Cyber security analyst jobs in Maine - 36 jobs

Posting Type Remote As a Lead Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure. In this role, the main responsibilities will be to investigate and analyze emerging threats against our assets, identities, and clients. You will also provide actionable remediation guidance to end users and collaborate with highly skilled cyber experts to anticipate and mitigate evolving threats using world-class toolsets and next generation capabilities. Job Description and Requirements Responsibilities: Review, validation, and triage of alerts and technical analysis of log data from a diverse inventory of sensors, correlated signature logic, and threat intelligence sources. Assess the impact of security events by leveraging host, cloud and network-based indicators and evidence to deliver actionable incident escalations. Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy leveraging multiple technologies and data types. Build automation to search through collected telemetry to detect and isolate advanced threats that evade existing security solutions. Create Standard Operating Procedures, SOC playbooks, configuration guides, and secure standards. Automate incident handling processes. Engage in the continuous research of emerging threats and apply appropriate countermeasures within the context of a rapidly changing environment. Serve as a subject matter expert in the mechanism and analysis of observed malicious activity. Clearly document and communicate investigation findings to both technical and executive stakeholders. Identify and automate away technical burden. Build automation to deploy, operate and connect multiple cyber security tools and applications. Preferred Qualifications: 7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team for Cloud applications and corporate networks Exposure to threat detection development and tuning Experience in software design and development DevSecOps experience Ability to perform threat hunting, threat emulation, and/or purple teaming exercises Familiarity with industry standard security devices and their configuration Experience in reverse engineering malicious code to explore infection and propagation mechanisms Experience with threat intelligence tools and processes Certifications: One or more of the following certifications are preferred (GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH) 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Minimum Qualifications: 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks Relativity is committed to competitive, fair, and equitable compensation practices. This position is eligible for total compensation which includes a competitive base salary, an annual performance bonus, and long-term incentives. The expected salary range for this role is between following values: $150,000 and $226,000 The final offered salary will be based on several factors, including but not limited to the candidate's depth of experience, skill set, qualifications, and internal pay equity. Hiring at the top end of the range would not be typical, to allow for future meaningful salary growth in this position. Suggested Skills: Cybersecurity, Infrastructure Security, Network Security, Penetration Testing, Security Architecture Design, Security Audit, Security Information, Security Information and Event Management (SIEM), Security Operations, Vulnerability Management

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. Coinbase stores more digital currency than any company in the world, making us a top tier target on the internet. Security is core to our mission and has been a key competitive differentiator for us as we scale worldwide. Essential to scaling is building and running a security compliance program that reflects how we protect the data and assets in our care, to open the doors with customers, regulators, auditors, and other external stakeholders. If you love working with fast moving companies to grow and scale security compliance engines and create positive change across the business, we'd like to speak with you about joining our team. Coinbase is looking for a Security Compliance Senior Analyst to drive the second line of defense IT SOX initiatives and help mature the IT SOX program. *What you'll be doing (ie. job duties):* * Lead Security and IT initiatives to support the SOX roadmap and advance program maturity * Assist with SOX planning activities, including scoping of IT systems and creating training material to owners in preparation for SOX audit * Lead security control gap assessments over SOX control environment, recommend remediation plans and track through completion * Assess SOX implications of new products, update relevant controls, and communicate requirements to product organization and other stakeholders * Provide ongoing reporting to stakeholders and leadership on above responsibilities and communicate progress and escalations management * Perform SOX audit and control impact analysis as a result of security and technology incidents and partner with owning teams on control uplift activities * Build close relationships with stakeholder teams including Security, IT, Infrastructure, Engineering, Data, and Finance to advise on SOX requirements and ensure excellence in control ownership * Create and improve SOX procedural documentation, including process documentation, data flow diagrams, and uplifting templates * Work closely with internal and external auditors to educate them about a complex technology control environment * Oversee quality of audit initiatives, identify and analyze process gaps, provide guidance and expertise to team members * Develop creative solutions to prove risk mitigation and solve for complex audit problems faced by the crypto industry * Identify opportunities to address systemic program challenges, recommend solutions and drive efficiency through AI and automation *What we look for in you (ie. job requirements):* * Minimum of 5+ years of security/IT compliance or equivalent experience * Strong knowledge and hands-on experience in Internal Controls over Financial Reporting, SOX 404 frameworks, and testing to support compliance * Prior experience at a big 4 accounting firm * Experience leading compliance initiatives from start to finish * Proven understanding and audit experience of cloud technologies, AWS preferred * Ability to effectively and autonomously accomplish outcomes across cross-functional teams in ambiguous situations with minimal supervision * Strong oral and written communication skills * Ability to multitask, direct cross functional work, and hold others accountable to committed deadlines in a fast paced environment * Ability to communicate with technical / non-technical stakeholders to align on shared outcomes * Experience in Financial services, Big Tech, or FinTech *Nice to haves:* * BA or BS in a technical field or equivalent experience * Security certifications e.g. CISA, CISSP, CISM or other relevant certifications * Experience auditing in Crypto space Position ID: P73675 \#LI-Remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $167,280-$196,800 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Meta's Product Security team is seeking a experienced hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people. You will be relied upon to provide engineering and product teams with the web, mobile, or native code security expertise necessary to make informed product decisions. Come help us make life hard for the bad guys. **Required Skills:** Product Security Engineer, AI Responsibilities: 1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more 2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities 3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products **Minimum Qualifications:** Minimum Qualifications: 4. BS or MS in Computer Science or a related field, or equivalent experience 5. 