Cyber security analyst jobs in Lexington, SC

Title: Security Analyst - Project Lead (8780) Work Mode: Hybrid (3 days onsite per week required) Contract Duration: 12 months (Extension possible) Interview Process: 1 round, virtual video interview required Candidate Requirement: Candidate must be a current South Carolina resident. No relocation allowed. Scope of Work The resource will plan, coordinate, evaluate, document, and report on IRS Pub 1075 compliance activities, including security controls, corrective action plans (CAPs), artifacts, SCSEM requirements, and follow-up remediation. Key Responsibilities • Lead, coordinate, and support preparation efforts for an IRS Safeguard Review. • Review Corrective Action Plans (CAPs) for effectiveness and determine compliance readiness. • Review SSR, SSPs, and SSAs to ensure alignment with IRS Publication 1075. • Identify relevant IRS Safeguard Computer Security Evaluation Matrix (SCSEM) controls and assess agency compliance. • Provide technical advice for remediation of non-compliant SCSEM control areas. • Assist and coordinate follow-up actions after the Safeguard Review, including CAP development for findings. • Provide expert analysis of proposed technical solutions to ensure compliance with IRS Pub 1075. • Conduct research and recommend security improvements for systems and infrastructure. • Use the agency's established project management methods for planning, coordination, communication, and reporting. • Communicate effectively with both technical and non-technical staff, including federal and state stakeholders and executive leadership. Required Skills (Must Have) • 5+ years of expert-level experience as a Security Analyst, including risk assessment, vulnerability management, and incident response. • 3+ years of experience preparing for and actively supporting at least one IRS Safeguard Review at a state agency. • 3+ years of experience working with and applying IRS SCSEM requirements including implementation, compliance assessment, and documentation. • 3+ years of experience with IRS Publication 1075 (Rev. 11-2021) compliance. • Strong proficiency with Microsoft Office, SharePoint, and Microsoft Teams. • Excellent oral and written communication skills across multidisciplinary teams. • Knowledge of applicable IT security standards (e.g., ISO, IEEE). Preferred Skills • Experience with Child Support Enforcement systems or knowledge of Child Support program operations and objectives. • Experience with federal or state regulatory compliance frameworks such as FISMA, NIST, or IRS Publication 1075. • Experience developing and maintaining technical documentation and audit support for safeguard reviews, security audits, and compliance assessments.

Enlighten, honored as a Top Workplace from USA Today, is a leader in big data solution development and deployment, with expertise in cloud-based services, software and systems engineering, cyber capabilities, and data science. Enlighten provides continued innovation and proactivity in meeting our customers' greatest challenges. Why Enlighten? At Enlighten, our team's unwavering work ethic, top talent and celebration of innovative ideas have helped us thrive. We know that our employees are essential to our company's success, so we seek to take care of you as much as you take care of us. Here are a few highlights of our benefits package: • 100% paid employee premium for healthcare, vision and dental plans. • 10% 401k benefit. • Generous PTO + 10 paid holidays. • Education/training allowances. Anticipated Salary Range: $114,236.00 - $160,000.00. The salary range for this role is intended as a good faith estimate based on the role's location, expectations, and responsibilities. When extending an offer, Enlighten takes a variety of factors into consideration which include, but are not limited to, the role's function, internal equity and a candidate's education or training, work experience, certifications and key skills. Occasionally positions/roles may include additional non-recurrent compensation and will be addressed by the recruiter during the interview process. Job Description Enlighten is looking for a Cyber Hunt Analyst with Data Science experience to apply strong cyber security, Defensive Cyber Operations (DCO), and networking domain knowledge to support cyber analytics product development, threat analysis, statistical analysis, model development, and direct customer mission support. Regular cyber hunt activities consist of hunting for threats, reporting on findings, and converting tools, techniques, and processes into automated capabilities for the current cyber platform. Regular data science activities consist of operational research, statistical analysis, hypothesis testing, model building/testing, and communicating results using visualizations. Will also be responsible for collecting customer Cyber Operations requirements, generating use cases, providing Cyber SME support, and system training to end users. #LI-DW2 #Mid-Senior Level Essential Job Responsibilities Conduct threat hunt operations on assigned Big Data Platform(s) - BDP. Present threat hunt findings through live - interactive remote conference sessions. Perform data analytics across disparate data sets. Assist customer(s) with their threat hunting operations. Perform quality assurance checks on data that is resident on the BDP. Evaluate and analyze new data feeds to determine relevance and usability of data. Support BDP analytic requests (data search, visualizations, dashboards..etc). Provide real time customer support during normal working hours (BDP support chat room). Maintain situational awareness of emerging cyber threats for possible action and notification to an impacted customer(s). Support BDP demonstration requests to showcase various capabilities of the platform. Support BDP training events either in person or virtually. Provide advice on data enrichment and functions to enhance customer experience. Other duties as assigned Minimum Qualifications Security Clearance - A current Secret level U.S. Government Security Clearance is required with the ability to obtain a TS/SCI level clearance; U.S. Citizenship required. 