Cyber security analyst jobs in Midwest City, OK

**Job Opportunity is actually with a company called Western Farmers Electric Cooperative (WFEC)** Under the general supervision of the Supervisor, IT Infrastructure, the Cyber Threat Analyst performs monitoring and analysis of cyber threats to assist in the defense of WFEC cyber systems and operations. The incumbent will curate and triage intelligence from multiple cyber intelligence sources and will inform the security operations with timely and relevant TTPs, IOCs, and context. The incumbent will generate reports for upper management based on data, information, and intelligence. The incumbent must understand the MITRE ATT&CK framework and be able to integrate the framework in the reporting. The Cyber Threat Analyst will develop and document threat hunt activities based on intelligence, scenarios, and observations. The incumbent develops, maintains, and supports systems that provide collection capabilities and telemetry information to the organization. In addition, the incumbent performs troubleshooting, installation, and maintenance on equipment and software systems related to NERC CIP. The incumbent performs change management and configuration activities, security controls testing, system baseline activities, vulnerability testing and analysis, and network traffic analysis to ensure system reliability and security. The incumbent participates in in-house, regulatory, and industry teams, including working groups, committees, incident response teams, and business continuity teams as required. Also, the incumbent participates in exercises that test policies, procedures, and skills which are required by business and critical operations. The incumbent responds to anomalous events that will require analysis and will have to synthesize and correlate complex events to ensure operational security.

*****CANDIDATE MUST BE US Citizen (due to contractual/access requirements)***** **For candidates residing within a 50-mile radius of a Highmark office, a hybrid work schedule of three days per week (Tuesday, Wednesday, and Thursday) in the office is required.** The Cyber User Behavior Engineer is a pivotal role at Highmark, dedicated to enhancing our organization's security by cultivating a robust "security-first" culture. This individual will lead the design, implementation, and ongoing management of comprehensive security awareness programs. Their primary responsibility will be to educate, train, and inspire all Highmark employees to effectively identify and report security threats, ensuring adherence to Highmark's security policies and industry best practices. This role is crucial in minimizing human-centric security risks and fostering a vigilant and informed workforce. **ESSENTIAL RESPONSIBILITIES** + Develop, implement, and continuously improve a proactive program to identifying internal threats. + Establish close relationships with business stakeholders outside of the security discipline, working closely with privacy, physical security, fraud, legal, human resources and senior leadership. + Perform predictive analysis of behavior, anomalies, and concerns to identify internal threats. + Execute campaigns designed to improve enterprise security posture. + Continually enhance insider risk program to increase efficiencies and measure program effectiveness and report accordingly on progress. + Utilize change management methodologies to mitigate identified security risks. + Provide insider threat support to security operations and incident response teams in advance of and during cyber security incidents. + Ensure clear lines of communication including but not limited to; transparency to the business on upcoming security initiatives, identifying impact to the business and to consumers, helping shape remediation, and developing external and internal communications. + Ensure the education and awareness program is aligned with the Information Security Program, Policies and Standards. + Other duties as assigned or requested. **EDUCATION** **Required** + Bachelor's Degree in Business Education, Marketing or Information Systems **Substitutions** + Six (6) years relevant, progressive experience **Preferred** + Bachelors in Information Security **EXPERIENCE** **Required** + 3 years in IT or IT Security Focus + 3 years of Insider Threat Program focus To include: + 3 years with Human Intelligence (HUMINT) **OR** as an Open-source Intelligence Analyst **Preferred** + 1-3 years in a Security Awareness or adjacent role **LICENSES or CERTIFICATIONS** **Required** + None **Preferred** + Security + **OR** + GSEC **OR** + CISSP **OR** + CERT Insider Threat + SANS Security Awareness Professional (SSAP) Proofpoint Certified Security Awareness Specialist **SKILLS** + Change Management + Presentation Delivery + Prioritizing + Analytical and Logical Reasoning/Thinking + Communication Skills + Cyber Security + User Behavior + Continuous Improvement **Language (Other than English):** None **Travel Requirement:** 0% - 25% **PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS** **Position Type** Office-based Teaches / trains others regularly Frequently Travel regularly from the office to various work sites or from site-to-site Rarely Works primarily out-of-the office selling products/services (sales employees) Never Physical work site required Yes Lifting: up to 10 pounds Occasionally Lifting: 10 to 25 pounds Rarely Lifting: 25 to 50 pounds Never **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._ _As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._ _Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J272819

Company Federal Reserve Bank of Kansas City When you join the Federal Reserve-the nation's central bank-you'll play a key role, collaborating with leading tech professionals to strengthen and protect our economic, financial and payments systems. We invest in contemporary and emerging technology each year to support the Federal Reserve and our economy, and we're building a dynamic and diverse team for our future. This role is responsible for modernizing the methods and procedures for performing cybersecurity risk management and assessing cybersecurity risk. This involves assessing the current approach, data, and tools to identify gaps and enhancements. It requires strong partnerships