Cyber security analyst jobs in Manchester, NH - 89 jobs

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Information Security, Information Security Management, Information System Security Certifications: None Experience: 5 + years of related experience US Citizenship Required: Yes Job Description: The Information Systems Security Officer (ISSO) III is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. This will include physical and environmental protection, personnel security, incident handling, and security training and awareness. It will be required to work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation to include developing and updating the authorization documentation, implementing configuration management across authorization boundaries. This will include assessing the security impact of those changes and making recommendation to the ISSM. The primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Performance shall include: Assist the ISSM in meeting their duties and responsibilities. Prepare, review, and update authorization packages. Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media. Notify ISSM when changes occur that might affect the authorization determination of the information system(s). Conduct periodic reviews of information systems to ensure compliance with the security authorization package. Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change. Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure all IS security-related documentation is current and accessible to properly authorized individuals. Ensure audit records are collected, reviewed, and documented (to include any anomalies) Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties. Execute the cyber security portion of the self-inspection, to include security coordination and review of all system assessment plans. Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them. Prepare reports on the status of security safeguards applied to computer systems. Perform ISSO duties in support of in-house and external customers. Conduct continuous monitoring activities for authorization boundaries under your preview. Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts. Experience: 5+ years related experience, especially in developing RMF packages or bodies of evidence. 2+ years SAP experience required. Prior performance in roles such as System, Network Administrator or ISSO. Education: Bachelor's degree in a related area or equivalent experience (4 years) Certifications: IAT Level II ( Security+ CE, CCNA Security, etc) or IAM Level II (in lieu of IAT Level II) Clearance Required to Start: TS/SCI required. Must be able to Attain - TS/SCI with CI Polygraph #AirforceSAPOpportunities #ISSO #TS/SCI The likely salary range for this position is $102,000 - $138,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: 10-25% Telecommuting Options: Onsite Work Location: USA MA Bedford Additional Work Locations: USA MA Avon, USA MA Boston, USA MA Braintree, USA MA Burlington, USA MA Cambridge, USA MA Fort Devens, USA MA Norwood, USA MA Peabody, USA MA Quincy, USA MA Taunton, USA MA Waltham, USA MA Westwood Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Site: Mass General Brigham Incorporated Mass General Brigham relies on a wide range of professionals, including doctors, nurses, business people, tech experts, researchers, and systems analysts to advance our mission. As a not-for-profit, we support patient care, research, teaching, and community service, striving to provide exceptional care. We believe that high-performing teams drive groundbreaking medical discoveries and invite all applicants to join us and experience what it means to be part of Mass General Brigham. Job Summary Summary The Mass General Brigham (MGB) Information Security Engineer III - Application and Cloud Security Lead provides leadership and expertise within the cybersecurity team, specifically overseeing security practices related to application development and cloud infrastructure. This role is responsible for ensuring robust and secure software development lifecycles, implementing advanced security strategies in cloud environments, and driving continuous improvement in both application security and cloud security posture. The Engineer will lead complex security projects, coordinate cross-team collaboration, and mentor junior and mid-level engineers to foster their professional growth. The ideal candidate is a deeply technical minded security professional focused on secure coding practices or development engineering with experience designing and executing strategic / programmatic roadmaps. The Information Security Engineer III may represent the organization in industry forums or regulatory discussions. Additionally, this role actively engages with external partners, vendors, and stakeholders to establish collaborative security strategies and ensure alignment with industry trends and best-in-class security practices. They should have prior experience building application and/or cloud security programs, and experience in multiple of the following areas: * DevSecOps * Strategic program build and design * Secure Code Development * Application Security Testing Tools * CI/CD Pipeline Hardening * Application and Code Vulnerability Analysis * Cloud security expertise Duties include * Collaboratively design the application and cloud security program to meet the needs of Mass General Brigham. Lead engineers in the execution of the strategic roadmap. * Leads the design, development, testing, and implementation of advanced security controls for application development and cloud environments based on published information security policies and business requirements * Establishes and maintains a secure software development lifecycle (SSDLC), incorporating security checkpoints, threat modeling, secure coding standards, and rigorous testing practices. * Drives the implementation and ongoing management of Cloud Security Posture Management (CSPM) tools and strategies, ensuring continuous monitoring and proactive remediation of cloud security issues. * Implement and maintain code analysis tools (e.g., SAST, DAST, IAST, SCA, etc.) to identify security vulnerabilities in code before deployment. Collaborate with development teams to integrate these tools into workflows and provide actionable insights to remediate identified issues, fostering a proactive approach to secure coding practices. * Serves as a technical leader within the cybersecurity team, providing guidance, mentorship, and professional development opportunities for junior and mid-level security engineers. * Collaborates closely with development, operations, and DevOps teams to embed security seamlessly into software development and deployment processes, fostering a DevSecOps culture. * Conducts and oversees application and cloud security assessments, including penetration testing, code reviews, configuration audits, and vulnerability management efforts. * Innovates by researching, evaluating, and proposing new security technologies and methods specifically designed to improve the organization's application and cloud security maturity. * Ensures high-quality, maintainable, and scalable security solutions through comprehensive architecture reviews, security assessments, and alignment with best practices. * Responds promptly and effectively to complex security incidents involving applications and cloud resources, providing expert guidance and leading remediation efforts. * Engages proactively with vendors, industry partners, and stakeholders to leverage external expertise, technologies, and best practices. * Aligns all actions and decisions with organizational values, including Patients First, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and demonstrates commitment to Diversity & Inclusion, Integrity & Respect, Learning & Continuous Improvement, Personal Growth, and Teamwork & Collaboration. * Performs other duties and responsibilities as assigned. Qualifications * Bachelor's degree in Information Security, Computer Science, or related field; advanced degrees or equivalent professional experience preferred. * Minimum of 5+ years of progressive experience in application security, cloud security, or related cybersecurity roles. * Relevant industry certifications preferred (CISSP, CCSP, CSSLP, AWS/Azure Security Specialty, GIAC certifications). Skills for Success * Expert-level knowledge and practical experience in secure software development methodologies, OWASP Top 10, and application security testing tools (SAST, DAST, IAST). * A comprehensive understanding of secure coding principles, with the ability to guide development teams in adhering to these best practices. Hands-on experience with static and dynamic application security testing tools is preferred. * Proven expertise in securing major cloud platforms (AWS, Azure, GCP), including experience with Cloud Security Posture Management tools, cloud-native security services, and infrastructure-as-code security. * Deep understanding of modern software architectures, microservices, APIs, and container security best practices (e.g., Docker, Kubernetes). * Ability to think strategically, creatively, and innovatively to design and implement robust security controls. * Demonstrated leadership skills with strong project management capabilities, able to effectively communicate complex technical security issues clearly to technical and non-technical stakeholders. * Proven track record of delivering and managing successful security projects and continuous improvement initiatives. * Strong ability to apply documented processes, playbooks, and frameworks (e.g., OWASP, NIST CSF, etc.) to effectively address and resolve a wide variety of application security challenges. * Knowledge of established security frameworks, including NIST Cybersecurity Framework (CSF), NIST 800-53 with a focus on their application in securing software and application environments. * Preferred certifications include: Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), GIAC Penetration Tester Certification (GPEN), GIAC Experienced Penetration Tester (GX-PT), GIAC Certified Red Team Professional (GRTP), GIAC Security Operations Certified (GSOC), GIAC Security Expert (GSE), etc. * Must know how to use common M365 Office Suite of products. Additional Job Details (if applicable) * M-F Eastern Business Hours required * Hybrid onsite Flexible working model required weekly includes onsite in office (number of days weekly can vary, must be flexible for business needs) * 1-2 onsite days per week * Remote working days require stable, secure, quiet, compliant working station The salary range for this position is $92,102.14 to $155,032,25 annually. At Mass General Brigham, we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive, and any offer extended will take into account your skills, relevant experience, if applicable, education, certifications, and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however, it does not encompass all elements contributing to your total compensation package. In addition to competitive base pay, we offer comprehensive benefits, career advancement opportunities, differentials, premiums, and bonuses as applicable, and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply, and our Talent Acquisition team will provide an overview of your potential compensation and benefits package. Remote Type Hybrid Work Location 399 Revolution Drive Scheduled Weekly Hours 40 Employee Type Regular Work Shift Day (United States of America) Pay Range $92,102.40 - $134,056.00/Annual Grade 7 At Mass General Brigham, we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive, and any offer extended will take into account your skills, relevant experience if applicable, education, certifications and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however, it does not encompass all elements contributing to your total compensation package. In addition to competitive base pay, we offer comprehensive benefits, career advancement opportunities, differentials, premiums and bonuses as applicable and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply, and our Talent Acquisition team will provide an overview of your potential compensation and benefits package. EEO Statement: Mass General Brigham Incorporated is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under law. We will ensure that all individuals with a disability are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. To ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veteran's Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact Human Resources at **************. Mass General Brigham Competency Framework At Mass General Brigham, our competency framework defines what effective leadership "looks like" by specifying which behaviors are most critical for successful performance at each job level. The framework is comprised of ten competencies (half People-Focused, half Performance-Focused) and are defined by observable and measurable skills and behaviors that contribute to workplace effectiveness and career success. These competencies are used to evaluate performance, make hiring decisions, identify development needs, mobilize employees across our system, and establish a strong talent pipeline.