5+ years of experience in cyber security operations related fields and a Bachelors in related field or 3 years experience with Masters; or High School Diploma and 9 years experience. Experience with supporting DoD customers, ideally supporting US Cyber Command, DISA, or DCDC. Cyber Hunt methodologies and techniques. SIEMs - (e.g., Splunk, Q-Radar, ELK). SOARs (e.g., Sentinel, CORTEX, X-SOAR). Developing and deploying threat detection signatures and detecting host and network-based intrusions. Collecting data from a variety of cyber defense resources. (e.g., CVE, OSINT). Recognizing and categorizing types of vulnerabilities and associated attacks. Reading and interpreting signatures (e.g., SNORT, SIGMA, Yara, YAML). Cyber defense and vulnerability assessment tools and their capabilities. Network traffic analysis methods (e.g.,TCP-DUMP, Wireshark, Bro/Zeek). Familiar with cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks), and incident response and handling methodologies. (e.g., MITRE ATT&CK, LM Killchain). Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. Excellent customer service, public speaking, and presentation skills. Ability to complete technical tasks without supervision. Ability to foster and support a collaborative working environment. Must have Data+, Security+, CySA+, GCIH, GNFA, GCFA or other industry recognized Cybersecurity Certification. Travel as needed to support all duties listed above. Must be able to work on customer site on average 4 days a week in either Columbia or Ft. Meade, MD. Flexibility is essential to adapt to schedule changes as needed. Preferred Requirements TS/SCI level clearance is preferred. DoD SOC experience is a plus We have many more additional great benefits/perks that you can find on our website at **************** [eitccorp.com].

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all. The exceptional EY experience. It's yours to build. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. Today's world is fuelled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. **The opportunity** Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performing digital forensic analysis, following security incident response standard methodologies, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process. **Your key responsibilities** + Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified + Forensically analyze end user systems and servers found to have possible indicators of compromise + Analysis of artifacts collected during a security incident/forensic analysis + Identify security incidents through 'Hunting' operations within a SIEM and other relevant tools + Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions + Provide consultation and assessment on perceived security threats + Maintain, manage, improve and update security incident process and protocol documentation + Regularly provide reporting and metrics on case work + Resolution of security incidents by identifying root cause and solutions + Analyze findings in investigative matters, and develop fact based reports + Be on-call to deliver global incident response **Skills and attributes for success** + Resolution of security incidents by identifying root cause and solutions + Analyze findings in investigative matters, and develop fact-based reports + Proven integrity and judgment within a professional environment + Ability to appropriately balance work/personal priorities **To qualify for the role you must have** + Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field + 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering; + Understanding of security threats, vulnerabilities, and incident response; + Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis; + Be familiar with legalities surrounding electronic discovery and analysis; + Experience with SIEM technologies (i.e. Splunk); + Deep understanding of both Windows and Unix/Linux based operating systems; **Ideally, you'll also have** + Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH + Background in security incident response in Cloud-based environments, such as Azure + Programming skills in PowerShell, Python and/or C/C++ Understanding of the best security practices for network architecture and server configuration **What we look for** + Demonstrated integrity in a professional environment + Ability to work independently + Have a global mind-set for working with different cultures and backgrounds + Knowledgeable in business industry standard security incident response process, procedures, and life cycle + Excellent teaming skills + Excellent social, communication, and writing skills **What we offer you** The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary range/s. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $87,700 to $164,000. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $105,200 to $186,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society, and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy, and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