with key stakeholders and business leaders, conveying cyber risk to them in a way that allows them to make risk informed decisions and improve the Organization's security posture. Important Information * Open to US Citizens, Green Card holders or Permanent Residents with at least 3 years of residency. * No sponsorship is available. Candidates must have valid work authorization, without an end date to be considered. No H1-B, OPT, STEM OPT, CPT, TN, J-1, etc. * This position requires working on-site with 5 days per month remote work flexibility. Key Activities Risk Assessment & Analysis * Modernize the current approach to cybersecurity risk management and assessments. * Research and evaluate methodologies and frameworks and subsequently apply them for use in the organization. * Identify and implement risk quantification and scoring approaches within the organization. * Perform in-depth data analysis to identify patterns, trends, and areas of focus and priority. * Incorporate threat intelligence into risk assessments to provide context-aware risk evaluations. * Conduct business impact analyses to understand how security incidents affect critical business functions. * Evaluate and quantify risks associated with third-party vendors and supply chain. * Assess specific risks related to cloud environments and services. Program Development * Develop reports and dashboards to illustrate the organization's risk posture. * Ensure that cybersecurity risk is integrated with IT risk, and informs overall Enterprise risk. * Research and identify options to establish a risk register. * Develop and track risk treatment plans including mitigation strategies, acceptance justifications, or transfer options. * Map cybersecurity risks to relevant regulatory requirements and compliance frameworks. * Continuously improve risk management processes based on industry trends and organizational needs. Communication & Collaboration * Meet with technical experts and business leaders to convey cybersecurity risk in a way they can understand. * Partner with incident response teams to incorporate lessons learned into risk models. * Translate complex technical risk scenarios into actionable insights for all levels of the organization. Qualifications Experience * Typically requires at least 6 years of relevant cybersecurity risk management experience. * Experience with risk scoring methods and risk quantification. * Experience with generating reports and dashboards to convey cybersecurity risk in a way that is easy to consume. * Experience establishing or running an Enterprise cybersecurity risk management program. * Experience with NIST SP 800-53 security standards. * Experience presenting risk information to executive leadership. Education & Certifications * Bachelor's degree specializing in an information technology field from an accredited college or university, or equivalent combination of directly related education and/or experience. * Information Security industry certification (SSCP, CISSP, GIAC, CISM, CISA, etc.) preferred. Technical Knowledge * Strong knowledge of and experience applying cybersecurity risk frameworks and assessment methodologies; examples may include Factor Analysis of Information Risk (FAIR), NIST Cybersecurity Framework (CSF). * Strong skills and experience with data analysis. * Experience with GRC (Governance, Risk, and Compliance) tools. * Knowledge of business impact analysis methodologies. * Familiarity with cloud security frameworks (CCSK, CCSP). Skills & Abilities * Ability to understand technical details of cybersecurity risk. * Ability to communicate complicated technical risk scenarios to all levels of the organization. * Demonstrated self-motivation and ability to perform work independently, and also collaborate in a team environment. Additional Information How We Work (HWW): * On-site: 5 days per month remote work flexibility * Location: Kansas City, Denver, Oklahoma City, Omaha * Remote Eligible: No Salary: * $98,600 - $139,000 / Senior Level * $117,300 - $165,400 / Advanced Level * Final offers are determined by factors including the candidate's qualifications, internal alignment considerations, district assignment, and geographic location. Screening: US Citizens or Green Card holders and Permanent Residents with at least 3 years of residency. This position has additional screening requirements due to the information accessed while performing the job. These additional screenings would be initiated at the time of offer acceptance and could take up to a couple of months to complete. You can begin work before the screening is completed; however, continued employment is contingent on acceptable screening results. The areas screened may include education/employment verification, criminal history, credit history, and reference checks. Sponsorship: The Federal Reserve Bank of Kansas City will not sponsor a new applicant for employment authorization for this position. Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future. About Us * Total Rewards & Benefits * Who We Are * What We Do Follow us on LinkedIn, Instagram, X (formerly Twitter), and YouTube #KCFedIT Full Time / Part Time Full time Regular / Temporary Regular Job Exempt (Yes / No) Yes Job Category Information Technology Family Group Work Shift First (United States of America) The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences. Always verify and apply to jobs on Federal Reserve System Careers (************************************* or through verified Federal Reserve Bank social media channels. Privacy Notice

