SDLC). Ability to interpret and explain security findings to developers and provide remediation guidance. Excellent communication skills and strong documentation ability. Possess at least ONE (1) of the following professional certifications: CompTIA Security+ Electronic Commerce Council Certified Ethical Hacker (CEH) Certified Information Systems Security Professional (CISSP) Preferred Qualifications: Experience working in Agile development environments with DevSecOps practices. Experience supporting application security for federal agencies. Education / Experience: 5+ years of relevant experience in application security, software development, or DevSecOps. Skills: Application Security, Static & Dynamic Analysis, CI/CD Integration, OWASP Top 10, Security Tooling: Invicti, Checkmarx, Black Duck, GitLab CI/CD Duties: We are searching for an Application Security Analyst to support secure development and implementation of applications. Duties include: Conduct security reviews and static code analysis to identify application vulnerabilities. Integrate SAST, DAST, and SCA tools into CI/CD pipelines. Collaborate with developers to remediate vulnerabilities and promote secure coding practices. Generate and present risk-based security reports to engineering and management teams. Maintain security tooling configurations and ensure up-to-date signatures and policies. Non-Essential Functions: General Duty Requirements About Us: AttainX Inc. is SBA Certified 8(a), Women Owned Small Business (WOSB), Economically Disadvantaged WOSB (EDWOSB), CMMI Level 3, ISO 9001:2015 certified QMS and Silver Level SaFe Partner. For more than 12 years, AttainX, Inc. has delivered emergent technologies, software products, and high-quality services that meet the needs of our Federal Government customers. The last 4 years have shown significant company growth as we have increased our contracts portfolio and hold the “Best in Class” contract vehicles, GSA MAS and OASIS Small Business and 8(a) Pools 1, 2 and 3. In addition, we are prime on several Agency Specific IDIQ's and BPA's with the National Oceanic and Atmospheric Administration, Department of Energy, Navy, Health and Human Service and the Defense Intelligence Agency. AttainX is dedicated to quality and best practices for the services we provide. We understand our people are the key ingredient to ensuring our customers Mission and Goals are met with excellence. Benefits: We are proud to offer competitive compensation and benefits packages to include paid vacation, medical, dental, vision, matching 401K plan, tuition/training reimbursement, and Long & Short-Term Disability. EEO Commitment: AttainX Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, genetic information, veteran status, or any other status protected by applicable federal, state, or local law. We are committed to providing equal employment opportunities for individuals with disabilities and protected veterans in compliance with Section 503 of the Rehabilitation Act of 1973 and the Vietnam Era Veterans' Readjustment Assistance Act (VEVRAA). Accommodations: If you are an individual with a disability and would like to request a reasonable workplace accommodation, please send an email to **************. Indicate the specifics of the assistance needed. Physical Demands: Sitting and working on a computer for long, continuous periods each day; effective communications by telephone, email, and face-to-face; standing, walking, and sitting; handling and feeling objects or controls; reaching; talking and hearing; lifting and/or moving up to 10 pounds; and specific vision abilities including close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust and focus. Work Environment: The noise level in the work environment is usually moderate.