Savannah River National Laboratory (SRNL) is seeking a Cyber Security Analyst to join the Cyber Engineering team! The selected individual will work with other team members to ensure robust security controls are selected, implemented, and maintained for a NIST RMF accredited boundaries within unclassified environments. Minimum Qualifications: Bachelor's degree in relevant field of study and 4-6 years of work experience At least 1 general cybersecurity certification and 1 technical certification Technical skills include: understanding security architectures, encryption, firewalls, IDS/IPS, Network security protocols, and applying STIGs. Experience and proficient with cyber tools for vulnerability assessments, SEIM, Endpoint protection and security frameworks. Strong understanding of risk management and experience with familiarity with cloud security principles Soft skills include excellent communication and interpersonal skills, strong attention to detail, ability to multi-task and to collaborate in a team environment For ability to obtain and maintain a security clearance, US Citizenship is Legally Required Preferred Qualifications: Understanding of NIST Risk Management Framework and Control Sets (i.e., NIST 800-37 and NIST 800-53) Current of former experience with DOE cybersecurity or a federal-contractor cybersecurity technical position Experience with zero-trust architecture Ability to learn new technologies, concepts, and processes quickly Splunk or Tenable Certifications Active DOE clearance Team in designing, implementing, and maintaining secure environments applying the NIST RMF framework. Develop strategies for complex security strategies unique to their operating environment. Implement enforceable technical security controls for protection of networks and systems using authorized sources such as STIGs and SRGs Support the ISSO with the technical aspects of the development and ongoing maintenance of security controls and authorization activities Perform and review technical assessments and security reports Work effectively in a team environment to resolve issues and contribute to continuous process improvement efforts Interact with customers and peers in a professional and responsive manner to ensure secure practices. Provide expert support and communicate effectively on security matters

DNI is on the lookout for a Senior Cyber Security Analyst - Information Systems Security Manager (ISSM) to deliver expert guidance in Information Systems Security and cybersecurity support for the Enterprise Information Services at the Department of Energy (DOE) Savannah River Operations Office (DOE-SR), located at the Savannah River Site (SRS) in Aiken, SC. Requirements Reports to the Chief Information Security Officer (CISO) and Program Manager. Oversee the Authority to Operate (ATO) lifecycle, manage risk assessments, develop and monitor Plan of Action and Milestones (POAMs), ensuring compliance with security standards and timely mitigation of organizational boundary security risks. Actively participate in the bi-weekly accreditation boundary meetings and keep the AODR informed of any changes/updates to eRAMS/POA&Ms/STAR items or any new VPM and CM issues that may arise. Provide technical and procedural cyber security advice to DOE, associate contractor partners, and Industrial Control Systems (ICS) teams as necessary. Oversee operational information systems security implementation programs. Coordinate with Information System Security Officer (ISSO) or PSO on approval of External Information Systems (e.g. guest systems, interconnected system with another organization). Oversee ISSOs to ensure they follow established policies and procedures and timelines. Ensure CM policies and procedures for authorizing the use of hardware/software on an IT system are followed. Any additions, changes or modifications to hardware, software, or firmware must be coordinated with the AODR prior to the addition, change or modification. ISSM shall have authority to veto any proposed change they feel is detrimental to security in boundaries under their purview. Appeals on an ISSM/ISSO veto may be taken to the AODR. Ensure approved procedures are used for sanitizing and releasing system components and media as necessary. Ensure proper measures are taken when cyber security incident or vulnerability is discovered. Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures. Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance. Manage, maintain, and execute the information security continuous monitoring plan. Ensure a record is maintained of all security-related vulnerabilities and ensure serious or unresolved violations are reported to the AODR; and assess changes to the system, its environment, and operational needs that could affect the security authorization. Other related tasks as assigned. Support information technology (IT) security goals and objectives and reduce overall organizational risk; Advise senior management (e.g., Chief Information Security Officer [CISO] and Chief Information Officer [CIO] on risk levels and security posture.); Advise appropriate senior leadership of changes affecting the organization's cybersecurity posture; Communicate the value of information technology (IT) security. Knowledge, Skills, and Abilities: Highly organized individual with exceptional communication skills, ensuring all stakeholders are consistently informed and updated as required. Excellent written and oral communication skills (writing samples may be requested). Attention-to-detail is critical, proven ability to look closely at your work to identify and correct errors, spot and improve weaknesses and produce a near-perfect end-result. Ability to identify problems, brainstorm and analyze answers, and implement the best solutions. Ability to develop and review security related procedures or processes and reports. Demonstrated ability to provide clear, precise, and factual information to senior leaders, team members, and external stakeholders. Capable of attending all customer-required meetings and promptly providing responses as requested. Familiarity with applicable regulations affecting Cyber Security NIST 800 Series Standards. Clearance: Must possess (or be able to obtain) a “Q” level security clearance. Education: A bachelor's degree in information technology systems, computer science, or related field and experience in information technology systems or related area. Relevant experience may be substituted for education on a year-for-year basis. Experience: 7+ years in IT security or related field. Authority to Operate Life Cycle (ATO), Risk Management, POAMS & Milestones Certification: Highly desired certifications: Certified Information System Security Professional (CISSP) Certified Information Security Manager (CISM) Benefits Covers 100% of employee benefit premiums, including Medical (PPO or HDHP Option), Vision, Dental Matching 401K Short- and Long-Term Disability Pet Insurance Professional Development/Education Reimbursement Parking and Transit Benefits for NY, NJ, ATL, and DC Metro areas Other Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Meta's Product Security team is seeking a experienced hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people. You will be relied upon to provide engineering and product teams with the web, mobile, or native code security expertise necessary to make informed product decisions. Come help us make life hard for the bad guys. **Required Skills:** Product Security Engineer, AI Responsibilities: 1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more 2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities 3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products **Minimum Qualifications:** Minimum Qualifications: 4. BS or MS in Computer Science or a related field, or equivalent experience 5. 8+ years of experience finding vulnerabilities in interpreted languages. Knowledge of best practice secure code development 6. Experience with exploiting common security vulnerabilities 7. Knowledge of common exploit mitigations and how they work 8. Coding and scripting experience in one or more general purpose languages **Preferred Qualifications:** Preferred Qualifications: 9. Experience creating software that enables security processes, especially those leveraging AI/ML for automation or augmentation 10. Experience creating software that enables security processes 11. 8+ years of experience finding vulnerabilities in C/C++ code 12. Contributions to the security community (public research, blogging, presentations, bug bounty) 13. Demonstrated ability to collaborate with AI researchers or engineers to apply AI in security workflows **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. Coinbase stores more digital currency than any company in the world, making us a top tier target on the internet. Security is core to our mission and has been a key competitive differentiator for us as we scale worldwide. Essential to scaling is building and running a security compliance program that reflects how we protect the data and assets in our care, to open the doors with customers, regulators, auditors, and other external stakeholders. If you love working with fast moving companies to grow and scale security compliance engines and create positive change across the business, we'd like to speak with you about joining our team. Coinbase is looking for a Security Compliance Senior Analyst to drive the second line of defense IT SOX initiatives and help mature the IT SOX program. *What you'll be doing (ie. job duties):* * Lead Security and IT initiatives to support the SOX roadmap and advance program maturity * Assist with SOX planning activities, including scoping of IT systems and creating training material to owners in preparation for SOX audit * Lead security control gap assessments over SOX control environment, recommend remediation plans and track through completion * Assess SOX implications of new products, update relevant controls, and communicate requirements to product organization and other stakeholders * Provide ongoing reporting to stakeholders and leadership on above responsibilities and communicate progress and escalations management * Perform SOX audit and control impact analysis as a result of security and technology incidents and partner with owning teams on control uplift activities * Build close relationships