Job Category: Information Technology Time Type: Full time Minimum Clearance Required to Start: None Employee Type: Regular Percentage of Travel Required: None Type of Travel: None * * * **The Opportunity:** CACI's Corporate Enterprise Services Cyber Security Team is seeking a Cyber Security Engineer. As a member of the Cyber Security Team, you will work to create and maintain a DFARS compliant operating environment for CACI's users by protecting network boundaries, designing and supporting hardened computer, network devices, cloud services, and provide security services to protect highly sensitive data for our endpoints, servers, and OT/IoT. The candidate will work directly with our Cyber Security team to support all major activities with a cyber security focus. Additional responsibilities include technical risk assessment, testing and validation of remediation for vulnerabilities, and compliance guidance for our networking environments. Candidate will support governance of appropriate policy and compliance technology to meet or exceed applicable government and compliance. **Responsibilities:** + Provide robust cybersecurity related guidance for supported CACI networks and supporting infrastructure inclusive of Software Defined Networking (SDN), Wireless, Layer-2 and Layer-3 IP networks hardware, and OT/IoT + Work with programs to assess the security risk and compliance levels of their system(s) + Research trends in cybersecurity threats as well as NIST 800 standards in support of these systems + Creation of mitigation strategies and follow up with stakeholders to ensure risk levels are documented at the appropriate levels and follow through with report writing as appropriate + Use knowledge of networking technologies to maintain a 0-trust environment throughout CACI + Use data aggregation and analysis techniques and tools to provide valuable insight into the security posture of CACI's infrastructure + Work within CACI and third parties to ensure that all networking technologies are engineered and deployed with security in mind by following industry best practices and are compliant within applicable guidelines. + Ability to work in a team-centric environment + Experience drafting technical requirements, procedure outlines and network diagrams to enhance system security documentation + Analyze security reports, review process documentation, assess test results and remediation plans + Ability to work with internal and external stakeholders at all business levels + Strong presentation, written, and oral communication skills **Qualifications:** _Required:_ + Bachelor's Degree with minimum 5 years' experience in Cyber Security. + Strong Cyber Security background. + Ability to obtain a security clearance. + Knowledge of major Cloud Service Providers and current/next-gen IT technologies. + Strong problem-solving and organizational skills. + Ability to work in a team-centric environment. + Experience drafting technical requirements, procedure outlines, and network diagrams. + Ability to analyze security reports, review process documentation, and assess test results and remediation plans. + Strong presentation, written, and oral communication skills. _Desired:_ + Experience working within the DoD. + ML, Gen-AI, LLM expertise. + Certifications like CYSA+, CISSP, CEH, Security+. + Secret or Top-Secret clearance. + Previous experience with cybersecurity governance, risk, and compliance activities. + Established and productive individual contributor who works independently with little general supervision. + Experience with risk management frameworks (DFARS 800-171, CMMC, ISO, NIST). + Intermediate knowledge in areas such as SDN concepts, NIST 800 series, risk management, security tools and automation, cloud architecture, multifactor authentication, and identity management. - **________________________________________________________________________________________** **What You Can Expect:** **A culture of integrity.** At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation. **An environment of trust.** CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality. **A focus on continuous growth.** Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy. **Your potential is limitless.** So is ours. Learn more about CACI here. (************************************************ **________________________________________________________________________________________** **Pay Range** : There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here (***************************************************** . The proposed salary range for this position is: $67,800 - $142,200 _CACI is_ _an Equal Opportunity Employer._ _All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any_ _other protected characteristic._

1. Nashville, TN 2. Austin, TX Security Architecture is comprised of security experts who are focused and specialized in securing all aspects of OCI Cloud. As security experts, we are sought out by our partner engineering organizations to provide guidance on designing their products, services and features. We set OCI wide security standards and hold a high security requirement bar for all services to ensure the highest level of security to our customers. We are currently looking for a highly motivated security engineer with expertise in Cloud security to join our team. This candidate would be involved in architecture, design, prototyping and development of the security aspects of Oracle Cloud's products and services. You should be a security-minded leader who can work with architects and/or a development team as they design new capabilities to ensure that security requirements are set and the design implements the necessary controls to increase security posture for the service. As a member of the Security Architecture team, you will be required to have a firm grasp on security technologies, trends in cloud security practices, and ability to communicate complex technical security requirements clearly to the development teams, risk assessment, risk mitigation and security tools/automation. **Responsibilities** Key responsibilities: + Conduct threat modeling, security architecture reviews, risk assessment and provide guidance on mitigating the identified issues. + Create and maintain technical security standards and patterns and set the benchmark for AI security requirement bar at OCI. + Stay up-to-date on the latest advancements in AI technologies and apply them to improve OCI's security posture. + Provide expert security guidance to service teams to ensure their products, services and feature are secure by default. + Lead OCI-wide cloud security initiatives to enhance overall cloud security posture. + Provide mentorship to junior engineers on the team. Qualifications: + A minimum of 8+ years of experience with at least 5+ years in Cloud Security required and 2+ years in AI and ML is good to have. + Or a BS or MS in Computer Science/Engineering with a focus on AI/Security, or a related field with a minimum of 8 years of experience in the field is