Apply Now Classified Security Analyst Clearance Level: Must have a Top Secret Clearance to be considered for this opportunity and eligible for SCI At Aquila Technology, you will see our team's passion every day, whether we are building a robust, policy-compliant IT system or stress-testing a system to identify gaps and security vulnerabilities. To own the advantage, we ensure our team owns results and gets the work done right the first time by deploying smart, purposeful solutions that work. Aquila is the right people with the right skills driving the right outcomes. We call this the Aquila Advantage. Aquila Technology is seeking a Security Analyst to join our team in supporting one of the country's premier defense research organizations. The Security Analyst will will work in a team dedicated to identify and counter security threats and development of game-changing technology in support of national security, including guarding against compromise by foreign intelligence agencies and insider threats. There are a few requirements for the position: * Must be a U.S Citizen- Authorized to Work in the US - Must have an Active Top Secret/ Clearance and eligible for a SCI (Green Cards / Visas DO NOT qualify) * Willingness to undergo a comprehensive background investigation and maintain a personal security clearance. (Aquila would sponsor you for the security clearance.) * Must be within 100 miles from Lexington Massachusetts. Must Have * Currently holds a Top Secret/SCI clearance * 3 years - Ensures compliance with operational security and emergency action plans. * 3 years - Experience as a Security Officer or Control Officer * 3 years - Facilitates indoctrinations and debriefings, personnel file maintenance * 3 years - Familiarity with security management software, such as SIMS and government databases such as DISS * 3 years - Investigates and documents security incidents, develops and manages corrective actions. * 3 years - NISPOM 32 CFR Part 117 experience * 3 years - Oversee facility access control and assist with drafting construction security plans Nice to Have * Degree Level: Bachelor's Degree Responsibilities to Include: * Physical Security: Oversees facility access control, construction and renovation activities, and develops Construction Security Plans (CSPs). * Classified Material Control: Manages the creation, transfer, and destruction of classified materials and digital media in accordance with policy. * Personnel Security: Conducts indoctrinations and debriefings, maintains personnel security files, manages reporting, and coordinates visit authorizations. * Security Education & Awareness: Delivers annual training, access briefings, and OPSEC awareness programs. * Risk Management: Investigates, documents, and resolves security incidents; implements corrective actions. * Emergency Planning: Maintains compliance with operational security and emergency action plans. Requirements: * Experience: Minimum 3 years as a CPSO, CSSO, TSCO, or PSO supporting DoD or Intelligence Community programs. * Regulatory Knowledge: Proficient in applying DoD and IC security directives, including NISPOM (32 CFR Part 117) and ICD requirements. * Education: Bachelor's degree or equivalent experience (minimum 3 years). * Technical Skills: Proficient with SIMS, DISS, and standard business software (Excel, Word, PowerPoint). Benefits and Perks: Aquila team members experience the opportunity to be part of a fast-paced, customer-focused, and technically innovative work environment. Aquila strives to deliver the best of the best in technical services to our customers. Candidates that possess a love for technical challenges, a desire to constantly learn, and the desire to establish themselves as critical players within a team will enjoy calling Aquila Technology home. Our Perks Include: * PTO - 15 days (vacation/sick) 10 paid holidays - 6 standard (New Year's, Memorial Day, Independence Day, Labor Day, Thanksgiving, and Christmas) - 4 floating holidays prorated based on your day of hire * 1.5 paid days, or 12 hours, for approved volunteer work * 1 week of paid maternity/paternity LOA after 1 year of Full-time employment * Tuition & Training Reimbursement - 5K annually for pre-approved, job-related tuition, certification, or professional conferences * 401K with Fidelity 100% immediate vesting; Plan eligibility begins 90 days following the date of hire. Aquila matches 50 cents on the dollar, up to 6%. * Cell Phone & Internet Reimbursed up to $150 monthly to cover cell phone, data, and home internet expenses. * Buy Your Own Device (BYOD) Allowance Reimbursed up to $1500 for the purchase of a qualified technology device. Eligible after 90 days of employment, and benefit renews every three years. Clearance Level: Active Top Secret with SCI eligibility Location: Onsite 100%, 5 days/wk; position hours 11 a.m.-7 p.m.; occasional after-hours response or local travel as required. Interview Process: Initial zoom screening, and then a second round virtual panel interview with the hiring team. We are an Equal Opportunity Employer. Apply Now

Site: Mass General Brigham Incorporated Mass General Brigham relies on a wide range of professionals, including doctors, nurses, business people, tech experts, researchers, and systems analysts to advance our mission. As a not-for-profit, we support patient care, research, teaching, and community service, striving to provide exceptional care. We believe that high-performing teams drive groundbreaking medical discoveries and invite all applicants to join us and experience what it means to be part of Mass General Brigham. Job Summary Summary The Mass General Brigham (MGB) Information Security Engineer III - Application and Cloud Security Lead provides leadership and expertise within the cybersecurity team, specifically overseeing security practices related to application development and cloud infrastructure. This role is responsible for ensuring robust and secure software development lifecycles, implementing advanced security strategies in cloud environments, and driving continuous improvement in both application security and cloud security posture. The Engineer will lead complex security projects, coordinate cross-team collaboration, and mentor junior and mid-level engineers to foster their professional growth. The ideal candidate is a deeply technical minded security professional focused on secure coding practices or development engineering with experience designing and executing strategic / programmatic roadmaps. The Information Security Engineer III may represent the organization in industry forums or regulatory discussions. Additionally, this role actively engages with external partners, vendors, and stakeholders to establish collaborative security strategies and ensure alignment with industry trends and best-in-class security practices. They should have prior experience building application and/or cloud security programs, and experience in multiple of the following areas: • DevSecOps • Strategic program build and design • Secure Code Development • Application Security Testing Tools • CI/CD Pipeline Hardening • Application and Code Vulnerability Analysis • Cloud security expertise Duties include • Collaboratively design the application and cloud security program to meet the needs of Mass General Brigham. Lead engineers in the execution of the strategic roadmap. • Leads the design, development, testing, and implementation of advanced security controls for application development and cloud environments based on published information security policies and business requirements • Establishes and maintains a secure software development lifecycle (SSDLC), incorporating security checkpoints, threat modeling, secure coding standards, and rigorous testing practices. • Drives the implementation and ongoing management of Cloud Security Posture Management (CSPM) tools and strategies, ensuring continuous monitoring and proactive remediation of cloud security issues. • Implement and maintain code analysis tools (e.g., SAST, DAST, IAST, SCA, etc.) to identify security vulnerabilities in code before deployment. Collaborate with development teams to integrate these tools into workflows and provide actionable insights to remediate identified issues, fostering a proactive approach to secure coding practices. • Serves as a technical leader within the cybersecurity team, providing guidance, mentorship, and professional development opportunities for junior and mid-level security engineers. • Collaborates closely with development, operations, and DevOps teams to embed security seamlessly into software development and deployment processes, fostering a DevSecOps culture. • Conducts and oversees application and cloud security assessments, including penetration testing, code reviews, configuration audits, and vulnerability management efforts. • Innovates by researching, evaluating, and proposing new security technologies and methods specifically designed to improve the organization's application and cloud security maturity. • Ensures high-quality, maintainable, and scalable security solutions through comprehensive architecture reviews, security assessments, and alignment with best practices. • Responds promptly and effectively to complex security incidents involving applications and cloud resources, providing expert guidance and leading remediation efforts. • Engages proactively with vendors, industry partners, and stakeholders to leverage external expertise, technologies, and best practices. • Aligns all actions and decisions with organizational values, including Patients First, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and demonstrates commitment to Diversity & Inclusion, Integrity & Respect, Learning & Continuous Improvement, Personal Growth, and Teamwork & Collaboration. • Performs other duties and responsibilities as assigned. Qualifications Bachelor's degree in Information Security, Computer Science, or related field; advanced degrees or equivalent professional experience preferred. Minimum of 5+ years of progressive experience in application security, cloud security, or related cybersecurity roles. Relevant industry certifications preferred (CISSP, CCSP, CSSLP, AWS/Azure Security Specialty, GIAC certifications). Skills for Success Expert-level knowledge and practical experience in secure software development methodologies, OWASP Top 10, and application security testing tools (SAST, DAST, IAST). A comprehensive understanding of secure coding principles, with the ability to guide development teams in adhering to these best practices. Hands-on experience with static and dynamic application security testing tools is preferred. Proven expertise in securing major cloud platforms (AWS, Azure, GCP), including experience with Cloud Security Posture Management tools, cloud-native security services, and infrastructure-as-code security. Deep understanding of modern software architectures, microservices, APIs, and container security best practices (e.g., Docker, Kubernetes). Ability to think strategically, creatively, and innovatively to design and implement robust security controls. Demonstrated leadership skills with strong project management capabilities, able to effectively communicate complex technical security issues clearly to technical and non-technical stakeholders. Proven track record of delivering and managing successful security projects and continuous improvement initiatives. Strong ability to apply documented processes, playbooks, and frameworks (e.g., OWASP, NIST CSF, etc.) to effectively address and resolve a wide variety of application security challenges. Knowledge of established security frameworks, including NIST Cybersecurity Framework (CSF), NIST 800-53 with a focus on their application in securing software and application environments. Preferred certifications include: Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), GIAC Penetration Tester Certification (GPEN), GIAC Experienced Penetration Tester (GX-PT), GIAC Certified Red Team Professional (GRTP), GIAC Security Operations Certified (GSOC), GIAC Security Expert (GSE), etc. Must know how to use common M365 Office Suite of products. Additional Job Details (if applicable) M-F Eastern Business Hours required Hybrid onsite Flexible working model required weekly includes onsite in office (number of days weekly can vary, must be flexible for business needs) 1-2 onsite days per week Remote working days require