with stakeholder teams including Security, IT, Infrastructure, Engineering, Data, and Finance to advise on SOX requirements and ensure excellence in control ownership * Create and improve SOX procedural documentation, including process documentation, data flow diagrams, and uplifting templates * Work closely with internal and external auditors to educate them about a complex technology control environment * Oversee quality of audit initiatives, identify and analyze process gaps, provide guidance and expertise to team members * Develop creative solutions to prove risk mitigation and solve for complex audit problems faced by the crypto industry * Identify opportunities to address systemic program challenges, recommend solutions and drive efficiency through AI and automation *What we look for in you (ie. job requirements):* * Minimum of 5+ years of security/IT compliance or equivalent experience * Strong knowledge and hands-on experience in Internal Controls over Financial Reporting, SOX 404 frameworks, and testing to support compliance * Prior experience at a big 4 accounting firm * Experience leading compliance initiatives from start to finish * Proven understanding and audit experience of cloud technologies, AWS preferred * Ability to effectively and autonomously accomplish outcomes across cross-functional teams in ambiguous situations with minimal supervision * Strong oral and written communication skills * Ability to multitask, direct cross functional work, and hold others accountable to committed deadlines in a fast paced environment * Ability to communicate with technical / non-technical stakeholders to align on shared outcomes * Experience in Financial services, Big Tech, or FinTech *Nice to haves:* * BA or BS in a technical field or equivalent experience * Security certifications e.g. CISA, CISSP, CISM or other relevant certifications * Experience auditing in Crypto space Position ID: P73675 \#LI-Remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $167,280-$196,800 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

SCOPE OF THE PROJECT: The SCDHHS Office of Information Assurance (OIA) is charged with ensuring the security and compliance of SCDHHS' information systems and data. OIA seeks experienced consultants to assist with the establishment, implementation, and/or enhancement of information system security and compliance efforts based on Federal, State, and Agency regulatory requirements, policies, standards, and guidelines. Role Summary/Purpose Overview: The IA Analyst will report to the Office of Information Assurance and operate as an experienced information assurance consultant to SCDHHS leadership, business units, business partners, vendors, and other stakeholders. Security Program Experience: Demonstrated work experience and high degree of familiarity with FISMA or NIST Risk Management Framework-based programs is required. Experience and knowledge of MARS-E is preferred. This experience should include documented success in the creation and maintenance of Risk Management Framework (RMF) and Assessment and Authorization (A&A) artifacts such as System Security Plans, Privacy Impact Assessments, Interconnection Security Agreements, Computer Matching Agreements, and Plans of Action and Milestones. Such experience will necessarily require excellent communication skills with the ability to interview staff and vendors, to review and analyze existing documentation and diagrams, and to create or collect other required supporting documents as appropriate. Experience with integrating RMF and A&A tasks into the System Development Life Cycle (SDLC) is preferred. Experience in security as related to Cloud services and vendor management is desirable for this position. Technical Knowledge: Although this is not a technical position, suitable candidates will have a good working knowledge of a broad range of information technologies such as IBM System 390/zSeries, Linux and Windows servers, database management systems, firewalls, IPS solutions, switching and routing infrastructure, data types and data classifications, and related information technologies and concepts. General Duties and Responsibilities: 1. Assist in the development, implementation, and/or ongoing maturation of SCDHHS security and compliance initiatives. 2. Audit and assess internal agency systems as well as business partner, service provider, and vendor information system security controls. 3. Utilize the Microsoft Office software suite, eGRC system, Bizagi, Atlassian, and other products to document and report on information gathered during audit and assessment activities or other OIA efforts. 4. Participate in third-party audits and/or assessments of agency and business partner systems. 5. Collaborate with agency leadership, business partners, and other parties/stakeholders to provide recommendations for security and compliance risk mitigation efforts. REQUIRED CERTIFICATION: ISC(2), ISACA, SANS GIAC, or other similar Information Security Certification is required. EDUCATION PREFERRED: Bachelor's degree in computer science or similar discipline is preferred. 1. Strong working knowledge of FISMA, NIST, and HIPAA Security and Privacy requirements, standards, and guidelines. 2. 5+ years of experience working in the Information Technology field or auditing Information Technology systems or programs. 3. ISC(2), ISACA, SANS GIAC, or other similar Information Security Certification is required. 