Sierra Space Careers: At Sierra Space, we build the missions and systems that keep our world secure in the domain above Earth. Sierra Space team members share a spirit of innovation and collaboration and a belief that we can deliver on the boldest missions in space today. Together with our customers, we aim to safeguard our nation, sustain human presence in space, and secure the freedom of operations in low Earth orbit and beyond. Our success is measured by the trust of those who rely on what we build and deliver, and our technologies keep the United States and its allies mission-ready throughout space. We are mission-driven, and together, we are an extraordinary team. About the RoleThe Cybersecurity Engineer I is an entry-level position responsible for designing, implementing, and maintaining security measures to protect the organization's information systems. This role involves working with various security technologies, including, encryption, intrusion detection/prevention systems (IDS/IPS), and multi-factor authentication. They will have foundational knowledge of computer networking concepts, protocols, and network security methodologies, as well as an understanding of cybersecurity and privacy principles. The Cybersecurity Engineer I will work closely with senior engineers and cross-functional teams to ensure the security and integrity of the organization's information systems. This position offers the opportunity to gain hands-on experience in cybersecurity engineering, stay updated with the latest industry trends, and contribute to the continuous improvement of the organization's security posture. In this role, you will support the design, implementation, and maintenance of security measures such as encryption, intrusion detection/prevention systems (IDS/IPS), and multi-factor authentication. You will assist in the configuration, deployment, and management of security tools and technologies, while also implementing and managing network security measures to protect data, systems, and networks. Conducting vulnerability assessments and penetration testing to identify and mitigate security risks will be a key responsibility, along with developing and maintaining security policies, procedures, and documentation. You will collaborate with cross-functional teams to integrate security best practices into system designs and deployments, monitor and respond to security incidents and alerts, and provide technical support and troubleshooting. Staying updated with the latest industry trends, emerging threats, and regulatory requirements will be essential, as will participating in security audits and assessments to ensure compliance with cybersecurity frameworks.About You Our mission is driven by an unyielding commitment to advancing space-based technology in service of our customers and safeguarding national security. We seek individuals who are passionate about innovating beyond boundaries and relentlessly pursuing solutions that protect, preserve and empower - to join us in this critical mission. We're looking for team members who align with our values, mission and goals - while also meeting the minimum qualifications below. The preferred qualifications are a bonus, not a requirement. Minimum Qualifications: Requires Bachelor's degree in a related field (or equivalent work experience in lieu of degree). Typically entry-level 0 - 2 years of experience. Certifications: (1 or more required) Network+, A+ Certified Ethical Hacker, SANS (SysAdmin, Audit, Network and Security) level 100 courses or similar. Knowledge of computer networking concepts, protocols, and network security methodologies. Knowledge of cybersecurity and privacy principles. Knowledge of cyber threats and vulnerabilities. Knowledge of audit and logging techniques. Knowledge of structure, architectures, designs, and cybersecurity technologies used in modern communication networks. Knowledge of common cybersecurity frameworks. Preferred Qualifications: Certifications: Security+, CySA+, GSEC, or equivalent. Familiarity with security information and event management (SIEM) tools. Basic understanding of cloud security platforms such as AWS, Azure, or Google Cloud. Strong problem-solving skills and attention to detail. Excellent communication and teamwork skills. Willingness to learn and adapt to new technologies and methodologies. Compensation: Pay Range: $74,085.00 - $101,887.50 Your actual base compensation will be determined on a case-by-case basis and may vary based on job-related knowledge and skills, education, experience, internal equity and market competitiveness. Elevate Your Career At Sierra Space, we are committed to your personal and professional development. We empower you to make profound and meaningful contributions and foster a vibrant culture of collaboration, where teamwork ignites breakthrough innovations. We also offer a generous benefit package, including medical, dental, and vision plans, 401(k) with 150% match up to 6%, life insurance, 3 weeks paid time off, and more. Sierra Space is an industry-leading space and defense technology company providing satellites, spacecraft, and enabling mission systems and components. We deliver mission-proven technologies to our customers that safeguard our nation, protect space-based assets and enable space exploration. Application Deadline: This role will remain posted until a qualified pool of candidates is identified. Please note: Sierra Space does not accept unsolicited resumes from contract agencies or search firms. Any unsolicited resumes submitted to our website or to Sierra Space team members not through our approved vendor list or Talent Acquisition will be considered property of Sierra Space, and we will not be obligated to pay any referral fees. Sierra Space Corporation is an equal opportunity employer and is committed to working with and providing reasonable accommodations to applicants with disabilities. If you need special assistance or a reasonable accommodation related to applying for employment with Sierra Space or at any stage of the recruitment process, please contact us.