stable, secure, quiet, compliant working station The salary range for this position is $92,102.14 to $155,032,25 annually. At Mass General Brigham, we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive, and any offer extended will take into account your skills, relevant experience, if applicable, education, certifications, and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however, it does not encompass all elements contributing to your total compensation package. In addition to competitive base pay, we offer comprehensive benefits, career advancement opportunities, differentials, premiums, and bonuses as applicable, and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply, and our Talent Acquisition team will provide an overview of your potential compensation and benefits package. Remote Type Hybrid Work Location 399 Revolution Drive Scheduled Weekly Hours 40 Employee Type Regular Work Shift Day (United States of America) Pay Range $92,102.40 - $134,056.00/Annual Grade 7 At Mass General Brigham, we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive, and any offer extended will take into account your skills, relevant experience if applicable, education, certifications and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however, it does not encompass all elements contributing to your total compensation package. In addition to competitive base pay, we offer comprehensive benefits, career advancement opportunities, differentials, premiums and bonuses as applicable and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply, and our Talent Acquisition team will provide an overview of your potential compensation and benefits package. EEO Statement: Mass General Brigham Incorporated is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under law. We will ensure that all individuals with a disability are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. To ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veteran's Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact Human Resources at **************. Mass General Brigham Competency Framework At Mass General Brigham, our competency framework defines what effective leadership “looks like” by specifying which behaviors are most critical for successful performance at each job level. The framework is comprised of ten competencies (half People-Focused, half Performance-Focused) and are defined by observable and measurable skills and behaviors that contribute to workplace effectiveness and career success. These competencies are used to evaluate performance, make hiring decisions, identify development needs, mobilize employees across our system, and establish a strong talent pipeline.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Introduction Werfen is a growing, family-owned, innovative company founded in 1966 in Barcelona, Spain. We are a worldwide leader in specialized diagnostics in the areas of Hemostasis, Acute Care Diagnostics, Transfusion, Autoimmunity, and Transplant. Through our Original Equipment Manufacturing (OEM) business line, we research, develop, and manufacture customized assays and biomaterials. We operate directly in 30 countries, and in more than 100 territories through distributors. Our Headquarters and Technology Centers are located in the US and Europe, and our workforce is more than 7,000 strong. Our success comes from a specific focus in these rapidly evolving diagnostic areas, our commitment to customers, and our dedication to innovation and quality. We're passionate about providing healthcare professionals the most valuable and complete solutions to improve hospital efficiency and enhance patient care. Overview Job Summary We are seeking a skilled and security-conscious Cloud Engineer to join our dynamic Cybersecurity team. This role is pivotal in designing, deploying, and maintaining our secure cloud infrastructure, with a primary focus on Microsoft Azure and the M365 ecosystem. You will be responsible for translating security requirements into tangible technical controls, ensuring our cloud services are resilient, compliant, and hardened against modern threats. This position directly adds value by enhancing the organization's security posture and enabling the business to leverage cloud technologies safely and efficiently. Your unique contribution will be as the subject matter expert who bridges the gap between cloud infrastructure and cybersecurity policy. Responsibilities Key Accountabilities Design, deploy, and manage secure cloud infrastructure (IaaS, PaaS, SaaS) in Microsoft Azure, ensuring alignment with security best practices and architectural standards. Administer and secure the Microsoft 365 environment, including Entra ID, Exchange Online, SharePoint, and Teams, with a focus on implementing robust security configurations and policies. Implement, manage, and tune M365 security tools such as the Microsoft Defender suite, Purview Information Protection, and Microsoft Intune for endpoint management and data loss prevention. Utilize scripting languages, primarily PowerShell, to automate security tasks, compliance checks, reporting, and administrative routines within Azure and M365. Manage Identity and Access Management (IAM), including roles, permissions, and privileged access (PIM), enforcing the principle of least privilege across all cloud platforms. Configure and manage cloud networking components, such as Virtual Networks (VNETs), Network Security Groups (NSGs), and Azure Firewall to segment and protect network traffic. Monitor cloud environments for security threats, vulnerabilities, and misconfigurations, and collaborate with the Security Operations Center (SOC) during incident response. Create and maintain comprehensive documentation for cloud architecture, security configurations, and operational procedures to ensure clarity and business continuity. Performs other duties and responsibilities as assigned. Networking/Key relationships Cybersecurity Team: Collaborate daily on security strategy, threat intelligence, incident response, and implementing security controls. IT Infrastructure Team: Partner on network integration, on-premises connectivity (hybrid cloud), and core infrastructure dependencies. Application Development Teams: Advise on secure development practices and CI/CD pipelines to ensure applications are deployed securely in the cloud. IT Service Desk: Act as a tier 3 escalation point for complex cloud and M365-related security issues. Compliance & Audit Teams: Provide evidence and support during internal and external audits to demonstrate adherence to security frameworks and regulations. Business Stakeholders: Engage with various departments to understand their needs and implement cloud solutions that enable their goals without compromising security. External Vendors (e.g., Microsoft): Manage vendor relationships for technical support, licensing, and staying abreast of new security features and product roadmaps. Qualifications Minimum Knowledge & Experience for the position: Education: Bachelor's Degree in Cybersecurity, Computer Science, Information Technology, or a related field, or equivalent professional experience. Experience: 3-5 years of hands-on experience in a cloud engineering, systems administration, or cybersecurity role with a strong focus on cloud environments. Direct experience deploying and securing solutions in Microsoft Azure and M365 is required. Skills & Capabilities: Strong proficiency in Microsoft Azure services (IaaS and PaaS), including Virtual Machines, Storage, VNETs, and Azure App Services. In-depth knowledge of Microsoft 365 administration and security features, particularly Entra ID, Defender for Cloud Apps, Defender for Endpoint, and Intune. Experience with Infrastructure as Code (IaC) tools such as Terraform, Azure Bicep, or ARM Templates. Proficiency in scripting languages for automation, with a strong preference for PowerShell. Solid understanding of cloud networking concepts, including VNETs, subnets, NSGs, VPNs, and firewalls. Strong knowledge of core cybersecurity principles: Identity and Access Management (IAM), encryption, logging, monitoring, and threat modeling. Experience with both Windows Server and Linux operating systems in a cloud context. Excellent analytical and problem-solving skills, with the ability to troubleshoot complex technical issues. Strong verbal and written communication skills, capable of explaining complex concepts to both technical and non-technical audiences. Relevant industry certifications (e.g., Microsoft Certified: Azure Security Engineer Associate (AZ-500), Microsoft 365 Certified: Security Administrator Associate (MS-500)) are highly desirable. Travel Requirements: Minimal travel required, approximately The annual base salary range for this role is currently $130,000 range to $160,000 range. Individual employee compensation will ultimately depend on factors including education, relevant experience, skillset, knowledge, and particular business needs. This role is eligible for medical, dental, and vision insurance, 401k plan retirement benefits with an employer match, as well as paid vacation and sick leave. Our sales roles are eligible for participation in a commission plan and our management, and select professional roles, are eligible for a performance-based bonus. Closing If you are interested in constantly learning and being challenged on a daily basis we encourage you to submit your resume or CV. Werfen is an Equal Opportunity employer and is committed to a diverse workplace. Werfen strictly prohibits unlawful discrimination, harassment or retaliation based upon an individual's race, color, religion, gender, sexual orientation, gender identity/expression, national origin/ancestry, age, mental/physical disability, medical condition, marital status, veteran status, or any other protected characteristic as defined by applicable state or federal law. If you have a disability and need an accommodation in relation to the online application process, please contact ****************************** for assistance. We operate directly in over 30 countries, and in more than 100 territories through distributors. Annual revenue is approximately $2 billion and more than 7,000 employees around the world comprise our Werfen team. **************

Introduction Werfen is a growing, family-owned, innovative company founded in 1966 in Barcelona, Spain. We are a worldwide leader in specialized diagnostics in the areas of Hemostasis, Acute Care Diagnostics, Transfusion, Autoimmunity, and Transplant. Through our Original Equipment Manufacturing (OEM) business line, we research, develop, and manufacture customized assays and biomaterials. We operate directly in 30 countries, and in more than 100 territories through distributors. Our Headquarters and Technology Centers are located in the US and Europe, and our workforce is more than 7,000 strong. Our success comes from a specific focus in these rapidly evolving diagnostic areas, our commitment to customers, and our dedication to innovation and quality. We're passionate about providing healthcare professionals the most valuable and complete solutions to improve hospital efficiency and enhance patient care. Overview Job Summary We are seeking a skilled and security-conscious Cloud Engineer to join our dynamic Cybersecurity team. This role is pivotal in designing, deploying, and maintaining our secure cloud infrastructure, with a primary focus on Microsoft Azure and the M365 ecosystem. You will be responsible for translating security requirements into tangible technical controls, ensuring our cloud services are resilient, compliant, and hardened against modern threats. This position directly adds value by enhancing the organization's security posture and enabling the business to leverage cloud technologies safely and efficiently. Your unique contribution will be as the subject matter expert who bridges the gap between cloud infrastructure and cybersecurity policy. Responsibilities Key Accountabilities Design, deploy, and manage secure cloud infrastructure (IaaS, PaaS, SaaS) in Microsoft Azure, ensuring alignment with security best practices and architectural standards. Administer and secure the Microsoft 365 environment, including Entra ID, Exchange Online, SharePoint, and Teams, with a focus on implementing robust security configurations and policies. Implement, manage, and tune M365 security tools such as the Microsoft Defender suite, Purview Information