4. Documented experience in the creation and maintenance of Risk Management Framework (RMF) and Assessment and Authorization (A&A) artifacts such as System Security Plans, Privacy Impact Assessments, Interconnection Security Agreements, Computer Matching Agreements, and Plans of Action and Milestones. 5. Ability to work independently and as a member of a team. 6. Ability to multitask and prioritize tasks effectively in order to meet deadlines. 7. Ability to engage diverse audiences of varying technical and non-technical skill-levels to ensure effective alignment of technical requirements to business objectives. 8. Ability to collaborate and coordinate efforts among multiple teams and vendors. 9. Must have intermediate to advanced skills in Microsoft Office products (Word, Excel, PowerPoint, Visio) to include working with templates and style guidelines for branding consistency. 10. Keen attention to detail while maintaining the ability to see the big picture. 11. Ability to absorb, retain, and communicate complex processes. 12. Strong English language skills. 13. Demonstrable understanding of the rules of English grammar and usage. 14. Ability to accept changes and constructive criticism and to remain flexible in dealing with leadership and teams of varying technical and business knowledge. Preferred Requirements/Skills: 1. Bachelor's degree in computer science or similar discipline. 2. Strong working knowledge of CMS MARS-E compliance requirements. 3. Prior experience working with an organization subject to CMS MARS-E requirements. 4. Experience and training with eGRC solutions. 5. Prior Health Information Technology experience. 6. Previous Medicaid experience. 7. Understanding of LEAN and Agile development practices. Additional Information All your information will be kept confidential according to EEO guidelines.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

RESPONSIBILITIES : • Assists in the development and implementation of security policies and standards for IT related items procured by the agency (e.g., hardware and software); • Researches and reviews various national and international security standards (e.g., Internal Revenue Service, Federal Information Processing (FIPS), National Institute of Standards and Technology (NIST), and International Organization for Standardization (ISO)) and explains the results, both orally and in writing; • Attends meetings with the Contract Attorney, General Counsel, Chief Information Officer, Chief Information Security Officer, and Deputy Director in order to determine agency policy as it relates to Information Security. REQUIRED SKILLS: - Oral and written communication skills; - Experience in developing and maintaining documentation for security policies, procedures, and best practices; - Providing continual consultation and written reports to senior management concerning security issues; - Hands-on experience documenting and managing all aspects of security within an enterprise organization, including but not limited to: o Firewall and IDS/IPS experience; o Virtual Private Networking (VPN); o Network access policies; o Web filters; o Publically accessible assets; o Active directory; o Security compliance for third party and/or in-house developed applications; o Virtualization and Storage area networking security; and o Anti-Virus management; - Experience preparing and submitting Security Program evaluations and compliance reports; - Working with other Department leaders, designing security components for operations and other strategic processes, and supervising the development and implementation of required security reporting devices and processes at all levels. Extensive working knowledge of Internet protocols, tools, and techniques including but not limited to: o Virtual Private Networking (VPN); o TCP/IP, Local Area Networks (LAN), Wide Area Networks (WAN); o Network device operating systems security configuration; o Internet security; and o Internet Information Server; - Knowledge of Virtual Machine operation, strengths, and weaknesses; - Experience with VMWare ESX security; - Support of web-based applications for internal (intranet) sites and external (Internet) sites; - Experience and working knowledge of backup products and methodologies.. Qualifications EXPERIENCE: • At least 10 years experience working as the Chief Information Security Officer, Security Officer, Security Consultant, or Security Analyst for a state or federal agency or large corporation. • Minimum 6 + Years experience in Application Security and Security - Knowledge in networking, databases, systems and Web operations. • 6 + Years experience in Security Information Architecture and Windows Security - Group Policy, Network access policies, User access policies. • 2 - 4 Years experience in Anti-Virus management and VPN - virtual private network. • And 6 + Years experience in Software Development Lifecycle - SDLC. • 2 - 4 Years experience in Firewall and Web Filters. • 6 + Years experience in Experience in developing and maintaining documentation for policies, procedures, and best practices, NIST Security. Additional Information Please help pass along to colleagues or associates below position who are looking for new role if you are not available. Should someone need more information I can be reached at narendra AT mitresource DOTcom Thank you for your time.