required. + Experience in architecture, design, deployment, and handling of standard security practices and policies is required. Preferred qualifications includes, + A strong background in AI, machine learning, and deep learning. + Experience in applying AI technology to security domain. + Experience as a security leader for a cloud product or set of cloud services, with expertise in IaaS, PaaS. + Experience with architecture security reviews for products or services operating in a cloud environment, especially those which are reliant on homegrown or third-party LLMs and APIs is a plus. + Expertise in concepts of Multi-tenancy, Cloud Security and Virtualization, Access Management, OAuth, Cloud SSO, Identity Provisioning, Identity Governance etc. + Expertise in Encryption, Key management, Cybersecurity fundamentals (e.g., access controls, common software vulnerabilities, and security best practices), Deployment Methodologies, and Security Standards Compliance Certification (STIG, FedRAMP, PCI-DSS), etc. + Very good understanding of concepts related to Docker, Container, Serverless Computing, and Kubernetes. + Ability to design large scalable systems for cloud customers with focus on security. + Network security, VPN/Firewalls and software-defined networking experience is a plus. + Experience operating within and supporting a security assurance and assessment program + Excellent written and verbal communication skills, strong analytical and problem-solving skills. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $106,300 to $223,400 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC4 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

The Opportunity: When our country's cybersecurity is on the line, simply reacting is not enough - we need a plan. And when that plan needs to protect our nation's airborne networks, we need strategic policy development. That's why we need you, a cybersecurity analyst with the expertise required to analyze the policies, procedures, and requirements that determine our cyber resilience. As an Information Assurance or Cybersecurity Specialist of airborne, ground support systems, and System Integration Labs, you'll review systems to identify potential security weaknesses and recommend improvements to mitigate risk, implement changes, and document modifications. You'll review technical, environmental, and personnel details from subject matter experts, engineers, and program managers to assess the entire threat landscape. You'll work closely with the program manager to translate security concepts enabling them to make informed decisions to secure their mission critical systems. As you guide your client through understanding acceptable risk and availability, you'll advance the development of a strategic cyber roadmap. You'll ensure the client operates securely as they navigate an evolving environment. As an Information Assurance or Cybersecurity Specialist at Booz Allen, you'll identify the right mix of tools and techniques to translate your customer's cybersecurity needs and goals into a plan that will enable secure and effective solutions. You will advise on new techniques and guide the team through critical approaches to design, providing alternatives and customizing solutions to maintain a balance of security and operational needs. Join us. The world can't wait. You Have: * 3+ years of experience with cybersecurity * Experience with providing configuration management (CM) for information system security software, hardware, and firmware, and coordinating changes and modifications with the Security Control Assessor (SCA) and Authorizing Official (AO) * Experience with providing security guidance and IS validation using National Institute of Standards and Technology (NIST) RMF, DoD, and local security policies * Ability to manage security authorization activities * Ability to coordinate security requirements for connected and non-connected systems and unclassified and classified systems * Top Secret clearance * HS diploma or GED * IAT Level II Certification, including Security+ Nice If You Have: * 5+ years of experience with cybersecurity * Bachelor's degree * DoD IAM or IAT Level III Certification * Certified Information Systems Security Professional (CISSP) Certification Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $61,900.00 to $141,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. * If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. * If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Specialist Director, MAST Application Penetration Testing Lead to join our Managed Services practice. Responsibilities: * Lead the strategic delivery of Managed Application Security Testing (MAST) services, ensuring alignment with client objectives and industry best practices * Execute go-to-market (GTM) strategies for MAST offerings, collaborating with cross-functional teams to drive market penetration and revenue growth * Oversee the design and implementation of scalable security testing frameworks across diverse application environments, including cloud-native and hybrid architectures * Provide subject matter expertise in application security, guiding clients through risk assessments, remediation planning, and secure development lifecycle integration * Build and maintain strong client relationships, serving as a trusted advisor and ensuring high levels of satisfaction and retention * Mentor and lead a team of security professionals, fostering a culture of innovation, accountability, and continuous improvement * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum eight years of recent experience in application security, penetration testing, or related cybersecurity domains, with at least three years in a leadership or director-level role * Master's degree from an accredited college or university in cybersecurity, computer science, or related field is preferred; Bachelor's degree from an accredited college or university is required * Deep understanding of application security testing methodologies, tools (for example, DAST, SAST, IAST), and secure SDLC practices * Proven experience developing and executing GTM strategies for security services or technology solutions * Strong client-facing skills with the ability to communicate complex technical concepts to non-technical stakeholders * Excellent verbal/written communication, presentation, and analytical skills * Ability to travel as required * Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future; KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $153700 - $319000 KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