Protection, and Microsoft Intune for endpoint management and data loss prevention. Utilize scripting languages, primarily PowerShell, to automate security tasks, compliance checks, reporting, and administrative routines within Azure and M365. Manage Identity and Access Management (IAM), including roles, permissions, and privileged access (PIM), enforcing the principle of least privilege across all cloud platforms. Configure and manage cloud networking components, such as Virtual Networks (VNETs), Network Security Groups (NSGs), and Azure Firewall to segment and protect network traffic. Monitor cloud environments for security threats, vulnerabilities, and misconfigurations, and collaborate with the Security Operations Center (SOC) during incident response. Create and maintain comprehensive documentation for cloud architecture, security configurations, and operational procedures to ensure clarity and business continuity. Performs other duties and responsibilities as assigned. Networking/Key relationships Cybersecurity Team: Collaborate daily on security strategy, threat intelligence, incident response, and implementing security controls. IT Infrastructure Team: Partner on network integration, on-premises connectivity (hybrid cloud), and core infrastructure dependencies. Application Development Teams: Advise on secure development practices and CI/CD pipelines to ensure applications are deployed securely in the cloud. IT Service Desk: Act as a tier 3 escalation point for complex cloud and M365-related security issues. Compliance & Audit Teams: Provide evidence and support during internal and external audits to demonstrate adherence to security frameworks and regulations. Business Stakeholders: Engage with various departments to understand their needs and implement cloud solutions that enable their goals without compromising security. External Vendors (e.g., Microsoft): Manage vendor relationships for technical support, licensing, and staying abreast of new security features and product roadmaps. Qualifications Minimum Knowledge & Experience for the position: Education: Bachelor's Degree in Cybersecurity, Computer Science, Information Technology, or a related field, or equivalent professional experience. Experience: 3-5 years of hands-on experience in a cloud engineering, systems administration, or cybersecurity role with a strong focus on cloud environments. Direct experience deploying and securing solutions in Microsoft Azure and M365 is required. Skills & Capabilities: Strong proficiency in Microsoft Azure services (IaaS and PaaS), including Virtual Machines, Storage, VNETs, and Azure App Services. In-depth knowledge of Microsoft 365 administration and security features, particularly Entra ID, Defender for Cloud Apps, Defender for Endpoint, and Intune. Experience with Infrastructure as Code (IaC) tools such as Terraform, Azure Bicep, or ARM Templates. Proficiency in scripting languages for automation, with a strong preference for PowerShell. Solid understanding of cloud networking concepts, including VNETs, subnets, NSGs, VPNs, and firewalls. Strong knowledge of core cybersecurity principles: Identity and Access Management (IAM), encryption, logging, monitoring, and threat modeling. Experience with both Windows Server and Linux operating systems in a cloud context. Excellent analytical and problem-solving skills, with the ability to troubleshoot complex technical issues. Strong verbal and written communication skills, capable of explaining complex concepts to both technical and non-technical audiences. Relevant industry certifications (e.g., Microsoft Certified: Azure Security Engineer Associate (AZ-500), Microsoft 365 Certified: Security Administrator Associate (MS-500)) are highly desirable. Travel Requirements: Minimal travel required, approximately The annual base salary range for this role is currently $130,000 range to $160,000 range. Individual employee compensation will ultimately depend on factors including education, relevant experience, skillset, knowledge, and particular business needs. This role is eligible for medical, dental, and vision insurance, 401k plan retirement benefits with an employer match, as well as paid vacation and sick leave. Our sales roles are eligible for participation in a commission plan and our management, and select professional roles, are eligible for a performance-based bonus. Closing If you are interested in constantly learning and being challenged on a daily basis we encourage you to submit your resume or CV. Werfen is an Equal Opportunity employer and is committed to a diverse workplace. Werfen strictly prohibits unlawful discrimination, harassment or retaliation based upon an individual's race, color, religion, gender, sexual orientation, gender identity/expression, national origin/ancestry, age, mental/physical disability, medical condition, marital status, veteran status, or any other protected characteristic as defined by applicable state or federal law. If you have a disability and need an accommodation in relation to the online application process, please contact ****************************** for assistance. We operate directly in over 30 countries, and in more than 100 territories through distributors. Annual revenue is approximately $2 billion and more than 7,000 employees around the world comprise our Werfen team. **************

The driving force behind our success has always been the people of AspenTech. What drives us, is our aspiration, our desire and ambition to keep pushing the envelope, overcoming any hurdle, challenging the status quo to continually find a better way. You will experience these qualities of passion, pride and aspiration in many ways - from a rich set of career development programs to support of community service projects to social events that foster fun and relationship building across our global community. The RoleAspenTech is an AI-powered software company helping the world's leading energy, chemical and engineering companies succeed in their digital transformation, making their operations more efficient and reducing impact on the environment. At AspenTech, you will be part of a global market-leading company with double digit growth and a blue-chip customer base. We offer the opportunity to make an impact, to drive innovation and to be an agent of positive change. Our culture and vision have taken dramatic leaps forward over the past two years and we still have work to do. We need extraordinary individuals to pave the way ahead. The reviews on here paint many stories of successes, failures, excitement and disappointment. Every person has their own story. We strive to make your story at AspenTech a great one. Under the direction of the VP of Product Security this role is a key member for day-to-day operations of Product Security at Aspen Technology. This role will help protect our clients, enable teams to deliver secure development, and position us for future security needs. This thought leader will help drive mitigation of risk thru activities such as developing Threat Models, driving Risk Assessments, reviewing alignment of standard controls to mitigate risks in products, oversee vulnerability tracking, ensure security documentation and compliance with security lifecycle activities for product security releases. This could include supporting compliance documents, secure patch release, security incidents, security communications, the security champion program, and product security verification/validation activities. This role will work closely with development teams, senior leaders, and teams across the organization. This role will work with teams across the organization to mitigate risks, protect our customers, protect our assets, and enable secure activities. The Principal Security Engineer will support the development and execution of product security strategic efforts to meet business and technology objectives. This role will also support the continuously improving product security policies, procedures, tools, guidelines, and security awareness. This role will also maintain a vigilant awareness of industry threats, standards, regulations, and best practices to enhance our security profile.Your Impact Responsible for supporting the design, implementation, and oversight of Product Secure Development Lifecycle. Including aspects such as security requirements, secure architecture/design, risk assessment, threat models, security scanning, triage and vulnerability management, and product security validation/verification. Administers product security practices to product teams, technology, and security champions across the organization. Drive Product Security efforts to resolve challenges, enable automation, and impact organization security culture Monitors information security best practices, standards, regulations, industry threats and risks for improvements to product security practices. Maintains a deep understanding of current issues in the realm of information security. Subscribes to major industry newsgroups and mailing lists and assesses the impact of all emerging issues on systems and practices at Aspen Technology. Monitors security bulletins and alerts from all Aspen Technology's information system vendors. Evaluates vulnerability impact and formulates and executes risk mitigation plans for product security. Member of the AspenTech Security Emergency Response Team (ASERT) providing expert analysis of security customer reported security incidents. Works with information resource owners during and after security incidents; work with product teams for analysis; recommends best practices and solutions. Where appropriate, work with product teams, technology teams, client support and customer contacts. Occasionally after hours and weekend work to perform tasks that cannot be done during business hours. What You'll Need Bachelor's degree (B.A./B.S.) or equivalent in computer science or technical equivalent discipline from an accredited college or university required 8+ years of experience in IT required 5+ years of experience in an information security role or experience with security and development teams. Knowledge of information security regulatory requirements for privacy, secure by design, and defense in depth Maintains broad understanding of information security including ISO27002, NIST and other information security frameworks and regulations. Experience with Application/Product Security, Risk Assessment, Threat Models, Secure Architecture/Design, Security Scanning. (SAST, DAST, SCA, cloud security configuration scanning) Experience with cloud solutions such as Azure and AWS - Experience with security policy, procedures, tools, services, and cloud security models. Demonstrated ability to plan, design, develop, deploy, and maintain application security best practices Ability to assume high levels of responsibility and to work with a minimum of day-to-day supervision Ability to cooperatively and effectively work with people from all organizational levels and build consensus through negotiation and diplomacy Preferable exposure to the following: IEC 62443-4-1, IEC 62443-4-2, NIST 800-53, ISO 27001, ISO 27002, Cloud Security Alliance (CSA), Cybersecurity and Infrastructure Security Agency (CISA), SANS, OWASP, CWE 25, ethical hacking, and AI Security best practices. Desired domain knowledge and/or certification: CISSP, CISA, CCSP, CSSLP, CEH, SANS GIAC, security certification from AWS or Azure Desired knowledge of the following Technologies: Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA) Experience with Application Security Best Practices such as web security, cloud security, pen testing, fuzz testing, security coding guidelines, security architecture/design principles, CVSS, STRIDE, DREAD Experience with Application development technologies, processes, and best practices. For example: Agile, RUP, CICD, DevSecOps #LI-WJ1 The salary range for this role is $120,900.00 - $151,100.00. This range represents what we in good faith believe is the range possible for base compensation for this role at the time of this posting. We may ultimately pay more or less than the posted range based on several factors. This range may be modified in the future. This role is also eligible for bonus or variable incentive pay. Additionally, we offer a comprehensive benefits package including paid time off, charitable giveback day, medical/dental/vision insurance, and retirement benefits to eligible employees.