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Global Channel Management is a technology company that specializes in various types of recruiting and staff augmentation. Our account managers and recruiters have over a decade of experience in various verticals. GCM understands the challenges companies face when it comes to the skills and experience needed to fill the void of the day to day function. Organizations need to reduce training and labor costs but at same requiring the best "talent " for the job. Qualifications Information Security Analyst must work 3rd shift (Wed-Sat) 7pm - 6am MST Information Security Analyst requires: 1-3 years of experience within the IT field Bachelor's degree in computer science, information technology, or related field is required Experience with enterprise information security data management tools such as ArcSight or Splunk is preferred Solid experience in scripting languages such as (or similar to) Python, PERL, and Ruby is a plus• Proficiency with RSA Archer Experience with industry standard frameworks• Experience with YARA, regex, or other host/network-based signature development Information Security Analyst duties: Respond to network and host based security events Minimize the dwell time of threat actors by monitoring, triaging, and validating security events, while maintaining thorough documentation in the case management system Operate with little-to-no direction and define relationships between seemingly unrelated events through deductive reasoning Actively hunting for and dissecting previously unidentified threats in the environment Participate in intelligence sharing and trust groups, then apply this knowledge to security controls Additional Information $38/hr 6 months

ANB Bank has financial strength embodied in $3 billion in assets and is a true community bank with an unwavering commitment to excellence. The bank helps each of its communities prosper through investment, sponsorship, philanthropy, and employee volunteerism. It is a passion ANB has for banking that makes a difference. ANB Bank hires individuals who provide excellent customer service and build meaningful relationships with our customers and within our communities. ANB is committed to rewarding our team members who strengthen our company and culture. ANB offers competitive compensation and a comprehensive benefits package for this position. Hiring Pay Range: $27.00 - $35.50 per hour This position may be eligible to receive an additional $1.00 per hour is approved for the Spanish Communication Assistant ProgramThe hiring pay range for this position is commensurate with the level of relevant experience and education. Health & Wellness Benefits (Subject to Eligibility Requirements) Minimum 4 Weeks of Paid Time Off (PTO)11 Paid HolidaysMedical, Dental, and Vision InsuranceHealth Savings (HSA), Flexible Spending (FSA), and dependent care spending accounts Company provided Live, AD&D, and Disability Insurance with supplementation options 401(k) plan with discretionary company match and profit sharing Discretionary annual bonus and employee referral incentives Employee Assistance Program (EAP) Tuition Reimbursement ProgramSpanish Communication Assistant Program IncentiveEmployee Banking Products Summary * Responsible for implementation and administration of corporate Information Security Systems as listed below. Essential Duties and Responsibilities * Manage Corporate Information Security Systems as follows: * Manage user accounts across multiple solutions. * Engineer, design and installation of intrusion detection/prevention, firewall and other information security solutions. * Manage and maintain log analysis systems, respond to alerts, and generate reports. * Monitor and maintain security setting implementations to enhance security posture without affecting system availability. * Manage and maintain patching solutions and generate reports. * Manage digital evidence collection solution, ensuring proper chain of custody. * Monitor and respond to alerts from various security solutions. * Manage VPN solution and generate reports. * Continuously monitor and evaluate results from vulnerability management solution and generate reports. * Audit software solutions to ensure compliance with Company policies. * Engineer, design, implement and support TCP/IP subnets. * Provide direct technical assistance and support to internal teams as necessary. * Monitor, maintain and control network efficiency using appropriate tools. * Maintain network server applications specific to the Internet, E-Mail and remote access. * Assist in the support of communications devices, such as Routers, switches, etc. * Recommend ways to improve efficiency of Information Security operations. * Ensuring management is made aware of critical events and situations within the department. * Accept phone calls and solve problems after hours during rotating on-call schedule. * Maintains a current knowledge and consistent compliance with Bank Secrecy Act (BSA) requirements, as well as knowledge and consistent compliance with other banking regulations and Bank policies and procedures related to the position. * Delivers quality of service as defined by department standards. * Maintains confidentiality as defined by department standards. * Supports the company's Mission, Vision, and Values. * Other duties may be assigned. Education and/or Experience * Five years of related experience and/or training. * Preferred college degree in related field; or equivalent combination of education and experience. * Other qualifications include: * In-depth knowledge of networking and security concepts; * Experience with patching solution; * Experience managing anti-virus solution; * Experience with intrusion detection and prevention systems; * Experience with Microsoft Active Directory; * Experience managing VPN solution; * Experience managing vulnerability management platform; * Experience showing progressive technical knowledge and understanding. * Performs several, if not all, of the above duties with moderate direction and supervision. * Several Industry standard Information Security advanced certifications (GSEC, CISSP, etc) in good standing and appropriate training and experience required. Work Schedule: Monday - Friday, 8:00am - 5:00pm Equal Opportunity Employer / Affirmative Action / Minorities / Female / Disability / Veteran ANB Bank is committed to providing Equal Opportunity in Employment. The Bank is continually trying to improve recruitment, employment, development, and promotional opportunities for its employees. Our selection decisions are based on job-related factors and not on the basis of age, race, sex, color, religion, national origin, disability, sexual orientation, veteran status, pregnancy, marital status, genetic information, gender identity, or any other status protected by federal, state, or local law. ANB Bank complies with the Equal Pay for Equal Work Act. ANB Bank requests that Applicant not disclose its wage history to ANB Bank. If ANB Bank for any reason comes into possession of Applicant's wage rate history, ANB Bank will not rely on it in determining a wage rate. ANB Bank requests that Applicant not provide information on age, date of birth, or graduation date from any academic institution, including on resumes. Anticipated Date of Application Window Closure: 01/03/2026 (or until filled)

Your Future. Secured. ISC2 is a force for good. As the world's leading nonprofit member organization for cybersecurity professionals, our core values - Integrity, Advocacy, Commitment, Inclusion, and Excellence - drive everything we do in support of our vision of a safe and secure cyber world. Our globally recognized, award-winning portfolio of certifications provide an independent and globally recognized endorsement of cybersecurity knowledge, skills and experience for all career levels. Our charitable arm, the Center for Cyber Safety and Education, enables ISC2 and our members to serve the public by educating the most vulnerable about cyber risks and empowering access to enter and thrive in the cyber profession. Learn more at ISC2 online and connect with us on Twitter, Facebook and LinkedIn. When you join ISC2, you'll demonstrate your commitment to an inclusive and equitable environment. Your support of the unique perspectives and experiences shared by our global cybersecurity workforce and profession will be recognized. We invite you to take an active role in helping us create a true sense of belonging across our organization - an environment of authenticity, trust, empowerment and connectedness that empowers all of our successes. Learn more. **Position Summary** The Application Security Engineer will be an integral part of the security team and will work cross-functionally with several lines of business to ensure the secure delivery of products and applications. The Application Security Engineer will be expected to attend stand-ups and strategy sessions to identify areas of risk and offer consulting on best practices. The Application Security Engineer will act as a champion and will formalize the integration of application security into our current processes and tools. **Responsibilities** The Application Security Engineer will be expected to facilitate technical design reviews, perform code analysis, offer remediation recommendations, perform manual and dynamic security testing, and document and present all findings. The Application Security Engineer will work closely with the Development, Release, and QA teams to identify and coordinate security testing, validate, test, and vet both internally and externally developed applications. As an Application Security Engineer, you will act as a DevSecOps Engineer that will be responsible for secure application delivery as well as the underlying infrastructure. The Application Security Engineer must be comfortable with securing cloud-based products in environments such as AWS, Azure and Salesforce. Additionally, this position will provide security risk assessments, create threat models and assist the team with vulnerability testing. Additionally, this position manages the ISC2 responsible reporting program that supports the organization's secure application delivery objectives. In addition to the daily duties described, the individual will assist the security engineering team in the management of security technologies administered by the group (e.g., WAF, Firewall, IDS, and SEIM). This would be an "as needed" function, which is primarily to provide coverage for those duties when individuals on the security engineering team are out of the office for training or vacation. Additionally, the Application Security Engineer will be expected to participate in the Incident Response team and act as a Subject Matter Expert when dealing with the continuity of our operations and when responding with cyber incidents. + Conduct security assessments: Perform comprehensive security assessments of applications, including static code analysis, dynamic application testing, and penetration testing. Identify vulnerabilities, weaknesses, and potential attack vectors. + Secure code review: Review application source code to identify security flaws, such as insecure authentication mechanisms, input validation vulnerabilities, and potential injection attacks. Provide recommendations for remediation and best practices for secure coding. + Threat modeling: Collaborate with development teams to identify and assess potential threats and risks associated with the application. Use threat modeling techniques to prioritize security controls and countermeasures. + Develop and implement security controls: Design, develop, and implement security controls and countermeasures to protect applications against common security threats, such as cross-site scripting (XSS), cross-site request forgery (CSRF), and SQL injection. Implement secure coding practices and security guidelines. + Vulnerability management: Establish and maintain a vulnerability management program for applications. Track and prioritize vulnerabilities based on their severity and impact. Coordinate with development teams to ensure timely remediation of identified vulnerabilities. + Security testing automation: Develop and maintain automated security testing tools and scripts to streamline the application security testing process. Integrate security testing into the continuous integration and deployment (CI/CD) pipeline. + Security training and awareness: Conduct security training and awareness programs and determine skills training needs for development teams, promoting secure coding practices andawareness of common security vulnerabilities. Stay updated with the latest security trends, attack techniques, and best practices. + Incident response: Provide support during security incidents or breaches related to applications. Participate in incident response activities, including containment, investigation, and remediation. + Compliance and regulatory requirements: Ensure that applications adhere to relevant security compliance standards, industry regulations, and data privacy requirements (e.g., GDPR (General Data Protection Regulation), HIPAA (Health Insurance Portability and Accountability)). Collaborate with compliance teams to address any compliance-related concerns. + Security documentation and reporting: Prepare and maintain security documentation, including security policies, procedures, and guidelines. Generate periodic reports on the security posture of applications and present findings to relevant stakeholders. Other responsibilities include: + Maintain and manage all pipelines from a security perspective. + Onboard new pipelines for security tooling. + Keep pipeline diagrams up to date with current security details. + Serve as the primary SME for the DAST scanner.This includes configuration, testing, vulnerability management, and remediation oversight. + Recommend continuous improvements for the SAST scanner. + Security code release approvals + Maintain and manage the WAF, including signatures, configuration, and threat intel feeds. + Serve as the SME and provide recommendations for ongoing improvements. + Establish baseline WAF signatures for XD Prod following the Silverline migration. + Baseline WAF signatures after code releases. + Serve as the primary point of contact for vetting bug reports and managing the informed disclosure process. + Assist with attestation data gathering. + Support and assist with threat modeling. + Act as the formal backup for the threat modeling and attestation processes. + Review and approve Security Assessment Review reports as needed. + Perform other duties as required. **Behavioral Competencies** + Ability to demonstrate and support the ISC2 Core Values: Integrity, Excellence, Inclusion, Advocacy and Commitment + Function as an architect, who can conduct architecture reviews of new systems and solutions. + Serve as a builder who can build and integrate application security in our SDLC. + Act as a collaborator, who likes to engage with the team and the industry. + Serve as a team player, who will jump in and assist in other security functions as needed. + Function as a leader, who will use your knowledge and to train and guide developers and engineers. + Demonstrate a passion for application security, creative and critical thinking, strong analysis skills, the ability to work in a fast-paced environment, and have familiarity with agile, continuous integration, and continuous deployment. + Experience in securing SaaS-delivered offerings in multiple cloud environments deployed with automation & orchestration. **Qualifications** + Ability to write some code, as needed, to conduct security-focused testing. + Application Experience with common testing tools such as Veracode, Fortify, Zap, Burp, and fiddler, among others. + Application Understanding of common vulnerabilities & remediation. + Application Knowledge and understanding of automation and scripting languages. + Design & code review skills. + A solid understanding of Microsoft platforms such as .NET, Windows, C#, Azure. + General Knowledge of cloud security, API (Application Programming Interface) security, and associated best practices. **Education and Work Experience** + Bachelor's degree in computer science, information systems, related engineering field. Will consider a high school diploma and 10+ years of relevant work experience, as well as current additional credentials (CCSP, GDSP, etc..) in lieu of a degree. + A CISSP and CSSLP are required for this position. + 8+ years of experience in Information Security. + 8+ years of experience with static and dynamic analysis for coding and vulnerability identification and remediation. + 5+ years of Secure Development experience. + Application Experience with implementing Secure Development Lifecycle in an agile environment. + First-hand experience with architectural reviews, application reviews, and penetration testing. + Application Experience with Continuous Integration processes, particularly with building security practices into the pipeline. **Physical and Mental Demands** + Ability to travel up to 10% of time. May also include overnight travel. + Work extended hours, when necessary. + Work in an office environment using dual monitor computer screens. + Sitting for extended periods. **Equal Employment Opportunity Statement** All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic as protected by applicable law. Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process. **Job Locations** _US-Remote_ **Posted Date** _2 weeks ago_ _(11/19/2025 1:29 PM)_ **_Job ID_** _2025-2253_ **_\# of Openings_** _1_ **_Category_** _Information Security_