At PLEXSYS, our teams design, build and deliver Live, Virtual, and Constructive (LVC) innovation and training solutions to customers around the world. With over 200 employees in seventeen states and four foreign countries, we contribute our success to enabling better training…everyday…across the globe. As an employee of PLEXSYS, you'll find a culture that empowers you to achieve your professional objectives, give your personal best, and work with other highly passionate individuals. Our core values of integrity, excellence, teamwork and agility drive our daily decisions, identify our focus areas, and inspire our organizational culture. GENERAL DESCRIPTION The Command and Control, Intelligence, Surveillance, and Reconnaissance (C2ISR) Information System Security Officer (ISSO) will provide cybersecurity support to Joint Theater Air-to-Ground Simulation Systems (JTAGGS), Airborne Warning and Control Systems (AWACS), Airborne Surveillance Command and Control (ASC2), and/or Theater Air Control System (TACS) training and ground systems and networks. The ISSO is responsible for ensuring the appropriate operational security posture for information systems and must have detailed knowledge and expertise required to manage the security aspects of an information system. Responsibilities include implementation of the requirements of the Joint Special Access Program (SAP) Implementation Guide (JSIG), Risk Management Framework (RMF), and other security requirements as assigned. Duties also include physical and environmental protection, personnel security, and incident handling. Coordinate and synchronize security policy guidance with PLEXSYS Facility Security Officer and C2ISR Information System Security Manager (ISSM) and work in close coordination with Partner/Government ISSO/ISSM. Duties & Responsibilities Execute on-site information system security program to include implementation and validation of automated informational security, ensuring security requirements are satisfied for C2ISR training systems Establish and implement security procedures and practices in support of Corporate goals and current DoD Regulations Develop, implement and maintain security emergency action plans Provide security education and training to local employees Maintain administrative security records and documents for local employees Conduct self-inspections to ensure current security measures and policies are effective Conduct random security inspections to ensure regulations and procedures are being adhered to by local employees May assist in the development and updating of required Authority to Operate (ATO) artifacts Conduct system audits in accordance with System Security Plan requirements May be required to conduct maintenance on the networks, systems, and hardware May be required to perform software upgrades on networks, systems, and hardware Understand and follow NISPOM/ODAA/RMF/ICD/NIST/JSIG classified system accreditation and certification requirements Other duties as assigned REQUIREMENTS Bachelor's degree in related field or 2 years' experience in related field Extensive Training or experience with Windows based Information Systems standards with a working knowledge of Linux operating systems Specialized computer training in networking and active directory Experience with security audits for information systems Strong communication and problem-solving skill Ability to work in both a Team environment as well as independently Must be organized and detail orientated Current DoD 8570 IAT Level II and IAM Level I or higher certification (i.e. Security + or equivalent certification) DESIRABLE Experience with DoD Security Regulations and Policies Experience with Type 1 and/or Type 2 virtualization platforms Experience managing system security in an enterprise environment Strong system documentation skills Experience with Trellix ePO (HBSS), Splunk, and Tenable Security Center/Nessus (ACAS) AUTHORITY Must have or be able to obtain and maintain a Top-Secret clearance with approval for SAP and SCI access PERKS As a PLEXSYS employee, you can expect certain advantages; such as advancement based on performance, competitive wages, valuable benefits and a great working environment. Our team is committed to ensuring an environment that empowers individuals to realize their full potential by providing opportunities and necessary support to achieve personal and professional goals. Medical/Vision/Prescription/Dental Benefits Life, AD&D and Long Term Disability Coverage Paid Holidays, Military Leave, and Paid Time Off 401k Plan with eligibility from first day of employment Education reimbursement for job-related courses for full-time employees PriceClub/COSTCO/Sam's Club annual membership PLEXSYS Interface Products, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

The Multi Domain Solutions Division at Leidos is looking for an Information Systems Security Officer (ISSO) to support a fast-paced program with the Air Force Life Cycle Management Center located in Oklahoma City, OK. This role involves supporting the delivery of comprehensive IT and support services to ensure mission success while adhering to DoD standards and regulations. The ISSO will oversee the cybersecurity posture of DoD information systems, ensuring compliance with DoD security standards and protecting sensitive data. The ISSO will develop and implement security policies, conduct risk assessments, manage system accreditations (RMF), and lead continuous monitoring efforts. The role requires collaboration with cross-functional teams to enforce security controls and manage incident response. The ISSO will also maintain security documentation and ensure ongoing compliance with applicable regulations. The ISSO will be expected to be proficient technically & to perform hands-on cybersecurity tasks. This position will require 100% on-site work with no remote work supported Primary Responsibilities: Collaborate daily with the ISSM to provide expert cybersecurity guidance and