8+ years of experience finding vulnerabilities in interpreted languages. Knowledge of best practice secure code development 6. Experience with exploiting common security vulnerabilities 7. Knowledge of common exploit mitigations and how they work 8. Coding and scripting experience in one or more general purpose languages **Preferred Qualifications:** Preferred Qualifications: 9. Experience creating software that enables security processes, especially those leveraging AI/ML for automation or augmentation 10. Experience integrating or building AI-powered tools to assist with vulnerability detection, code review, or threat modeling 11. Experience creating software that enables security processes 12. 8+ years of experience finding vulnerabilities in C/C++ code 13. Contributions to the security community (public research, blogging, presentations, bug bounty) 14. Demonstrated ability to collaborate with AI researchers or engineers to apply AI in security workflows **Public Compensation:** $184,000/year to $257,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Join Martin's Point Health Care - an innovative, not-for-profit health care organization offering care and coverage to the people of Maine and beyond. As a joined force of "people caring for people," Martin's Point employees are on a mission to transform our health care system while creating a healthier community. Martin's Point employees enjoy an organizational culture of trust and respect, where our values - taking care of ourselves and others, continuous learning, helping each other, and having fun - are brought to life every day. Join us and find out for yourself why Martin's Point has been certified as a "Great Place to Work" since 2015. Position Summary The Associate Information Security Analyst will be a contributor to security policies, monitoring and analyzing traffic and logs, and assisting in protecting the organization's IT systems and software from malicious activity and technology breaches. With general guidance and coaching, participates in security risk assessments, performing and analyzing vulnerability scans, working with others in IT and the business to remediate and eliminate risks. The Associate Information Security Analyst is proficient in security and technical knowledge, standards development, documentation of the security program, policies and procedures, risk identification and remediation, reporting, and awareness education related to information security. Job Description Key Outcomes: * Monitors SIEM, IDS/IPS, endpoint protections, and identity management solutions. * Assists in the administration and engineering of the security infrastructure including the single sign-on, multi-factor authentication, business continuity, and GRC tools. * Assists coordinating group-wide and company-wide information security matters such as incident response, intrusion detection management, and cyber security advisories. * Identifies information and IT security risks including IT technical implementations or business processes. * Under general direction, monitors and audits information systems, networks, and databases to identify and isolate occurrences of unauthorized activity; prepares and coordinates corrective actions. * Assists with conducting security assessments and audits, penetration testing, IT forensic investigations and incident management. * Assists with performing and/or coordinating regular security assessments of existing or new infrastructure or applications. * Coordinates response to information security incidents and threats. * Assesses and coordinates information and cyber vulnerabilities throughout the organization. * Reviews and enforces information security policy, standards and guidelines for business operations and technology implementations. Education/Experience: * Bachelors degree in CIS, CS, Business Administration, or similar, or combination of equivalent education and experience * 1+ years' experience with information security technologies, security monitoring, incident response, open-source technologies, and various operating systems * Healthcare experience and familiarity with HIPAA/HITECH, PCI-DSS, and NIST 800-53 is highly desirable Required License(s) and/or Certification(s): * Global Information Assurance Certification (GIAC), Security+, Offensive Security Certified Professional (OSCP), and/or Certified Ethical Hacker (C|EH) is a plus. Skills/Knowledge/Competencies (Behaviors): Customer Focus * Act as an owner of the business and seek to understand needs. * Able to communicate effectively and clearly to all levels of the IT organization and business when addressing a challenge or identified opportunity - take ownership. Business Acumen * Understands the business model of MPHC and can apply that context to projects * Always looks for ways to improve processes and create value for business partners. * Understands how organizational workflows affect data meaning and use. Drive for Results * Participates in enterprise architectural/analytical responsibilities and can plan/scope several inter-related activities to create efficiencies * Assists business stakeholders in making informed decisions. * Strong troubleshooting skills * Meticulously reviews their work and openly receives 3rd party review. Continuous Learning * Knows limitations and is open to learning from others, especially when cross-team collaborations are needed. * Seeks new knowledge and remains current in the industry. Process Improvement * Participates in continuous process improvement efforts within the team. * Consistently identifies opportunities for improvement in processes and work products * Ability to document and create standard work Dealing with Ambiguity * Able to communicate complex ideas and knows who to engage in problem solving. * Understand when to bring other team members onboard. * Proactively engages in learning to bring understanding to ambiguous situations. Information Security Analyst * Demonstrates an understanding of and alignment with Martin's Point Values * Thorough understanding of SIEMs, incident response, disaster recovery, contingency planning, encryption technologies, intrusion detection/prevention systems, and/or vulnerability management * Knowledge of Microsoft and Linux operating systems * Project management and documentation skills * Interpersonal and communication skills and the ability to work effectively with a wide range of constituencies in a diverse community * Maintains industry awareness regarding all information and cyber security trends and directions * Ability to organize and prioritize multiple tasks independently * Thorough understanding of traditional and mobile operating systems and applications * Ability to test and analyze complex system, network, and database security settings * Understands security protocols and monitoring tools * Has knowledge of how best practices integrate with company objectives There are additional competencies linked to individual contributor, provider, and leadership roles. Please consult with your leader to discuss additional competencies that are relevant to your position. This position is not eligible for immigration sponsorship. We are an equal opportunity/affirmative action employer. Martin's Point complies with federal and state disability laws and makes reasonable accommodations for applicants and employees with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact ***************************** Do you have a question about careers at Martin's Point Health Care? Contact us at: *****************************