ASK IT consulting is an equal opportunity employer, which is a global staffing, consulting and technology solutions company, offering industry-specific solutions to fortune 500 clients and worldwide corporations. We have openings for Security Analyst for one of our client in Columbia, SC. Job Description Position: Security Analyst Location: Columbia, SC 29210 Duration: 12 Months Position Description: Previous experience as a principle level object oriented developer with in depth knowledge of software development security principles. In depth knowledge of the Windows kernel and developing Windows based device drivers. You will assist in the design, develop, and implementation of systems security for our existing production systems (Primarily Windows Based). Requirements: • Bachelor's degree in computer science or related discipline, Master's degree preferred. • 5+ years of professional software development experience. More is better. • Strong knowledge and skills in Windows databases, optimizing queries, SQL Injection attacks, OWASP Top 10 remediation techniques, and ensuring sensitive data is secure in use, transit and at rest. • Strong knowledge and skills in Windows internals, debugging and reverse engineering. • Strong knowledge of Windows Security such as Token / Privileges /SID /ACLs /Group Policy /Active Directory. • Demonstrated ability to design software and systems solutions, securely. • Ability to work collaboratively in a small close-knit team and have good communication skills. • Security expertise. Experience building secure code, penetration testing, and reverse engineering malware. • Experience with Windbg, ollydbg, metaspolit, wireshark, burp suite, and other security tools. • MS Visual Studio, XML, XHTML, ASP.NET, C++, J#, etc. • Experience building and securing Enterprise software products. • Have worked in an Agile development environment with Scrum. • Solid understanding of industry best practices for securing systems, secure systems design, security testing, and implementation. Skills: • Software development Reverse Engineering • Application Security • burp suite • information security principles and practices • Malware • metaspolit • ollydbg Yes • optimizing queries • OWASP Top 10 remediation techniques • Penetration Testing • Security - Knowledge in networking, databases, systems and Web operations • Security Information Architecture • SQL Injection attacks • Windbg • Windows - SID • Windows Security - Privileges • Windows Security - Token • Windows Security - ACL • Windows Security - Group Policy • wireshark • IT Security • Active Directory • Information Security • Security Program evaluation • Experience with UNIX, Windows, Linux, MacOS, Cisco, Juniper, web apps, databases, strong authentication, operating systems and network security protocols and procedures. • Network security • Windows • Agile/Scrum Methodology • C/C++ • J# • Visual Studio • XHTML • XML Additional Information Ask IT Consulting Inc.| 33 Peachtree St., Suite 100 |Holtsville, NY 11742 Website: **********************

REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE): 6 years information security experience Excellent written skills; Proven work experience in process improvement Ability to identify processes that must be in place for an IT organization to be efficient Extensive knowledge of IRS Pub 1075, NIST 800-53, ITIL, and CJIS Process Management ITIL Business Analysis experience to include data flow diagrams, requirements specifications, use case scenarios, and acceptance testing. Ability to work with security technicians to develop detailed procedures; Ability to quickly grasp complex technical concepts and make them easily understandable in both text and diagrams/flow charts Ability to deliver high quality documentation with attention to detail. REQUIRED EDUCATION: Bachelor's Degree in a relevant field of work or equivalent work experience. Additional Information All your information will be kept confidential according to EEO guidelines.