recommendations. Support the development, implementation, and maintenance of security policies, procedures, and documentation to ensure compliance with DoD security standards and regulations (e.g., NIST, RMF, FISMA). Oversee the security posture of DoD information systems, ensuring they meet cybersecurity requirements for confidentiality, integrity, and availability. Perform risk assessments, vulnerability assessments, and security audits to identify system vulnerabilities and provide remediation strategies. Manage and conduct continuous monitoring of security controls, ensuring the protection of classified and unclassified data. Coordinate with cross-functional teams (engineering, IT, operations) to implement and enforce security protocols and best practices. Ensure the accreditation process for DoD systems (e.g., RMF accreditation) is completed and maintained in compliance with all applicable requirements. Act as the primary point of contact for security-related issues, coordinating incident response and reporting to senior management and government customers. Provide security training and awareness programs for personnel involved in the operation of DoD systems. Maintain and track security documentation, including system security plans (SSPs), risk assessments, and Plan of Actions & Milestones (POA&Ms). Stay current with emerging cybersecurity threats, vulnerabilities, and trends to ensure the program adapts to evolving security challenges. Basic Qualifications: US Citizen with at least a Top Secret clearance and the ability to obtain and SCI prior to your start date. Bachelor's degree with 8+ years of experience or a Master's degree with 6+ years of experience. Additional experience may be considered in lieu of a degree. In-depth knowledge of DoD cybersecurity policies, frameworks, and compliance standards (e.g., NIST 800-53, RMF, FISMA, ICD 503, JSIG, DAAPM). Must have a DoD 8140 Intermediate certification (e.g. Cloud+, Security+, etc.). Experience with system security engineering, risk management, and vulnerability assessments. Strong understanding of network security, security controls, and common cybersecurity tools (e.g., firewalls, IDS/IPS, SIEM, endpoint protection). Ability to work independently and collaborate effectively with cross-functional teams. Strong communication skills, including the ability to create and present detailed security reports to stakeholders. Interest in continuous learning and professional development in cybersecurity. Preferred Qualifications: DoD 8140 Advanced certification e.g. CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), etc. Experience with the Risk Management Framework (RMF) for DoD system accreditations and continuous monitoring processes. Experience in managing security for complex DoD programs or mission-critical systems. Familiarity with cloud security practices and systems, particularly in a hybrid or government cloud environment. Experience with security tools for vulnerability scanning, penetration testing, and security auditing. Cloud security certifications (e.g. Azure Security Technologies or AWS Certified Security Specialty). Experience with configuration management and change management processes in a secure environment. At Leidos, we don't want someone who "fits the mold"-we want someone who melts it down and builds something better. This is a role for the restless, the over-caffeinated, the ones who ask, “what's next?” before the dust settles on “what's now.” If you're already scheming step 20 while everyone else is still debating step 2… good. You'll fit right in. Original Posting:September 3, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range:Pay Range $104,650.00 - $189,175.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

The Security Risk and Compliance Analyst is a member of the information security team and works closely with the other members of the team, the business, and other IT staff to develop and manage security for one or more IT functional area (e.g., data, systems, network, and physical) across the enterprise. The candidate will be able to effectively understand standard risk methodologies and the implementation of security controls in an enterprise environment. Key Result Areas: Work as part of a team to maintain security and integrity of corporate data and IT systems through activities including: Develop and maintain enterprise security policies and procedures Assist in the coordination and completion of information security risk assessments and documentation Work with information security management to develop strategies and plans to enforce security requirements and address identified risks Report to management concerning residual risk, vulnerabilities, and other security exposures including misuse of information assets and noncompliance Work with IT department and members of the information security team to identify, select and implement technical controls Provide direct support to the business and IT staff for security related Maintain an awareness of security and control issues in emerging technologies Perform other duties as assigned Knowledge, skills, and experience required: Bachelor's degree in Computer Science, Information Systems, or other equivalent degree or experience Preferred Certifications (CISSP, CISA, CRISC, CRM, GSEC, etc.) Strong analytical and problem-solving skills to enable effective security incident and problem resolution Proven ability to work under stress with the flexibility to handle multiple high-pressure tasks simultaneously Ability to work well under minimal supervision Strong team-oriented skills with the ability to interface effectively with a broad range of people and roles, including vendors and enterprise personnel Strong written and verbal communication skills and attention to detail for board level committee and regulatory reporting Strong customer/client focus with the ability to manage expectations appropriately General understanding of risk management Knowledge of security methodology frameworks and regulatory requirements such as NIST, CIS, HIPAA, PCI, and FFIEC Microsoft Excel, Word, and Visio skillset for the creation, tracking and reporting of security metrics (e. graphs, formatting, basic formulas) Preferred Qualifications: Understanding of enterprise risk management systems and automation platforms Experience with Data Loss Prevention (DLP) and Vulnerability Management solutions *This position is on-site located in Oklahoma City, must reside within the area to be considered. *Position requires a minimum of 3 years of relevant US based experience. #LI-Onsite #LI-DNI