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ******************* Job Function: Technology Enterprise Strategy & Security Job Sub Function: Security & Controls Job Category: Scientific/Technology All Job Posting Locations: Danvers, Massachusetts, United States of America, Raritan, New Jersey, United States of America Job Description: Johnson & Johnson's MedTech cybersecurity team is recruiting for an experienced Sr Product Security Engineer to be based in Danvers, MA or Raritan, NJ. This role can also be remote or hybrid work. This role will require up to 10% travel. As the world's most comprehensive MedTech business, J&J MedTech Companies are building on a century of experience, merging science and technology, to shape the future of health and benefit even more people around the world. With our unparalleled breadth, depth and reach across heart recovery, surgery, orthopedics and interventional solutions, we're working to profoundly change the way care is delivered. We are in this for life. For more information, visit ******************************** At Johnson & Johnson, we all belong. Are you passionate about security and interested in joining a community of collaborative colleagues working in a Patient First! culture? If that's you, we have an immediate opportunity for a Sr Product Security Engineer to join the Product Cybersecurity team to help ensure security is implemented by design for this top-performing medical device company. This is an exciting opportunity to impact development initiatives that will shape future product development and industry standards. You will own the Product Security process for the products that you will support throughout the product development lifecycle which includes both pre-market and post-market processes engineering teams. If you are eager to leverage your security risk and compliance skills to make a difference and directly impact patient lives, this could be perfect for you. Purpose: The Senior Product Security Engineer will be responsible for implementation of J&J's enterprise Product Security strategy and framework throughout the Heart Recovery portfolio of medical devices and supporting platforms. This role will join Abiomed, part of Johnson & Johnson MedTech, to provide technical expertise and strategic leadership in securing Impella heart pump technologies, next-generation cardiac support systems, and connected medical devices. This role is responsible for delivering security architecture, cryptographic controls, embedded system protections/controls, and threat mitigation techniques to ensure robust, regulatory-compliant security across the product lifecycle. Specific responsibilities include supporting heart recovery throughout a new product's development phases, review product security requirements and recommend security design solutions, complete Quality documentation, threat modelling, coordinate third-party penetration testing, software architecture review and design recommendations, code analysis and other security testing work as needed. Additionally, this position will have post market responsibilities for Heart Recovery marketed devices include monitoring for new vulnerabilities, assisting with patching and remediation plans, as well as responding to customer security questionnaires and reviewing security language within contractual agreements as needed. Drive alignment to J&J Product Security's overarching framework. Support the Product Security strategy and objectives within Heart Recovery Define and implement secure boot, firmware integrity validation, and anti-tamper mechanisms to protect Heart Recovery Device firmware against unauthorized modification. Enforce cryptographic protocols for data-at-rest and data-in-transit, ensuring compliance with FDA cybersecurity requirements, NIST 800-175, FIPS 140-3, and IEC 62443. Define and implement key management infrastructure (PKI, HSMs, TPMs, and secure enclave integration) for device identity, authentication, and software signing. Develop real-time vulnerability assessment techniques for detecting security flaws in wireless communications (Bluetooth LE, NFC, Wi-Fi, 5G, proprietary RF) used in Heart Recovery's medical devices. Implement Zero Trust security for device-to-cloud connectivity, integrating mTLS and continuous authentication models into clinical applications. Oversee secure OTA (over-the-air) update mechanisms, ensuring firmware rollbacks, code signing, and supply chain integrity validation. Embedded Security & Secure Development Lifecycle: Lead Secure Development Lifecycle practices, integrating threat modeling, static/dynamic analysis, fuzz testing, and formal verification into the development process. Work with R&D Engineering to define hardware security architecture, including trust zones, hardware root of trust (HRoT), and secure microcontroller protections Implement memory safety strategies to mitigate buffer overflows, side-channel attacks, and execution vulnerabilities in real-time operating systems (RTOS) and bare-metal firmware. Respond to customer cybersecurity questionnaires and contractual language for post-market medical devices under your responsibility as necessary. Qualifications Required: •5+ years industry experience in Information Security •3+ years experience with embedded system, IOT, or medical device cybersecurity •Bachelor's degree or equivalent •Experience generating Threat models without the use of threat modeling tools •Experience performing risk assessments utilizing CVSS 3.1 or higher, with STRIDE per element •Ability to write technical security requirements for embedded systems and web platforms based on the latest regulations •Understanding and execution of third-party penetration testing, vulnerability scanning, CVSS and/or other general security testing principles •Experience supporting regulatory security submissions, ensuring compliance with FDA Cybersecurity Guidance (2025), EU MDR, NIST 800-53, IMDRF, and AAMI TIR57. •Knowledge of real-time operating systems hardening techniques •Knowledge of cloud security principles •Ability to generate SBOMs from Software source code and Binaries, Firmware, and Operating Systems •Ability to generate pre-market risk assessments against the threat model leveraging STRIDE and post-market risk assessments via SCA SBOM scans. •Ability to generate the security architecture views for medical devices that could include: Global System View, Multi-Patient Harm View, Updateability/Patchability view and, detailing system boundaries, data flows, and external interactions to show risk mitigation, ensuring transparency, and supporting post-market management •Ability to translate technical security requirements into solutions •Ability to provide secure coding recommendations and execute reviews •Data privacy experience, including HIPAA and GDPR •Understanding of industry standards and certifications such as HITRUST & ISO 27001 •Ability to work autonomously and proactively seek out product security opportunities within heart recovery •Ability to lead large projects and proven ability to track to project plan timelines from a security perspective •Ability to create and deliver cybersecurity awareness campaigns and other communications •Creative problem-solving skills •Customer focus (internal & external) •Excellent communication and collaboration skills, able to network, interface and influence at all levels of the organization, cross sector, cross-functionally and globally •Strong leadership skills Preferred Skills: •Experience leading or participating in formal security audits •Experience with Operating Systems such as QNX QOS, Yocto •Familiarity with FDA and/or other global regulatory cybersecurity guidance requirements and submission process •Experience with web applications and server hardening (i.e. AWS, Azure) including knowledge of OWASP Top 10 and blue teaming techniques •Experience in cybersecurity pre-sales •Software development experience •CISSP, CISM, or other security certification •MS and/or advanced degree Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation, please contact us via *******************/contact-us/careers or contact AskGS to be directed to your accommodation resource. Required Skills: Preferred Skills: Compliance Management, Crisis Management, Cross-Functional Collaboration, Fraud Management, Legal Services, Mentorship, Process Improvements, Risk Assessments, Security Architecture Design, Security Framework, Security Incident Response, Security Planning, Security Policies, Standard Operating Procedure (SOP), Tactical Planning, Technical Credibility The anticipated base pay range for this position is : $102,000.00 - $177,100.00 Additional Description for Pay Transparency: Subject to the terms of their respective plans, employees are eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). Subject to the terms of their respective policies and date of hire, Employees are eligible for the following time off benefits: Vacation -120 hours per calendar year Sick time - 40 hours per calendar year; for employees who reside in the State of Washington -56 hours per calendar year Holiday pay, including Floating Holidays -13 days per calendar year Work, Personal and Family Time - up to 40 hours per calendar year Parental Leave - 480 hours within one year of the birth/adoption/foster care of a child Condolence Leave - 30 days for an immediate family member: 5 days for an extended family member Caregiver Leave - 10 days Volunteer Leave - 4 days Military Spouse Time-Off - 80 hours Additional information can be found through the link below. *********************************************

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ******************* Job Function: Technology Enterprise Strategy & Security Job Sub Function: Security & Controls Job Category: Scientific/Technology All Job Posting Locations: Danvers, Massachusetts, United States of America, Raritan, New Jersey, United States of America Job Description: Johnson & Johnson's MedTech cybersecurity team is recruiting for an experienced Sr Product Security Engineer to be based in Danvers, MA or Raritan, NJ. This role can also be remote or hybrid work. This role will require up to 10% travel. As the world's most comprehensive MedTech business, J&J MedTech Companies are building on a century of experience, merging science and technology, to shape the future of health and benefit even more people around the world. With our unparalleled breadth, depth and reach across heart recovery, surgery, orthopedics and interventional solutions, we're working to profoundly change the way care is delivered. We are in this for life. For more information, visit ******************************** At Johnson & Johnson, we all belong. Are you passionate about security and interested in joining a community of collaborative colleagues working in a Patient First! culture? If that's you, we have an immediate opportunity for a Sr Product Security Engineer to join the Product Cybersecurity team to help ensure security is implemented by design for this top-performing medical device company. This is an exciting opportunity to impact development initiatives that will shape future product development and industry standards. You will own the Product Security process for the products that you will support throughout the product development lifecycle which includes both pre-market and post-market processes engineering teams. If you are eager to leverage your security risk and compliance skills to make a difference and directly impact patient lives, this could be perfect for you. Purpose: The Senior Product Security Engineer will be responsible for implementation of J&J's enterprise Product Security strategy and framework throughout the Heart Recovery portfolio of medical devices and supporting platforms. This role will join Abiomed, part of Johnson & Johnson MedTech, to provide technical expertise and strategic leadership in securing Impella heart pump technologies, next-generation cardiac support systems, and connected medical devices. This role is responsible for delivering security architecture, cryptographic controls, embedded system protections/controls, and threat mitigation techniques to ensure robust, regulatory-compliant security across the product lifecycle. Specific responsibilities include supporting heart recovery throughout a new product's development phases, review product security requirements and recommend security design solutions, complete Quality documentation, threat modelling, coordinate third-party penetration testing, software architecture review and design recommendations, code analysis and other security testing work as needed. Additionally, this position will have post market responsibilities for Heart Recovery marketed devices include monitoring for new vulnerabilities, assisting with patching and remediation plans, as well as responding to customer security questionnaires and reviewing security language within contractual agreements as needed. Drive alignment to J&J Product Security's overarching framework. Support the Product Security strategy and objectives within Heart Recovery Define and implement secure boot, firmware integrity validation, and anti-tamper mechanisms to protect Heart Recovery Device firmware against unauthorized modification. Enforce cryptographic protocols for data-at-rest and data-in-transit, ensuring compliance with FDA cybersecurity requirements, NIST 800-175, FIPS 140-3, and IEC 62443. Define and implement key management infrastructure (PKI, HSMs, TPMs, and secure enclave integration) for device identity, authentication, and software signing. Develop real-time vulnerability assessment techniques for detecting security flaws in wireless communications (Bluetooth LE, NFC, Wi-Fi, 5G, proprietary RF) used in Heart Recovery's medical devices. Implement Zero Trust security for device-to-cloud connectivity, integrating mTLS and continuous authentication models into clinical applications. Oversee secure OTA (over-the-air) update mechanisms, ensuring firmware rollbacks, code signing, and supply chain integrity validation. Embedded Security & Secure Development Lifecycle: Lead Secure Development Lifecycle practices, integrating threat modeling, static/dynamic analysis, fuzz testing, and formal verification into the development process. Work with R&D Engineering to define hardware security