About the Team/Role We're the Global Information Security Team at WEX, responsible for implementing and operating security technologies and processes throughout WEX. We partner closely with internal teams and customers to assure WEX operates in a secure and compliant manner. Our team holds itself to a high-standard and we collaborate closely with one another to ensure strong, reliable and effective relationships. We own our results and we take pride of ownership in everything we do. We need help! Changing the world isn't easy, and we have a lot of work ahead of us. From securing applications, data centers and cloud resources, we've got more work than we can handle and we're looking for great people to come along for the ride. We are looking for an application security engineer is responsible for ensuring the secure function of software security and familiarity with multiple general security practices and toolsets How you'll make an impact Culturally, you're: A highly motivated security engineer who loves working on small, high performing teams that interface with the entire enterprise A collaborative, solid communicator who works well with your team and stakeholders to drive projects from inception to completion Someone who cares deeply for team results but is able to work independently to deliver high quality solutions for projects and operational tasks Comfortable balancing the need to move fast with the realities of working in a highly regulated organization Someone who thrives in situations where details and accuracy are vital A skilled worker that has the motivation, expertise, and work ethic to operate independently across global time zones, and who is able to complete tasks and deliverables with minimal oversight Work closely with Enterprise IT teams on securing Wex's infrastructure and applications Able to mentor other engineers both technically and professionally Technically, you: Engineer, implement, and monitor security measures to protect the enterprise Configure and troubleshoot security infrastructure devices Regularly review configurations and develop improvement plans Develop technical solutions and new security tools to help mitigate security findings Write comprehensive reports including assessment-based findings, outcomes and recommendations for security enhancement. Have a general background in IT, Security, and supporting processes Deep experience working with compliance and regulatory frameworks such as PCI-DSS, HIPAA/HITRUST, SOX, GDPR, NIST, etc. Experience you'll bring Have 3-5 years of experience in Enterprise Information Security Engineering Have 3-5 years of broad experience with security technologies such as NextGen AV (EDR), DLP, email security (SPF, DMARC, DKIM), web filtering, HSM, Key and Certificate management, or Identity and Access Management Have a strong, practical understanding of modern cloud IT infrastructure, networking, and security engineering concepts Are able to troubleshoot network and security issues within a complex environment Have 3-5 years of experience in engineering solutions which meet security, compliance, and business needs Can commit and deliver on very specific project/delivery timelines with minimal supervision Are able work in an on-call rotation which may include some night and weekend shifts Have excellent customer support skills, both written and verbal Have 3-5 years of experience Linux and Unix operating systems Have 3-5 years of experience with securing applications and enabling secure communication through HTTPS It would be nice if you Have cloud experience with AWS and Azure Experience working with AI/LLM Security Experience working with Splunk Experience working with CrowdStrike Experience with automation technologies (SOAR) and writing code for automation Experience working with Fortanix, Venafi, or similar The base pay range represents the anticipated low and high end of the pay range for this position. Actual pay rates will vary and will be based on various factors, such as your qualifications, skills, competencies, and proficiency for the role. Base pay is one component of WEX's total compensation package. Most sales positions are eligible for commission under the terms of an applicable plan. Non-sales roles are typically eligible for a quarterly or annual bonus based on their role and applicable plan. WEX's comprehensive and market competitive benefits are designed to support your personal and professional well-being. Benefits include health, dental and vision insurances, retirement savings plan, paid time off, health savings account, flexible spending accounts, life insurance, disability insurance, tuition reimbursement, and more. For more information, check out the "About Us" section.Pay Range: $102,000.00 - $135,000.00

INFORMATION SECURITY ANALYST SUMMARY: The Information Security Analyst is responsible for contributing, implementing, and maintaining the credit union's cyber security program. Leveraging the required skills and experience, the Information Security Analyst will investigate and respond to security incidents, work closely with internal departments and/or third parties, and provide status updates to management. ESSENTIAL DUTIES AND RESPONSIBILITIES include the following: Review daily log reports generated from information security systems and investigate anomalous behavior. Process reported social engineering attempts to determine if a threat exists and communicate outcomes to involved parties. Monitor, investigate, remediate, and report security incidents as they arise. Work with other members of the Incident Response Team, as needed. Conduct social engineering exercises across the organization and assist with training remediation efforts. Administer the organizations vulnerability management program to identify and prioritize vulnerabilities. Will also work closely with the Information Technology team and product owners to remediate discovered vulnerabilities. Administer the credit union's information security systems and tools. Contribute to the organizations security policies, procedures, and processes. Implements the information security strategy and objectives, as approved by the Chief Information Officer, including strategies to monitor and address current and emerging risks. Participates on the Change Control Board ensuring systems changes are made with appropriate Confidentiality, Availability, Integrity and Cyber Security design and controls Participates in industry collaborative efforts to monitor, share, and discuss emerging security threats. Maintains up-to-date knowledge of the security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. Contributes to the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically. Champions security awareness and training programs. Participate in security NIST based incident response process including event handling, process reviews and tabletop exercises. Supervise all investigations into problematic activity and provide on-going communication and reports significant