Mainframe Security EngineerRemote - United StatesJR012476 **Requirements:** + U.S. Citizenship is required. + Must pass a Federal Background Check. **Key Responsibilities:** + Administer security for RACF, ACF2, and Top Secret logon IDs, datasets, and resource rules. + Provision user access in response to ServiceNow tickets within defined SLAs. + Monitor system security policies and investigate violations/incidents. + Perform and review daily, weekly, and monthly audit reports. + Liaise with business units and technical support teams. + Prepare ad hoc reports and deliver presentations for customer support. + Ensure adherence to security standards across the environment. + Provide 24×7 on-call support as required. + Utilize Vanguard and/or IBM zSecure security products. + iSeries security knowledge is a plus. + Manage and lead large projects or tasks as needed. + Project management skills are highly desired. **Technical Skills:** + Proficient in TSO, JCL, IBM Utilities, JES2, and ISPF. + Experience with REXX or other programming languages is desired. + CICS security administration experience preferred. + Experience with Vanguard and/or IBM zSecure security products is desired. + Familiarity with IAM (Identity Access Management), MFA (Multi-Factor Authentication), and PAM (Privileged Access Management) is desired. + Strong PC skills, including Microsoft Outlook, Word, Excel, and PowerPoint. **General Knowledge:** + z/OS experience is highly desired. + Knowledge of other mainframe security products is a plus. **Personal Skills:** + Strong written and verbal communication skills. + Excellent organizational skills with the ability to manage multiple concurrent projects and work as part of a global team. + Ability to work independently and take initiative. + Strong analytical and problem-solving skills. + Effective team player who can work independently in a fast-paced environment. + Self-starter, detail-oriented, and able to multitask. **Education & Certifications:** + Bachelor's or Master's degree preferred. + CISSP, CISA, CISM, or ITIL certification is a plus. **Why Ensono?** Ensono is a place to make better happen - for our clients and for your career. You can do great things through innovation or collaboration, by learning or volunteering, or to promote diversity and inclusion. You can do great things for your own health or for a healthier planet. Whatever it means to you to do great things we want Ensono to be the place you can do it. We are a client-facing business, but we do encourage clients to allow us to work remotely most of the time so if you are not required to be on a client site, you can choose to work from home or in our Ensono offices. Some of our benefits include: + Unlimited Paid Days Off + Three health plan options through Blue Cross Blue Shield + 401k with company match + Eligibility for dental, vision, short and long-term disability, life and AD&D coverage, and flexible spending accounts + Paid Maternity Leave, Paternity Leave, and Sabbatical Leave + Education Reimbursement, Student Loan Assistance or 529 College Funding + Enhanced fertility coverage + Wellness program + Depending on location, ability to take Flexible work schedule + Advantage of fitness centers As of the date of this posting, a good faith estimate of the current pay scale for this role is **$90,000 to $135,000** annually based on a full-time schedule. Please note that placement in the range may vary based on numerous factors including but not limited to skills, experience, internal equity, and business needs. In addition to base salary, other compensation programs, depending on eligibility, include an annual bonus plan based on company and individual performance and an equity grant under our Associate Equity Appreciation Program. Ensono is an Equal Opportunity/Affirmative Action employer. We are committed to providing equal employment to our Associates and building a diverse and inclusive workforce. All qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or other legally protected basis, in accordance with applicable law. Pay transparency nondiscrimination statement/posting OFCCP's pay transparency policy can be found on OFCCP's website (*********************************************************************************************** . If you need accommodation at any point during the application or interview process, please let your recruiter know or email ****************************** . JR012476

Areas of Interest: Information Technology; Information Security; Infrastructure Pay Transparency Salary Range: Not Available Application Deadline: 01/01/2026 BOK Financial Corporation Group includes BOKF, NA; BOK Financial Securities, Inc. and BOK Financial Private Wealth, Inc. BOKF, NA operates TransFund and Cavanal Hill Investment Management, Inc. BOKF, NA operates banking divisions: Bank of Albuquerque; Bank of Oklahoma; Bank of Texas and BOK Financial. Bonus Type Summary We're building a culture at BOK Financial where amazing people (like you) can bring their best, be their best and work for the best. You've come to the right place to grow your career. Job Description The IT Engineer IV - Cloud Platform Solutions is responsible for building secure, scalable, and automated cloud infrastructure. This role brings a security-first mindset to infrastructure-as-code practices and works across engineering, security, and application teams to implement secure policies, automate cloud governance, and support compliant migrations in Azure and AWS. They will be responsible for working collaboratively with multiple teams to implement highly available and secure cloud technologies. This role is also responsible for continuous monitoring and optimization of the cloud implementation for efficiencies and continuous support of, and collaboration with, other teams and projects, particularly DevOps, platform and automation teams. The person in this role must be a highly collaborative, creative and intellectually curious individual who is passionate