architecture, including trust zones, hardware root of trust (HRoT), and secure microcontroller protections Implement memory safety strategies to mitigate buffer overflows, side-channel attacks, and execution vulnerabilities in real-time operating systems (RTOS) and bare-metal firmware. Respond to customer cybersecurity questionnaires and contractual language for post-market medical devices under your responsibility as necessary. Qualifications Required: •5+ years industry experience in Information Security •3+ years experience with embedded system, IOT, or medical device cybersecurity •Bachelor's degree or equivalent •Experience generating Threat models without the use of threat modeling tools •Experience performing risk assessments utilizing CVSS 3.1 or higher, with STRIDE per element •Ability to write technical security requirements for embedded systems and web platforms based on the latest regulations •Understanding and execution of third-party penetration testing, vulnerability scanning, CVSS and/or other general security testing principles •Experience supporting regulatory security submissions, ensuring compliance with FDA Cybersecurity Guidance (2025), EU MDR, NIST 800-53, IMDRF, and AAMI TIR57. •Knowledge of real-time operating systems hardening techniques •Knowledge of cloud security principles •Ability to generate SBOMs from Software source code and Binaries, Firmware, and Operating Systems •Ability to generate pre-market risk assessments against the threat model leveraging STRIDE and post-market risk assessments via SCA SBOM scans. •Ability to generate the security architecture views for medical devices that could include: Global System View, Multi-Patient Harm View, Updateability/Patchability view and, detailing system boundaries, data flows, and external interactions to show risk mitigation, ensuring transparency, and supporting post-market management •Ability to translate technical security requirements into solutions •Ability to provide secure coding recommendations and execute reviews •Data privacy experience, including HIPAA and GDPR •Understanding of industry standards and certifications such as HITRUST & ISO 27001 •Ability to work autonomously and proactively seek out product security opportunities within heart recovery •Ability to lead large projects and proven ability to track to project plan timelines from a security perspective •Ability to create and deliver cybersecurity awareness campaigns and other communications •Creative problem-solving skills •Customer focus (internal & external) •Excellent communication and collaboration skills, able to network, interface and influence at all levels of the organization, cross sector, cross-functionally and globally •Strong leadership skills Preferred Skills: •Experience leading or participating in formal security audits •Experience with Operating Systems such as QNX QOS, Yocto •Familiarity with FDA and/or other global regulatory cybersecurity guidance requirements and submission process •Experience with web applications and server hardening (i.e. AWS, Azure) including knowledge of OWASP Top 10 and blue teaming techniques •Experience in cybersecurity pre-sales •Software development experience •CISSP, CISM, or other security certification •MS and/or advanced degree Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation, please contact us via *******************/contact-us/careers or contact AskGS to be directed to your accommodation resource. Required Skills: Preferred Skills: Compliance Management, Crisis Management, Cross-Functional Collaboration, Fraud Management, Legal Services, Mentorship, Process Improvements, Risk Assessments, Security Architecture Design, Security Framework, Security Incident Response, Security Planning, Security Policies, Standard Operating Procedure (SOP), Tactical Planning, Technical Credibility The anticipated base pay range for this position is : $102,000.00 - $177,100.00 Additional Description for Pay Transparency: Subject to the terms of their respective plans, employees are eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). Subject to the terms of their respective policies and date of hire, Employees are eligible for the following time off benefits: Vacation -120 hours per calendar year Sick time - 40 hours per calendar year; for employees who reside in the State of Washington -56 hours per calendar year Holiday pay, including Floating Holidays -13 days per calendar year Work, Personal and Family Time - up to 40 hours per calendar year Parental Leave - 480 hours within one year of the birth/adoption/foster care of a child Condolence Leave - 30 days for an immediate family member: 5 days for an extended family member Caregiver Leave - 10 days Volunteer Leave - 4 days Military Spouse Time-Off - 80 hours Additional information can be found through the link below. *********************************************

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our cybersecurity team is seeking a Senior Information Systems Security Officer (ISSO) to support our team 100% onsite at our facility in Andover, Massachusetts. The successful candidate will interface with the Information Systems Security Manager (ISSM) to ensure adherence with NIST Special Publications, customer directives, and company policies as applicable all NISPOM Chapter 8, DAAPM, JSIG policies. What You Will Do Assessing and monitoring system compliance, auditing, security plan development and delivering information systems security education and awareness. Investigating information system security violations and help prepare reports specifying corrective and preventative actions. Reviewing and approving (within authority) configuration management requests. Conducting technical and administrative assessments. Integrating new cybersecurity processes, procedures, and tools. Support the creation, review and update of cybersecurity documentation and other technical writing. Qualifications You Must Have Typically requires a University Degree or equivalent experience and minimum 5 years prior relevant experience, or an Advanced Degree in a related field and minimum 3 years' experience. Current IAM Level I certification (Security+ or other). Relevant Experience Considered in any combination: Cybersecurity, systems security or hardening Information Technology Compliance-based auditing using the Risk Management Framework (RMF), DCSA Assessment and Authorization Process Manual (DAAPM), Joint SAP Implementation Guide (JSIG), National Industrial Security Program Operating Manual (NISPOM), and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPPA Experience working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics) Physical security/security, policework/criminal justice, investigations, or Border Patrol Project or program management, office management, senior administration, or account management Qualifications We Prefer Experience working in DoD classified operating and/or laboratory environments. Experience with various information system security tools that address vulnerability analysis and mitigation. These may include Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc. Familiarity with implementation of Government directives and policies derived from NIST, CNSSI, DoD, or other Government Regulatory compliance standards within a professional industry. Experience in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF). Experience providing technical security consultation for complex, cross-domain, heterogeneous classified networked environments in collaboration with internal/external Customers, Information Technology (IT). Familiarity with large multi-facility networks including various complex components, including Windows and Linux environments. Experience interpreting, implementing, and assessing DISA STIGs. Familiarity with the execution and management of cyber incident response; preservation, containment, and eradication. What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. Relocation Non-Eligible - Relocation assistance not available Learn More & Apply Now! Please consider the following role type definition as you apply for this role: Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products We are RTX #LI-Onsite As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 86,800 USD - 165,200 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

**Country:** United States of America ** Onsite **U.S. Citizen, U.S. Person, or Immigration Status Requirements:** Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance **Security Clearance:** Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our cybersecurity team is seeking a **Senior Information Systems Security Officer (ISSO)** to support our team **100% onsite** at our facility in **Andover, Massachusetts.** The successful candidate will interface with the Information Systems Security Manager (ISSM) to ensure adherence with NIST Special Publications, customer directives, and company policies as applicable all NISPOM Chapter 8, DAAPM, JSIG policies. **What You Will Do** + Assessing and monitoring system compliance, auditing, security plan development and delivering information systems security education and awareness. + Investigating information system security violations and help prepare reports specifying corrective and preventative actions. + Reviewing and approving (within authority) configuration management requests. + Conducting technical and administrative assessments. + Integrating new cybersecurity processes, procedures, and tools. + Support the creation, review and update of cybersecurity documentation and other technical writing. **Qualifications You Must Have** + Typically requires a University Degree or equivalent experience and minimum 5 years prior relevant experience, or an Advanced Degree in a related field and minimum 3 years' experience. + Current IAM Level I certification (Security+ or other). + Relevant Experience Considered in any combination: + Cybersecurity, systems security or hardening + Information Technology + Compliance-based auditing using the Risk Management Framework (RMF), DCSA Assessment and Authorization Process Manual (DAAPM), Joint SAP Implementation Guide (JSIG), National Industrial Security Program Operating Manual (NISPOM), and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPPA + Experience working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics) + Physical security/security, policework/criminal justice, investigations, or Border Patrol + Project or program management, office management, senior administration, or account management **Qualifications We Prefer** + Experience working in DoD classified operating and/or laboratory environments. + Experience with various information system security tools that address vulnerability analysis and mitigation. These may include Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc. + Familiarity with implementation of Government directives and policies derived from NIST, CNSSI, DoD, or other Government Regulatory compliance standards within a professional industry. + Experience in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF). + Experience providing technical security consultation for complex, cross-domain, heterogeneous classified networked environments in collaboration with internal/external Customers, Information Technology (IT). + Familiarity with large multi-facility networks including various complex components, including Windows and Linux environments. + Experience interpreting, implementing, and assessing DISA STIGs. + Familiarity with the execution and management of cyber incident response; preservation, containment, and eradication. **What We Offer** Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. Relocation Non-Eligible - Relocation assistance not available **Learn More & Apply Now!** Please consider the following role type definition as you apply for this role: + Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products We are RTX (**************************************** \#LI-Onsite **_As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote._** The salary range for this role is 86,800 USD - 165,200 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. _RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act._ **Privacy Policy and Terms:** Click on this link (******************************************************** to read the Policy and Terms Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Join Allied Universal Technology Services, a global leader in transforming the security industry. We integrate advanced technology - video surveillance, electronic access control, alarm monitoring and augmented solutions with physical security to help people feel safe. Whether you're an installation technician, service technician, engineer, or project manager, you'll discover rewarding opportunities to grow your career as part of a valued team. Apply today and be phenomenal-build a meaningful career while protecting what matters most through innovative security technology. Job Description Allied Universal is looking to hire a Solution Engineer. The Solution Engineer creates all post-sale security systems design, engineering, value engineering, and documentation. The position is part of the Solutions Engineering department, which is responsible for translating, expanding, finalizing, and documenting pre-sales proposals and technical designs produced by Sales and Solutions Architecture in pre-sale systems architecting and quoting. This position works closely with Sales, Solutions Architecture, Operations, and external customers as required. The primary work products for the Solution Engineer are security system and construction technical drawings, including custom installation drawings and instructions, network design diagrams, riser diagrams, typical installation diagrams, point-to-point system schedules, door hardware schedules, document redlining, functional narratives describing systems operations, and as-built documentation. RESPONSIBILITIES: Creates and updates comprehensive post-sale engineering packages illustrating device locations, IDF/MDF room layouts, SOC/GSOC layouts, console designs, installation diagrams, riser diagrams, network designs, etc. Creates and updates performance-based and product-based specifications Creates and updates pre-fabrication submittal packages as specified by architects