security events to the board, supervisory committee, and management as appropriate. Responds to and complies with audit, regulatory, and credit union policies and procedures. Monitor and respond to security related alerts during non-business hours. QUALIFICATION REQUIREMENTS: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. KEYS TO SUCCESS: Knowledge Of: Experience in enterprise security document creation. Experience in enterprise security architecture design. Experience in NIST based Incident Handling Working technical knowledge of Firewalls, Intrusion Detection, Networking technologies ( LAN / WAN ), Data Loss Prevention (DLP), Network Access Controls (NAC), Security Incident and Event Management Systems (SIEM), Email Security. Vulnerability Management Tools (Nessus, Nexpose, Etc) Command Line Utilities such as Nmap, netcat, etc. Experience with security in cloud environments (Azure preferred) required. Microsoft Windows Server, Active Directory, DNS and DHCP, etc. Microsoft Windows 10 and later Microsoft Office and Visio 2016 and later Ability To: Create and maintain detailed technical documentation Proven analytical and problem-solving abilities. Good written, oral, and interpersonal communication skills. Ability to conduct research into IT security issues and products as required. Ability to present ideas in business-friendly and user-friendly language. Highly self-motivated and directed. Team-oriented and skilled in working within a collaborative environment. EDUCATION, EXPERIENCE, & TRAINING GUIDELINES: Any equivalent combination of education and experience that provides the applicant with the knowledge, skills, and abilities, required to perform the job is acceptable. A typical way to obtain the knowledge and abilities would be: Education/Experience: Bachelor's degree preferably in Information Systems or Computer Science 3-5 years of relevant Information Technology or Information Security experience. License or Certification: Security certifications such as Security+, CySA+, SSCP, etc. Bondable Acceptable Credit History Compensation & Benefits: Salary Range: $62,200 - $93,300 Health, Dental & Vision Benefits Bonus opportunity 401(k) with match and profit sharing Flexible Time Off

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Senior Cybersecurity Engineer

Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology. As one of the world's leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures. Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company - not just insurers. We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer experience. Team members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo. Unum is changing, and we're excited about what's next. Join us. General Summary: Senior Security Engineer Join a team where your expertise shapes enterprise-wide security strategy. We're seeking a Senior Security Engineer to lead the design and execution of cutting-edge security architecture and defense frameworks that protect critical assets across our global organization. In this role, you'll: Influence corporate-level security decisions Architect and operate a depth-in-defense security framework Drive Identity & Access Management and privileged access solutions Collaborate with IT and business leaders to integrate secure technologies Partner with internal and external audit teams to ensure compliance You'll be solving complex security challenges, building scalable solutions, and helping shape the future of cybersecurity at Unum. Job Specifications * Bachelor's or advanced degree in computer science or related discipline preferred or comparable work experience. * 6+ years of related work experience in information technology engineering, support or consulting experience. Preferred if two of those years was spent in networking, application development, system security or IT Audit related positions. Demonstrated ability and success in: * Working effectively in an ambiguous environment, functioning independently, and effectively working across geographical locations. * Detecting and analyzing hostile and other improper actions in such an environment. * Investigating and responding to security alerts, or new security threats with a sense of urgency. * Strong oral and written communications skills * Strong analytical and problem-solving skills and proactive thinking skills * Strong Knowledge of (at least one) UNIX, Windows, Mainframe, and/or Apple Operating System vulnerabilities and secure configuration settings * Strong Knowledge of threats and vulnerabilities associated with application and network security. * Strong Knowledge of the principles of implementation and operation and experience with security technology such as firewalls, multi-level security implementation, security assessment, monitoring and profiles tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.), and password crackers. * Mentor and support junior level security staff * Develops strong partnerships with client management, business clients, application developers, software vendors and other technical resources which includes, but not limited to, legal, compliance, and privacy * Maintain close relationships with the business to understand strategy, processes, plans and needs to help influence planning by advising on best practices, innovation/technology enablement opportunities * Communicates effectively with business partners, customers, brokers, third party suppliers/partners, and systems resources at all levels. * Delivers effective, high-quality solutions in a timely manner while balancing shifting priorities and, at times, accelerated timelines. * Facilitate matching business needs and services options by leveraging knowledge of business strategy, processes, and market offerings to assist in evaluating the most appropriate products and services to meet its requirements * Provide an overall perspective or point of clarification to partner on operational aspects of a service. Has a good overall understanding of infrastructure and application portfolios to provide guidance to service partner provider. Technical Skills for Identity & Access Management * Experience in implementing and supporting global Identity and Access Management solutions (Identi-ty Management, Access Management, Virtual Directory, SSO) * Knowledge and experience on Oracle OAM ,ForgeRock OpenAM and/or other Web Access Manage-ment systems (like CA SiteMinder), and API integration * Experience on ForgeRock OpenIDM, Oracle OIM and/or other Identity management systems * Experience on SSO (Single-Sign-On) technologies including Cloud, SAML and federation of identities (IdP initiated and SP initiated), multi-factor authentication * Experience on CyberArk, Enterprise Certificate Management and Enterprise Token Services technol-ogies. * Experience with LDAP/Directory Services including Active Directory and Radiant Logic * Experience with RACF, DB2, SQL * Experience with Azure, O365 and AWS * Familiar with Regulations, including, GLPA, HIPAA, GDPR, CCPA, and other Cyber Security Regulatory compliance requirements and related programs * ISO 27001/27002 the NIST Cyber Security Framework * CISSP, CISM, SANS, and other security related certifications a plus Technical Skills for Cyber Security Excellent working knowledge of one or more of the following security areas desired: * Operating System Security (Windows, Apple, AIX, Linux, zOS) * Internet Technologies (NNTP, Proxy, HTTP, HTTPS, HTLM, SSL, X.509) * TCP/IP and