Zentek is a national recruiting company which partners with many of the leading employers in the Life Sciences, IT, and Financial Services sectors, feel free to check us out at ********************** Job Description Hi, Hope you are doing well !! My name is Ashita, resource professional with Zentek, Inc. Below are some key highlights of a contract position. If this is of interest please let me know. I would be happy to arrange a time to discuss the details and/or to further determine which types of opportunities you may be interested in exploring. Also help me out with your contact details. Job Title : Senior Security Engineer Location : South Carolina Duration : 3 months Contract to hire Role Description "The candidate will be responsible for: • Working directly with a broad range of security tools to implement changes and features • Developing strategies to improve operational workflow • Designing systems architectures and deployment strategies • Provide recommendations to overall system deployment and design • Providing expertise to members of the team and the customer • Gather detailed requirements necessary to develop a compliant solution to meet the client needs • Make recommendations for solutions needed to meet client demands Preferred Project or Engagement Background "The candidate will have the following attributes: • Expert in Linux System Administration • Expert in a broad range of security tools, Firewalls, NIDS, HIDS, SIEM, Endpoint protection. • Experience as a consultant, security engineer, similar responsibilities • Significant experience in security architecture and design techniques • Knowledge in compliance assessment and solutions for regimes such as PCI, HIPAA, SOX, etc • Knowledge of data center, cloud based environments, or Security Operations Center (SOC) • Knowledge of SOC workflow, and use of technology to replace manual labor • Have relevant industry IT security certifications • Knowledge and experience in Project Management, including related techniques and tools • Ability to interpret customer requirements and develop solutions to meet these requirements • Proven experience in writing statements of work and / or proposals in response to client requirements • Excellent communication and presentation skills • Ability to work closely with C Level executives in large enterprises • Commitment to excellence and willingness to do what is necessary to get the job done • Ability to travel in support of meetings, presentations, conferences, and similar events • Able to develop and deliver solutions, and thrive in a fast paced “start up” like environment Qualifications Required Skills: · security architecture and design · firewall · HIDS/NIDS · Linux · Scripting · SOC Workflow · network security · endpoint protection solutions Additional Information All your information will be kept confidential according to EEO guidelines.

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Savannah River National Laboratory (SRNL) is seeking an energetic individual with good interpersonal skills to join the Cyber Assurance, Governance, Risk Management and Compliance team! The selected individual will assist the Information Systems Security Officer (ISSO) and GRC team with NIST Risk Management Framework (RMF) processes to ensure a secure operational security posture is in place and maintained throughout the lifecycle of the system and/or network. Minimum Qualifications: Bachelor's degree in Computer Science, Information Assurance, or related field 4-6 years of relevant experience in NIST Risk Management Framework and Control Sets (i.e., NIST 800-37 and NIST 800-53) as a federal-contractor employee For ability to obtain and maintain a security clearance, US Citizenship is Legally Required Preferred Qualifications: Working knowledge and experience with the NIST Risk Management Framework and Control Sets (i.e., NIST 800-37 and NIST 800-53) in a federal contractor role Attention to detail and strong written communication skills (clear, concise for evidence/control implementation descriptions) Experience with information assurance tools (GRC, Tenable.SC, Nessus, Splunk, etc.) Ability to quickly learn new technologies, concepts, and processes Demonstrated ability to work collaboratively in a team environment with good interpersonal skills Active DOE L clearance Data entry, updates and maintenance of System Security Plans and other documents/evidence in the GRC tool Executing scans security scans (compliance and vulnerability related) Tracking status of temporary risk findings to closure and gathering remediation evidence Pulling configuration compliance reports, STIG checklists, CIS benchmarks Assist with RMF Continuous Monitoring activities and new project Risk Assessments Assist Project Security Officers and ISSOs with preparation of authorization packages for new projects and accreditation boundary Assist with entry of new risks, updates or maintenance in the risk register Assist in performing security impact analysis using approved security policies and SSPs and provide recommendations for meeting requirements with adequate security controls that align with business objectives. Work effectively in a team environment to resolve issues and contribute to continuous process improvement efforts. Participate/assist with compliance assessments/audits and data calls. Interact with customers and peers in a professional and responsive manner.

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Security Analyst Duration : 12+ Months REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE): Ability to install and use various security tools Application Security Experience in projects involving PCI/NIST security implementations and/or audits information security principles and practices IRS Safeguard Computer Security Evaluation Matrix (SCSEM) IT Security Malware NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY CONTROLS risk/vulnerability assessments Security - Knowledge in networking, databases, systems and Web operations SSP Additional Information All your information will be kept confidential according to EEO guidelines.