and engineers for their approval prior to installation Develops and maintains as-built record documentation over the life cycle of various projects and follow-on MAC work Utilizes and contributes to a comprehensive library of standard post-sale engineering documents, templates, and standards, as well as project-specific and customer-specific submittals Ensures effective value engineering by assuring technical compliance while at the same time reducing Allied Universal Technology Services costs whenever possible Reviews AUTS proposals both pre-sale and post-sale to scrutinize selected products for applicability and specification compliance Collaborates with AUTS's product suppliers to ensure the desired functionality of selected products. Consistently applies AUTS's standards for installation Contributes to AUTS internal guidelines for Solutions Engineering engagement and post-sale systems engineering QUALIFICATIONS (MUST HAVES): A minimum of five (5) years of experience in electronic security systems design / engineering In-depth knowledge of security system design best practices and product applicability, including products like: Video surveillance and related technologies (Analog, IP, Codecs, VMS) Access control and related technologies (card access, biometrics, PIV, FIPS-201, HSPD-12, various processor panels, electric locking hardware, etc.) Physical intrusion detection (Bosch, DMP, etc.) Software House, Lenel, Amag, Brivo, Genetec, and Avigilon systems architectures Computer software skills to include: AutoCAD and associated rendering applications, MS Office, Acrobat Writer, and Visio Ability to read and understand complex architectural and engineering drawings Working knowledge of AC and DC circuitry, voltage drop calculations, and wire sizing Ability to collaborate with diverse teams of technical designers and engineers Ability to simultaneously work on multiple large, complex projects Good written and verbal communication skills Strong analytical decision-making capabilities Self-motivated with the ability to influence others PREFERRED QUALIFICATION (NICE TO HAVES): Manufacture certifications PMP/PSP certifications A bachelor's or associate's degree in electrical engineering or equivalent is considered a plus Ability to plan, size, and design enterprise-class IT network and storage solutions, including products like: Virtualization technologies such as VMware vSphere and View Data-center networking technologies such as Cisco Nexus Storage Area Network technologies such as NetApp or EMC Load balancing / firewalling technologies such as Cisco ACE or Cisco ASA Data-center protocols such as Fibre Channel, NFS, IP, iSCSI, DCE Physical Security Information Management (PSIM) BENEFITS: Salary: $80,000 - 115,000 / annually Medical, dental, vision, retirement plan, basic life, AD&D, and disability insurance Eight paid holidays annually, five sick days, and four personal days Vacation time offered at an accrual rate of 3.08 hours biweekly. Unused vacation is only paid out where required by law #LI-EB1 Closing Allied Universal is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race/ethnicity, age, color, religion, sex, sexual orientation, gender identity, national origin, genetic information, disability, protected veteran status or relationship/association with a protected veteran, or any other basis or characteristic protected by law. For more information: *********** If you have difficulty using the online system and require an alternate method to apply or require an accommodation, please contact our local Human Resources department. To find an office near you, please visit: ***********/offices. Requisition ID 2026-1512505

Overview Join Allied Universal Technology Services, a global leader in transforming the security industry. We integrate advanced technology - video surveillance, electronic access control, alarm monitoring and augmented solutions with physical security to help people feel safe. Whether you're an installation technician, service technician, engineer, or project manager, you'll discover rewarding opportunities to grow your career as part of a valued team. Apply today and be phenomenal-build a meaningful career while protecting what matters most through innovative security technology. Job Description Allied Universal is looking to hire a Solution Engineer. The Solution Engineer creates all post-sale security systems design, engineering, value engineering, and documentation. The position is part of the Solutions Engineering department, which is responsible for translating, expanding, finalizing, and documenting pre-sales proposals and technical designs produced by Sales and Solutions Architecture in pre-sale systems architecting and quoting. This position works closely with Sales, Solutions Architecture, Operations, and external customers as required. The primary work products for the Solution Engineer are security system and construction technical drawings, including custom installation drawings and instructions, network design diagrams, riser diagrams, typical installation diagrams, point-to-point system schedules, door hardware schedules, document redlining, functional narratives describing systems operations, and as-built documentation. RESPONSIBILITIES: Creates and updates comprehensive post-sale engineering packages illustrating device locations, IDF/MDF room layouts, SOC/GSOC layouts, console designs, installation diagrams, riser diagrams, network designs, etc. Creates and updates performance-based and product-based specifications Creates and updates pre-fabrication submittal packages as specified by architects and engineers for their approval prior to installation Develops and maintains as-built record documentation over the life cycle of various projects and follow-on MAC work Utilizes and contributes to a comprehensive library of standard post-sale engineering documents, templates, and standards, as well as project-specific and customer-specific submittals Ensures effective value engineering by assuring technical compliance while at the same time reducing Allied Universal Technology Services costs whenever possible Reviews AUTS proposals both pre-sale and post-sale to scrutinize selected products for applicability and specification compliance Collaborates with AUTS's product suppliers to ensure the desired functionality of selected products. Consistently applies AUTS's standards for installation Contributes to AUTS internal guidelines for Solutions Engineering engagement and post-sale systems engineering QUALIFICATIONS (MUST HAVES): A minimum of five (5) years of experience in electronic security systems design / engineering In-depth knowledge of security system design best practices and product applicability, including products like: Video surveillance and related technologies (Analog, IP, Codecs, VMS) Access control and related technologies (card access, biometrics, PIV, FIPS-201, HSPD-12, various processor panels, electric locking hardware, etc.) Physical intrusion detection (Bosch, DMP, etc.) Software House, Lenel, Amag, Brivo, Genetec, and Avigilon systems architectures Computer software skills to include: AutoCAD and associated rendering applications, MS Office, Acrobat Writer, and Visio Ability to read and understand complex architectural and engineering drawings Working knowledge of AC and DC circuitry, voltage drop calculations, and wire sizing Ability to collaborate with diverse teams of technical designers and engineers Ability to simultaneously work on multiple large, complex projects Good written and verbal communication skills Strong analytical decision-making capabilities Self-motivated with the ability to influence others PREFERRED QUALIFICATION (NICE TO HAVES): Manufacture certifications PMP/PSP certifications A bachelor's or associate's degree in electrical engineering or equivalent is considered a plus Ability to plan, size, and design enterprise-class IT network and storage solutions, including products like: Virtualization technologies such as VMware vSphere and View Data-center networking technologies such as Cisco Nexus Storage Area Network technologies such as NetApp or EMC Load balancing / firewalling technologies such as Cisco ACE or Cisco ASA Data-center protocols such as Fibre Channel, NFS, IP, iSCSI, DCE Physical Security Information Management (PSIM) BENEFITS: Salary: $80,000 - 115,000 / annually Medical, dental, vision, retirement plan, basic life, AD&D, and disability insurance Eight paid holidays annually, five sick days, and four personal days Vacation time offered at an accrual rate of 3.08 hours biweekly. Unused vacation is only paid out where required by law #LI-EB1 Closing Allied Universal is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race/ethnicity, age, color, religion, sex, sexual orientation, gender identity, national origin, genetic information, disability, protected veteran status or relationship/association with a protected veteran, or any other basis or characteristic protected by law. For more information: *********** If you have difficulty using the online system and require an alternate method to apply or require an accommodation, please contact our local Human Resources department. To find an office near you, please visit: ***********/offices. Requisition ID 2026-1512505

More than 1,000 organizations worldwide-from 25 Fortune 100 companies to small enterprises-use Bit9 + Carbon Black to increase security, reduce operational costs and improve compliance. Leading managed security service providers (MSSP) and incident response (IR) companies have made Bit9 + Carbon Black a core component of their advanced threat prevention, threat detection and incident response services. With Bit9 + Carbon Black, you can arm your endpoints against advanced threats. Job Description We are looking for a Cloud Security Engineer who can provide hands-on technical engineering and ownership of the growing cloud security program, across multiple providers. You will work closely with our Product Management group as well our Cloud Operations team to help build secure and robust systems responsible for serving all of Bit9 + Carbon Black customers. Role Description: The Cloud Security Engineer provides cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks. Additionally, the Cloud Security Engineer assists in the development of cyber security requirements, conducts security risk assessments, evaluates security services and technologies, and reviews and documents information security policies and procedures as well as provides monitoring and oversight for alerts in this environment. Key Responsibilities: Serves as the subject matter expert (SME) on Cloud Security for Bit9 + Carbon Black Develops standards, policies and procedures as well as best practices documentation. Participate in efforts that tailor the company's security policies and standards for use in cloud environments Translate security and technical requirements into business requirements, and communicate security risks to different audiences ranging from business leaders to engineers. Propose and/or design technical solutions, which include creating prototypes and proofs of concept while maintaining a security mindset Lead and influence multi-disciplinary teams in implementing and operating Cyber Security controls. Work closely with application developers and database administrators to deliver creative solutions to complex technology challenges and business requirements. Provides Info security architecture & systems engineering consulting to other IT and business teams. Automate security controls, data and processes to provide better metrics and operational support Utilize cloud-based APIs when appropriate to write network/system level tools for securing cloud environments Stay current on emerging security threats, vulnerabilities and controls. Identify and Implement new security technologies and best practices into Bit9's Cloud offerings Evaluates new technologies against established requirements and validate the security of the technology. Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure Identify processes/procedures for how to handle a cloud security event, including forensic isolation and mitigation with Digital Forensics and Incident Response (DFIR/IR) teams Supports the monitoring and maintaining network security suite of tools. Identify new security threats by conducting continual monitoring, penetration testing, vulnerability assessments and log analysis Qualifications Bachelor's degree in related business or technical areas, or an equivalency of education and work experience. Minimum of 5-7 years of IT Security and/or security engineering experience 5-7 years related experience in Computer Security, with proven focus on Cloud Security. Clear passion for cloud Security and Cloud technologies. Must have experience with virtualization (cloud or non-cloud) Expert knowledge of Cloud infrastructure, security architectures, and standards Deep technical knowledge of Amazon Web Services, and FedRAMP Able to demonstrate clear understanding of current threats to Cloud infrastructure and/or IT infrastructures at technical and managerial levels Able to automate/script daily tasks through Python, Bash or equivalent Experience with web-based applications or web-services Proficient in Linux system design, automation and operations Experience in designing and implementing standards, specifications and procedures. Demonstrated ability to take initiative and accountability for achieving results. Strong interpersonal, oral, and written communication skills Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) Skilled in discussing complex security issues in understandable business terms. Very detailed knowledge of system security vulnerabilities and remediation techniques Security certification desired (e.g., CISSP, GIAC, CEH, etc) Experience using Microsoft Visio Additional Information About us: Cyber attacks are now the new normal. Advanced hackers, nation states, organized crime groups and nefarious actors are doing anything and everything they can to get their hands on valuable information that isn't theirs. With more than enough attack vectors out there, we at Bit9 + Carbon Black are looking for more creative and committed security professionals to protect today's top organizations. Bit9 + Carbon Black is an equal opportunity employer.