networking (LAN/WAN/Wireless) * Intrusion Detection and Prevention products * Incident Response Management * Public Key Infrastructure technologies including encryption, Kerberos, certification authorities * Application and Network Security Assessments methodologies and tools * General Access Control Security (Active Directory, Linux, and Mainframe security) * IPSEC and remote access technologies * End Point Security products (i.e. Anti-virus, Malware, Hard Drive encryption) * Ethical Hacking, Incident Response and case management. * Forensic tools such as Oxygen, encase, Atola Forensic equipment * Experience in implementing and operating security technology such as firewalls, multi-level security implementation, security assessment scanners, and security monitoring tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.) * Experience in application and network security assessment methodologies, tools, and techniques * Experience in implementing and operating global end-point security products (anti-virus, anti-malware, hard drive encryption, DLP, etc.) * Security Coding Standards (e.g. OWASP) and Secure Software Development Lifecycles.SOX and HIPPA compliance requirements and related programs Familiar with Regulations, including, GLPA, HIPAA, GDPR, CCPA, and other Cyber Security Regulatory compliance requirements and related programs * ISO 27001/27002 the NIST Cyber Security Framework * CISSP, CISM, SANS, and other security related certifications a plus Principal Duties and Responsibilities Performing cyber security monitoring and security incident response, including: * Monitors for external threats and indicators of compromise * Responds to and leads incident response for threat alerts * Monitors for inappropriate utilization of computer resources * Assesses reported security threats and weaknesses. * Provides level II support for Operations * Participates in 24/7 on-call rotation. * Participates in ethical hacking red team/blue team exercises. * Performs day-to-day operations and technical support, including system upgrades, on the Unum security technology portfolio. * Consults on the security framework to IT/Business project teams, and in day-to-day business operations. * Consults with development and business partners on integration and security configuration for new or existing software or solutions * Participates in the evaluation of vendor's product strategies, technology roadmaps and software enhancements, and consults on the inclusion and rollout these recommendations in the corporate security roadmap. * Develops and consults on sound security policies and procedures. * Assists with application and network security assessments, as assigned. * Maintains expertise to function as subject matter expert in one or more security disciplines. * Develops strong partnerships with business clients, application developers, software vendors and other technical resources. * Performs other duties as assigned. #LI-AD1 #LI-MULTI ~IN1 Our company is built on helping individuals and families, and this starts with our employees. We want employees to maintain a positive balance, which is why we provide access to the benefits and resources they need to invest in themselves. From our onsite fitness facilities and generous paid time off to employee professional development programs, we are committed to helping employees live and work their best - both inside and outside the office. Unum is an equal opportunity employer, considering all qualified applicants and employees for hiring, placement, and advancement, without regard to a person's race, color, religion, national origin, age, genetic information, military status, gender, sexual orientation, gender identity or expression, disability, or protected veteran status. The base salary range for applicants for this position is listed below. Unless actual salary is indicated above in the job description, actual pay will be based on skill, geographical location and experience. $98,340.00-$201,900.00 Additionally, Unum offers a portfolio of benefits and rewards that are competitive and comprehensive including healthcare benefits (health, vision, dental), insurance benefits (short & long-term disability), performance-based incentive plans, paid time off, and a 401(k) retirement plan with an employer match up to 5% and an additional 4.5% contribution whether you contribute to the plan or not. All benefits are subject to the terms and conditions of individual Plans. Company: Unum

We are the movers of the world and the makers of the future. We get up every day, roll up our sleeves and build a better world -- together. At Ford, we're all a part of something bigger than ourselves. Are you ready to change the way the world moves? The Enterprise Cyber Security Cloud Security team is responsible for working with other security and cloud services teams to ensure alignment and collaboration in securing Ford's public cloud infrastructure. The teams work closely together to identify security gaps in the cloud environments and address them. The Cloud Security team is responsible for identifying, evaluating, and recommending cloud security tools and functions to enhance security around Ford's public cloud. The team is also responsible for developing and managing the following Security Services in Ford's public cloud environments: - Cloud Security Automation Development - GCP/Azure Security Compliance - GCP VPC Service Control - GCP Cloud Armor/ Azure WAF **What you'll do...** + Partner with other Cloud Security team members to identify and develop automation for security related workflows and audits (VPC SC, DLP, Exceptions, Org Policy, etc..). + Lead evaluation and develop an understanding of tools needed to address security gaps. + Lead/Collaborate with EPEO Services teams on security gap remediation. **You'll have...** + Bachelor's degree in Computer Science, Information Technology or related OR a combination of education and experience + 5+ years of scripting and automation experience + Proven experience in developing and implementing automation using scripting languages such as + Python, PowerShell, or Go, particularly for API integrations, security tool orchestration, and custom audit scripts. + Solid understanding and practical experience with Git and GitHub for version control, collaborative development, and security automation pipeline management. + Familiarity with CI/CD pipelines and automated deployment tools (e.g., Jenkins, Azure DevOps, GitHub Actions) to integrate security automation into the software development lifecycle. + Knowledge of Infrastructure-as-Code (IaC) principles and tools like Terraform. + Strong knowledge of security best practices and guidelines (at the enterprise-level) related to GCP and Azure Cloud deployments as well as common web application frameworks + Understand the functionality and secure usage of various GCP services: VPCs, IAM, security groups, compute engine, cloud storage, Security Command Center, VPC Service Control, Cloud DLP and Cloud Armor + Customer focused and strong team orientation + Self-starter and fast-learner + Strong communication and interpersonal skills + Strong problem solving and Analytical/Reasoning skills + Strong drive for results and ability to work independently + Demonstrated commitment to quality and project timing + Familiarity with the agile project planning process and use of Rally. + Document processes & procedures and developing other documentation. **Even better, you may have...