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Meta Platforms, Inc. (Meta), formerly known as Facebook Inc., builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps and services like Messenger, Instagram, and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. To apply, click "Apply to Job" online on this web page. **Required Skills:** Security Engineer Responsibilities: 1. Build tools that enable connectivity to our infrastructure only from Meta owned and managed devices. 2. Build machine attestation and secure certificate storage solutions to enable strong client trust. 3. Deploy systems that help mitigate security risks by understanding and controlling what software is allowed to execute on our client devices. 4. Develop, validate, and enforce our client security policies. 5. Build and deploy tools and automation that proactively detect and respond to security risks and threats to internal corporate services. 6. Advise and collaborate with other teams. 7. Telecommuting from anywhere in the U.S. allowed. **Minimum Qualifications:** Minimum Qualifications: 8. Requires Bachelor's Degree (or foreign equivalent) in Computer Science, Engineering or a related field and 1 year of experience in the job offered or a computer-related occupation 9. Requires 12 months of experience involving the following: 10. PHP, Golang, Python, C/C++, Rush, or Ruby 11. Designing and deploying security infrastructure such as PKI, key management, and certificate management 12. Endpoint Security & Management 13. Certificate Lifecycle 14. Devices & OS hardening and security policies 15. Identity & Access Management (Authentication & Authorization, SSO) 16. Network Security and 17. Programming and Code Review **Public Compensation:** $178,041/year to $200,200/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Global Channel Management is a technology company that specializes in various types of recruiting and staff augmentation. Our account managers and recruiters have over a decade of experience in various verticals. GCM understands the challenges companies face when it comes to the skills and experience needed to fill the void of the day to day function. Organizations need to reduce training and labor costs but at same requiring the best "talent " for the job. Qualifications 3rd shift (mon, tues, thurs, fri) 7pm - 6am MST Required Skills (Minimum knowledge, skills and abilities to enter the job): • Minimum of 1-3 years of experience within the IT field • Exceptional written and oral communication skills • Strong critical thinking and analytical skills • Attention to detail • Experience handling security incidents, to include reviewing raw log files, data correlation, and analysis • Experience with and thorough understanding of attack vectors, threat tactics, and attacker techniques • Able to proactively perform duties and responsibilities with little-to-no direction • Able to effectively and efficiently collaborate with a diverse and geographically distributed team • Must be willing and able to work a shift routine • Ensure successful handoff of procedures between shifts Desired Skills (Preferred not required): • Bachelor's degree in computer science, information technology, or related field is required • Experience with enterprise information security data management tools such as ArcSight or Splunk is preferred • Solid experience in scripting languages such as (or similar to) Python, PERL, and Ruby is a plus • Proficiency with RSA Archer • Experience with industry standard frameworks • Experience with YARA, regex, or other host/network-based signature development Additional Information $38/hr 6 MONTHS

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Global Channel Management is a technology company that specializes in various types of recruiting and staff augmentation. Our account managers and recruiters have over a decade of experience in various verticals. GCM understands the challenges companies face when it comes to the skills and experience needed to fill the void of the day to day function. Organizations need to reduce training and labor costs but at same requiring the best "talent " for the job. Qualifications Information Security Analyst must work 3rd shift (Wed-Sat) 7pm - 6am MST Information Security Analyst requires: 1-3 years of experience within the IT field Bachelor's degree in computer science, information technology, or related field is required Experience with enterprise information security data management tools such as ArcSight or Splunk is preferred Solid experience in scripting languages such as (or similar to) Python, PERL, and Ruby is a plus• Proficiency with RSA Archer Experience with industry standard frameworks• Experience with YARA, regex, or other host/network-based signature development Information Security Analyst duties: Respond to network and host based security events Minimize the dwell time of threat actors by monitoring, triaging, and validating security events, while maintaining thorough documentation in the case management system Operate with little-to-no direction and define relationships between seemingly unrelated events through deductive reasoning Actively hunting for and dissecting previously unidentified threats in the environment Participate in intelligence sharing and trust groups, then apply this knowledge to security controls Additional Information $38/hr 6 months