Site Name: USA - Massachusetts - Cambridge Are you looking for an opportunity to enhance your project management expertise within a cutting-edge global environment? If so, this Facilities Engineering Manager role could be an ideal opportunity to explore. As OT Security Engineer you will provide technical expertise and implementation resources for all automation and control systems activities on new and existing equipment and facilities in the New England Region. This role will provide YOU the opportunity to lead key activities to progress YOUR career, these responsibilities include some of the following: * Liaising with the Site Team with assets residing on the OT with aiding in reviews, audits and any questions / queries with relation to OT security * Maintaining the OT security standard requirements on the identified workstreams OT * Ensuring vendors are managed appropriately at site in terms of OT security compliance * Responsible for OT security related works in the identified workstream, including Capital Projects, to ensure they comply with the GSK OT Security standards, guidance, processes and procedures * Support delivery of cyber security training to the site * Responsible for engaging with GSK OT teams to deliver projects or provide service * Responsible for input into improvement strategies to deliver business benefits. * Responsible for providing technical input during solution design, development, testing and implementation * To act as an OT Network Technical authority on related matters where required * To act as an advocate for OT Cybersecurity, enabling supply divisions to maximize the exploitation of technology Why you? Basic Qualifications: We are looking for professionals with these required skills to achieve our goals: * Bachelor's degree in Cybersecurity, Computer Science, Engineering, or a related field. * 5+ years of experience in cybersecurity, with at least 2 years focused on OT environments. * Knowledge of ICS, SCADA, and OT security principles. * Familiarity with OT protocols (e.g., Modbus, OPC, DNP3) and security tools (e.g., Splunk, Palo Alto Networks, Siemens TIA Portal). * Experience with regulatory frameworks such as NIST, IEC 62443, and ISO 27001. Preferred Qualifications: If you have the following characteristics, it would be a plus: * Exposure to IT infrastructure and Cyber Security risk reduction * Effective communication skills with the ability to interface with operational, capital projects and senior management within the organization * Certifications such as CISSP, GICSP, or ISA/IEC 62443 Cybersecurity Expert. * Strong problem-solving and analytical skills. * Ability to communicate complex technical risks to non-technical stakeholders. * Experience in the pharmaceutical or manufacturing industry is a plus. Why GSK? At GSK, we value the contributions of every team member and are committed to offering a supportive and dynamic work environment. Here's what you'll enjoy as part of our team: * Purpose-Driven Work: Play a key role in protecting the systems that help us deliver life-saving medicines. * Career Growth: Access to training, certifications, and development opportunities to advance your career. * Inclusive Culture: Work in a collaborative and diverse environment where innovation thrives. * Competitive Benefits: Comprehensive health coverage, retirement plans, and family-friendly perks. #LI-GSK We encourage you to apply if you are passionate about making a difference and have the skills to thrive in this role. Join us in creating a healthier world! Please visit GSK US Benefits Summary to learn more about the comprehensive benefits program GSK offers US employees. Why GSK? Uniting science, technology and talent to get ahead of disease together. GSK is a global biopharma company with a purpose to unite science, technology and talent to get ahead of disease together. We aim to positively impact the health of 2.5 billion people by the end of the decade, as a successful, growing company where people can thrive. We get ahead of disease by preventing and treating it with innovation in specialty medicines and vaccines. We focus on four therapeutic areas: respiratory, immunology and inflammation; oncology; HIV; and infectious diseases - to impact health at scale. People and patients around the world count on the medicines and vaccines we make, so we're committed to creating an environment where our people can thrive and focus on what matters most. Our culture of being ambitious for patients, accountable for impact and doing the right thing is the foundation for how, together, we deliver for patients, shareholders and our people. If you require an accommodation or other assistance to apply for a job at GSK, please contact the GSK Service Centre at ************** (US Toll Free) or *************** (outside US). GSK is an Equal Opportunity Employer. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, genetic information (including family medical history), military service or any basis prohibited under federal, state or local law. Important notice to Employment businesses/ Agencies GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site. Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK's compliance to all federal and state US Transparency requirements. For more information, please visit the Centers for Medicare and Medicaid Services (CMS) website at *********************************

Are you looking for an opportunity to enhance your project management expertise within a cutting-edge global environment? If so, this Facilities Engineering Manager role could be an ideal opportunity to explore. As OT Security Engineer you will provide technical expertise and implementation resources for all automation and control systems activities on new and existing equipment and facilities in the New England Region. This role will provide YOU the opportunity to lead key activities to progress YOUR career, these responsibilities include some of the following: Liaising with the Site Team with assets residing on the OT with aiding in reviews, audits and any questions / queries with relation to OT security Maintaining the OT security standard requirements on the identified workstreams OT Ensuring vendors are managed appropriately at site in terms of OT security compliance Responsible for OT security related works in the identified workstream, including Capital Projects, to ensure they comply with the GSK OT Security standards, guidance, processes and procedures Support delivery of cyber security training to the site Responsible for engaging with GSK OT teams to deliver projects or provide service Responsible for input into improvement strategies to deliver business benefits. Responsible for providing technical input during solution design, development, testing and implementation To act as an OT Network Technical authority on related matters where required To act as an advocate for OT Cybersecurity, enabling supply divisions to maximize the exploitation of technology Why you? Basic Qualifications: We are looking for professionals with these required skills to achieve our goals: Bachelor's degree in Cybersecurity, Computer Science, Engineering, or a related field. 5+ years of experience in cybersecurity, with at least 2 years focused on OT environments. Knowledge of ICS, SCADA, and OT security principles. Familiarity with OT protocols (e.g., Modbus, OPC, DNP3) and security tools (e.g., Splunk, Palo Alto Networks, Siemens TIA Portal). Experience with regulatory frameworks such as NIST, IEC 62443, and ISO 27001. Preferred Qualifications: If you have the following characteristics, it would be a plus: Exposure to IT infrastructure and Cyber Security risk reduction Effective communication skills with the ability to interface with operational, capital projects and senior management within the organization Certifications such as CISSP, GICSP, or ISA/IEC 62443 Cybersecurity Expert. Strong problem-solving and analytical skills. Ability to communicate complex technical risks to non-technical stakeholders. Experience in the pharmaceutical or manufacturing industry is a plus. Why GSK? At GSK, we value the contributions of every team member and are committed to offering a supportive and dynamic work environment. Here's what you'll enjoy as part of our team: Purpose-Driven Work: Play a key role in protecting the systems that help us deliver life-saving medicines. Career Growth: Access to training, certifications, and development opportunities to advance your career. Inclusive Culture: Work in a collaborative and diverse environment where innovation thrives. Competitive Benefits: Comprehensive health coverage, retirement plans, and family-friendly perks. #LI-GSK We encourage you to apply if you are passionate about making a difference and have the skills to thrive in this role. Join us in creating a healthier world! Please visit GSK US Benefits Summary to learn more about the comprehensive benefits program GSK offers US employees. Why GSK? Uniting science, technology and talent to get ahead of disease together. GSK is a global biopharma company with a purpose to unite science, technology and talent to get ahead of disease together. We aim to positively impact the health of 2.5 billion people by the end of the decade, as a successful, growing company where people can thrive. We get ahead of disease by preventing and treating it with innovation in specialty medicines and vaccines. We focus on four therapeutic areas: respiratory, immunology and inflammation; oncology; HIV; and infectious diseases - to impact health at scale. People and patients around the world count on the medicines and vaccines we make, so we're committed to creating an environment where our people can thrive and focus on what matters most. Our culture of being ambitious for patients, accountable for impact and doing the right thing is the foundation for how, together, we deliver for patients, shareholders and our people. If you require an accommodation or other assistance to apply for a job at GSK, please contact the GSK Service Centre at ************** (US Toll Free) or *************** (outside US). GSK is an Equal Opportunity Employer. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, genetic information (including family medical history), military service or any basis prohibited under federal, state or local law. Important notice to Employment businesses/ Agencies GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site. Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK's compliance to all federal and state US Transparency requirements. For more information, please visit the Centers for Medicare and Medicaid Services (CMS) website at *********************************

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************