** + Understand the functionality and secure usage of various Azure services: Virtual Machines, Virtual Networks, Azure Active Directory, App Services, Azure SQL Databases, Storage Accounts, Kubernetes, Containers, Key vaults. You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply! As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder...or all of the above? No matter what you choose, we offer a work life that works for you, including: - Immediate medical, dental, vision and prescription drug coverage - Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more - Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more - Vehicle discount program for employees and family members and management leases - Tuition assistance - Established and active employee resource groups - Paid time off for individual and team community service - A generous schedule of paid holidays, including the week between Christmas and New Year's Day - Paid time off and the option to purchase additional vacation time. For a detailed look at our benefits, click here: ******************************* This position is a range of salary grades 7-8. Visa sponsorship is not available for this position. SOUTHEAST MI RESIDENTS: This role is posted as remote unless you reside within 50 miles of Dearborn, MI-in which case we request on-site presence up to 4 days a week. Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call **************. \#LI-Remote **Requisition ID** : 54783

Fiber Materials Inc. | solutions for the most extreme places in the universe FMI's manufacturing facility has been a leading solutions provider of high temperature materials and composites for more than 50 years, serving the Department of Defense and NASA. The focus in Maine is on multidirectional reinforced Carbon/Carbon (C/C) and Ceramic Matrix Composites (CMCs) that enable high-temperature components such as: thermal protection systems, re-entry vehicle nose tips as well as rocket motor throats and nozzles. Our materials are being used on ground-breaking space initiatives such as the Orion Multi-Purpose Crew Vehicle and the heat shield for NASA's Mars 2020 mission, important missile programs, airfoils in commercial and military jet engines, and as lightweight armor for U.S. military ground vehicles. Your role: FMI is seeking an Information Security Analyst to support a small, stand-alone classified information system(s) in support of a U.S. Government contract(s). As the Information Security Analyst, you will encompass the responsibilities of an Information System Security Officer (ISSO) and Information System Security Engineer (ISSE). To be successful, you will be responsible for compliance, operations, and technical security engineering of the classified environment. Please keep in mind this role is on site. Job Responsibilities: Operational Security (ISSO Duties): Perform continuous monitoring and day-to-day security administration of the system. Manage user access, account creation, and audit log reviews. Conduct security training and briefings for system users. Document and report security incidents, vulnerabilities, and mitigation actions. Engineering & Technical Security (ISSE Duties): Design, implement, and maintain technical security controls for the system. Evaluate, recommend, and integrate security solutions for classified IT environments. What we need from you: Associate's degree in Cybersecurity, Information Technology, or related field; equivalent experience considered 1-3 years of experience in information system security Active or ability to obtain and maintain an U.S. Government security clearance (Secret or above) Effective time management Technical proficiency Detail oriented Strong listening skills Customer focus Self-motivated Strong interpersonal skills Ability to work independently and as part of a team in a fast-paced environment Knowledge of NIST and or CMMC cybersecurity frameworks and standards Understanding in cyber security assessment tools and methodologies Understanding network and system security, intrusion detection and prevention, and incident response Excellent analytical and problem-solving skills Commitment to continuous learning and staying current with industry developments Excellent communication and documentation skills What you'll get from us: 16 ETO days 12 paid holidays (including Winter Closure!) Medical / Dental / Vision 401k Company Match Tuition Reimbursement $1000 Sign-On Bonus

About Us: Proofpoint is a global leader in human- and agent-centric cybersecurity. We protect how people, data, and AI agents connect across email, cloud, and collaboration tools. Over 80 of the Fortune 100, 10,000 large enterprises, and millions of smaller organizations trust Proofpoint to stop threats, prevent data loss, and build resilience across their people and AI workflows. Our mission is simple: safeguard the digital world and empower people to work securely and confidently. Join us in our pursuit to defend data and protect people. How We Work: At Proofpoint you'll be part of a global team that breaks barriers to redefine cybersecurity guided by our BRAVE core values: Bold in how we dream and innovate Responsive to feedback, challenges and opportunities Accountable for results and best in class outcomes Visionary in future focused problem-solving Exceptional in execution and impact POSITION SUMMARY The Security Solutions Engineer is an information security expert responsible for assessing and improving the security posture of customer environments. The Security Solutions Engineer manages the technical aspects of customer systems and is primarily responsible for solution uptime, availability, policy development and problem troubleshooting. Security Solutions Engineers are also responsible for the technical development of various clients' security solutions such as: Proofpoint Protection Server, TAP, TRAP, and other Proofpoint products. Platform Engineers serve as an escalation point and mentor for other members of the team. Platform Engineers also help develop internal process, procedure, and drive collaboration across business units to help streamline service delivery. He or she must ensure that all tasks performed adhere to the firm's ISO 27001 Information Security Management System (ISMS). This includes participation in annual information and network security training and acceptance of spot checks on an ad hoc basis to guarantee that Proofpoint is constantly improving upon the organization's ISMS. Each member of our team must understand the importance of the ISMS and the corresponding handling of customer data. DUTIES & ESSENTIAL JOB FUNCTIONS: Serve as an escalation point for other engineers on the team Optimize security policies to protect against emerging threats and adhere to industry best practices Create and develop custom solutions for managed security systems Maximize system uptime, availability, and performance Utilize internal CRM for problem tracking and project development Assist the team in meeting all customer SLAs Unsurpassed attention to detail, analytical problem-solving skills, and ability to diagnose and troubleshoot technical issues Maintain awareness of industry trends, security news, and best practices Take on-call rotation after hours and on weekends, serving as a point of escalation as necessary Provide flexibility with schedule to cover job requirements Ability to quickly and efficiently resolve client issues while maintaining high levels of client satisfaction Lead technical discussions with customers and partnering organizations Research and analyze industry trends and security vulnerabilities, in order to effectively communicate to customers any risk to their environments and implement solutions to mitigate the risk Administer and support lab environment to include change request review and approval, maintenance, and design QUALIFICATIONS: Bachelor's Degree in Computer Science, Information Technology, or related discipline. Experience may be considered in lieu of a degree Experience with Email Security Corporate computer networking, technical support, system administration, Windows, Unix/Linux Operating System administration and/or network security experience Experience and proficiency in Proofpoint email security products, to include certification and training Experience and proficiency designing and implementing Proofpoint solutions High Level of critical thinking and proven ability to manage customer expectations high pressure situations Proficiency in technical writing, diagraming, and communications. Combine patience, determination, and persistence to troubleshoot client issues Ability to work effectively with team members and clients Desire to mentor junior engineers Self-motivated, with ability to manage and follow up on multiple tasks simultaneously Strong analytical capabilities, problem solving skills, providing solutions in a systematic and clear manner, and easily understood by colleagues and customers Strong time-management skills PREFERRED Experience with Proofpoint email security products - PoD/TAP/TRAP Expert in information security or network security SQL or Oracle database experience Regular expression experience Scripting knowledge of Perl, Python, Java, or Bash Proofpoint product certifications Industry certifications such as CISSP, Network+, Security+, etc. Experience working in Managed Services. #LI-Remote Why Proofpoint? At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you'll love working with us: Competitive compensation Comprehensive benefits Career success on your terms Flexible work environment Annual wellness and community outreach days Always on recognition for your contributions Global collaboration and networking opportunities Our Culture: Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone. We encourage applications from individuals of all backgrounds, experiences, and perspectives. If you need accommodation during the application or interview process, please reach out to accessibility@proofpoint.com. How to Apply Interested? Submit your application along with any supporting information- we can't wait to hear from you! Consistent with Proofpoint values and applicable law, we provide the following information to promote pay transparency and equity. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets as set out below. Pay within these ranges varies and depends on job-related knowledge, skills, and experience. The actual offer will be based on the individual candidate. The range provided may represent a candidate range and may not reflect the full range for an individual tenured employee. This role may be eligible for variable compensation and/or equity. We offer a competitive benefits package, including flexible time off, a comprehensive well-being program with two paid Wellbeing Days and two paid Volunteer Days per year, plus a three-week Work from Anywhere option. Base Pay Ranges: SF Bay Area, New York City Metro Area: Base Pay Range: 98,900.00 - 155,430.00 USD California (excludes SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, and Alaska: Base Pay Range: 78,800.00 - 123,805.00 USD All other cities and states excluding those listed above: Base Pay Range: 70,400.00 - 110,605.00 USD

Connectivity Point is seeking a highly skilled Security Technical Engineer to serve as the critical link between our field technicians and design team. This role ensures that purchased systems are installed accurately, efficiently, and in alignment with customer expectations-delivering exceptional customer service while supporting project profitability. JOB RESPONSIBILITIES: Review project documentation to gain thorough understanding and check for accuracy. Create and maintain system configuration software. Work with design team to create and update project installation documents using Bluebeam, Visio, Excel, and/or CAD as needed. Coordinate on-site implementation process for security installations and service requests. Travel as necessary. This may include overnight travel out of state. Work with the security design engineers both presale and post-sale. Oversee implementation of security solutions to ensure that equipment is installed per industry standards and best practices. This may require working in the field along with security technicians to accomplish the installation objective, timeline, and goal of customer satisfaction. Report any out of scope work required to allow for change order generation as needed. Participate in customer construction status calls/meetings as required. Provide detailed project field status updates to security PM and Division Manager. Provide end user training on newly installed systems. Strengthen customer relationships by being responsible, accurate, helpful, and trustworthy. Proactively look for opportunities to provide more value-add services to customers. Assist with maintaining customer profiles and standards documents to ensure accuracy. Provide remote technical support for out-of-market technicians in the field as needed. Assist with ensuring customer profile documents are maintained and updated. Stay up to date on security technologies and installation practices. Work with the rest of the security team to evaluate new products and services. Support existing customers remotely or in person as needed. Perform other assigned duties as requested. SKILLS/EXPERIENCE/TRAINING: High School Diploma or General Education Degree (GED) and four to five years minimum industry experience in security system sales, management, service, or installation; or the equivalent combination of education and experience Solid security system industry experience including sales, service, project management and/or installation of security systems, access control, and CCTV. Kantech, DSC, and Exacqvision software experience. Ability to follow blueprints, notes and specifications to meets the job requirements. Basic written and verbal communications skills. Proven ability to follow instructions and focused attention to detail. Experience with construction and adherence to large and small project scheduling. Enjoys hands-on problem solving in a fast paced work environment. Ability to work well both independently and as part of a professional team. Excellent time management, planning and forward-thinking skills. Self-motivated with a positive and professional attitude. Excellent communication and listening skills. Strong teambuilding, customer service, and interpersonal skills. Must possess good decision-making skills, be very organized and detail oriented. Strong computer skills using Microsoft Office suite (i.e., Word, Excel, Outlook) required. T his job description is not intended to be and should not be construed as an all-inclusive list of all the responsibilities, skills or working conditions associated with the position. While it is intended to accurately reflect the position activities and requirements, the Company reserves the right to modify, add or remove duties and assign other duties as necessary.

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $184,000/year to $257,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology. As one of the world's leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures. Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company - not just insurers. We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer experience. Team members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo. Unum is changing, and we're excited about what's next. Join us. **General Summary:** Senior Security Engineer Join a team where your expertise shapes enterprise-wide security strategy. We're seeking a Senior Security Engineer to lead the design and execution of cutting-edge security architecture and defense frameworks that protect critical assets across our global organization. In this role, you'll: Influence corporate-level security decisions Architect and operate a depth-in-defense security framework Drive Identity & Access Management and privileged access solutions Collaborate with IT and business leaders to integrate secure technologies Partner with internal and external audit teams to ensure compliance You'll be solving complex security challenges, building scalable solutions, and helping shape the future of cybersecurity at Unum. **Job Specifications** + Bachelor's or advanced degree in computer science or related discipline preferred or comparable work experience. + 6+ years of related work experience in information technology engineering, support or consulting experience. Preferred if two of those years was spent in networking, application development, system security or IT Audit related positions. Demonstrated ability and success in: + Working effectively in an ambiguous environment, functioning independently, and effectively working across geographical locations. + Detecting and analyzing hostile and other improper actions in such an environment. + Investigating and responding to security alerts, or new security threats with a sense of urgency. + Strong oral and written communications skills + Strong analytical and problem-solving skills and proactive thinking skills + Strong Knowledge of (at least one) UNIX, Windows, Mainframe, and/or Apple Operating System vulnerabilities and secure configuration settings + Strong Knowledge of threats and vulnerabilities associated with application and network security. + Strong Knowledge of the principles of implementation and operation and experience with security technology such as firewalls, multi-level security implementation, security assessment, monitoring and profiles tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.), and password crackers. + Mentor and support junior level security staff + Develops strong partnerships with client management, business clients, application developers, software vendors and other technical resources which includes, but not limited to, legal, compliance, and privacy + Maintain close relationships with the business to understand strategy, processes, plans and needs to help influence planning by advising on best practices, innovation/technology enablement opportunities + Communicates effectively with business partners, customers, brokers, third party suppliers/partners, and systems resources at all levels. + Delivers effective, high-quality solutions in a timely manner while balancing shifting priorities and, at times, accelerated timelines. + Facilitate matching business needs and services options by leveraging knowledge of business strategy, processes, and market offerings to assist in evaluating the most appropriate products and services to meet its requirements + Provide an overall perspective or point of clarification to partner on operational aspects of a service. Has a good overall understanding of infrastructure and application portfolios to provide guidance to service partner provider. **Technical Skills for Identity & Access Management** + Experience in implementing and supporting global Identity and Access Management solutions (Identi-ty Management, Access Management, Virtual Directory, SSO) + Knowledge and experience on Oracle OAM ,ForgeRock OpenAM and/or other Web Access Manage-ment systems (like CA SiteMinder), and API integration + Experience on ForgeRock OpenIDM, Oracle OIM and/or other Identity management systems + Experience on SSO (Single-Sign-On) technologies including Cloud, SAML and federation of identities (IdP initiated and SP initiated), multi-factor authentication + Experience on CyberArk, Enterprise Certificate Management and Enterprise Token Services technol-ogies. + Experience with LDAP/Directory Services including Active Directory and Radiant Logic + Experience with RACF, DB2, SQL + Experience with Azure, O365 and AWS + Familiar with Regulations, including, GLPA, HIPAA, GDPR, CCPA, and other Cyber Security Regulatory compliance requirements and related programs + ISO 27001/27002 the NIST Cyber Security Framework + CISSP, CISM, SANS, and other security related certifications a plus **Technical Skills for Cyber Security** **Excellent working knowledge of one or more of the following security areas desired:** + Operating System Security (Windows, Apple, AIX, Linux, zOS) + Internet Technologies (NNTP, Proxy, HTTP, HTTPS, HTLM, SSL, X.509) + TCP/IP and networking (LAN/WAN/Wireless) + Intrusion Detection and Prevention products + Incident Response Management + Public Key Infrastructure technologies including encryption, Kerberos, certification authorities + Application and Network Security Assessments methodologies and tools + General Access Control Security (Active Directory, Linux, and Mainframe security) + IPSEC and remote access technologies + End Point Security products (i.e. Anti-virus, Malware, Hard Drive encryption) + Ethical Hacking, Incident Response and case management. + Forensic tools such as Oxygen, encase, Atola Forensic equipment + Experience in implementing and operating security technology such as firewalls, multi-level security implementation, security assessment scanners, and security monitoring tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.) + Experience in application and network security assessment methodologies, tools, and techniques + Experience in implementing and operating global end-point security products (anti-virus, anti-malware, hard drive encryption, DLP, etc.) + Security Coding Standards (e.g. OWASP) and Secure Software Development Lifecycles.SOX and HIPPA compliance requirements and related programs **Familiar with Regulations, including, GLPA, HIPAA, GDPR, CCPA, and other Cyber Security Regulatory compliance requirements and related programs** + ISO 27001/27002 the NIST Cyber Security Framework + CISSP, CISM, SANS, and other security related certifications a plus **Principal Duties and Responsibilities** Performing cyber security monitoring and security incident response, including: + Monitors for external threats and indicators of compromise + Responds to and leads incident response for threat alerts + Monitors for inappropriate utilization of computer resources + Assesses reported security threats and weaknesses. + Provides level II support for Operations + Participates in 24/7 on-call rotation. + Participates in ethical hacking red team/blue team exercises. + Performs day-to-day operations and technical support, including system upgrades, on the Unum security technology portfolio. + Consults on the security framework to IT/Business project teams, and in day-to-day business operations. + Consults with development and business partners on integration and security configuration for new or existing software or solutions + Participates in the evaluation of vendor's product strategies, technology roadmaps and software enhancements, and consults on the inclusion and rollout these recommendations in the corporate security roadmap. + Develops and consults on sound security policies and procedures. + Assists with application and network security assessments, as assigned. + Maintains expertise to function as subject matter expert in one or more security disciplines. + Develops strong partnerships with business clients, application developers, software vendors and other technical resources. + Performs other duties as assigned. \#LI-AD1 \#LI-MULTI ~IN1 Our company is built on helping individuals and families, and this starts with our employees. We want employees to maintain a positive balance, which is why we provide access to the benefits and resources they need to invest in themselves. From our onsite fitness facilities and generous paid time off to employee professional development programs, we are committed to helping employees live and work their best - both inside and outside the office. Unum is an equal opportunity employer, considering all qualified applicants and employees for hiring, placement, and advancement, without regard to a person's race, color, religion, national origin, age, genetic information, military status, gender, sexual orientation, gender identity or expression, disability, or protected veteran status. The base salary range for applicants for this position is listed below. Unless actual salary is indicated above in the job description, actual pay will be based on skill, geographical location and experience. $98,340.00-$201,900.00 Additionally, Unum offers a portfolio of benefits and rewards that are competitive and comprehensive including healthcare benefits (health, vision, dental), insurance benefits (short & long-term disability), performance-based incentive plans, paid time off, and a 401(k) retirement plan with an employer match up to 5% and an additional 4.5% contribution whether you contribute to the plan or not. All benefits are subject to the terms and conditions of individual Plans. Company: Unum

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com