about forming and implementing cutting-edge cloud computing capabilities. Extensive engineering experience is required as this role provides tier 3 support for technology teams in the organization. Team Culture Our mission is to empower our company, teammates and customers through the delivery of resilient and customer-centric technology. We achieve this by leveraging our expertise in technology and deep understanding of our business units. How You'll Spend Your Time * You will design and deploy secure and compliant cloud solutions using in AWS and Azure using Terraform, GitLab, and CI/CD pipelines. * You will design and implement Hashicorp Sentinel policies and policy sets in Terraform Cloud. * You will develop policy-as-code frameworks (e.g., Azure Policy, AWS SCPs) to enforce governance and compliance. * You will collaborate with security and application teams to implement secure architectures and mitigate risks. * You will proactively manage and mitigating the risks associated with cloud environments. * You will be implementing and validating robust IAM and network policies. * You will integrate automated testing and security controls into CI/CD workflows (SAST, DAST, code scanning). * You will contribute to secure cloud migrations, threat modeling, and incident response planning. * You will design and develop Rego Syntax OPA policy as code to enforce & govern Kubernetes environments. * You will design and enforce Kubernetes and cloud network security policies to enforce zero-trust security model. * You will provide Tier 3 support and serve as subject matter expert on cloud platform and automation. * You will strategize, consult, and prototype alongside other engineers to implement best practices and solutions for applications utilizing CI/CD and cloud. * You will cultivate a strong knowledge of Identity Management including AWS Managed AD, Azure AD, Azure Resource roles and access reviews * You will cultivate a strong understanding of Cloud Policies and how to create custom policies. * You will collaborate with development team members to troubleshoot, and resolve problems that may exist in cloud-hosted environments. * You will ensure that cybersecurity controls are met or exceeded. * You will have efficient communication with application stakeholders about application availability & platform updates including any application outages, issues, failures, availability delays etc. * You will work within established configuration and change management policies to ensure awareness, approval and success of changes made to the infrastructure. Education & Experience Requirements This level of knowledge is normally acquired through the completion of a bachelor's degree in a technology field and/or 4+ years of related experience. * 4+ years of experience in cloud platform engineering, with a focus on AWS and/or Azure. * Strong hands-on experience with Terraform, YAML, pipelines, scripting (PowerShell, Bash), and Git. * Strong understanding of IAM, cloud networking, secrets management, and encryption. * Familiarity with security tools such as SonarQube, Checkmarx, Wiz and container security scanners. * Experience with Python development and AI Agent tools such as Amazon Bedrock Agent or Microsoft CoPilot. * Experience with Kubernetes and container security best practices. * Ability to work cross-functionally with application, security, and DevOps teams. * Strong communication, documentation, and troubleshooting skills. BOK Financial Corporation Group is a stable and financially strong organization that provides excellent training and development to support building the long term careers of employees. With passion, skill and partnership you can make an impact on the success of the bank, customers and your own career! Apply today and take the first step towards your next career opportunity! The companies in BOK Financial Corporation Group are equal opportunity employers. We are committed to providing equal employment opportunities for training, compensation, transfer, promotion and other aspects of employment for all qualified applicants and employees without regard to sex, race, color, religion, national origin, age, disability, pregnancy status, sexual orientation, genetic information or veteran status. Please contact recruiting_********************* with any questions.

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

**_Job Title:_** Lead Adversarial Security Engineer **About** **Trellix:** **Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work.** Our comprehensive, GenAI-powered platform helps organizations confronted by today's most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions. We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at ************************ . **_Role Overview:_** Trellix is seeking an Adversarial Security Engineer to lead the evolution of its cybersecurity posture. This is a senior, hands-on, remote-first role for a red/blue/purple expert who possesses a valuable blend of offensive tradecraft and defensive-engineering skills. **Role Overview:** As a lead member of the security operations team, and reporting to the Deputy CISO the mission of this role is to bridge the gap between "what if" and "what is" to continuously test the organization's defenses, find gaps, and personally lead the engineering effort to close them. By collaborating with the Security Operations Center (SOC), Threat Intelligence, and infrastructure teams, this expert will act as a force multiplier, mentoring junior security operations staff and providing the technical leadership to measurably improve the ability to detect and respond to advanced threats. **About the role:** + Plan and execute sophisticated, end-to-end red team engagements against our on-premise and cloud infrastructure. + Develop and validate new detection logic, transforming the results of your own attacks into high-fidelity alerts. + Lead continuous purple team exercises, acting as the primary bridge between the SOC, Threat Intelligence, and Detection Engineering teams. + Leverage Attack Surface Management (ASM) data to find "Shadow IT" and prioritize your offensive operations based on the most likely and impactful attack vectors. + Act as a senior technical leader, mentoring SOC analysts and junior engineers on advanced attack chains, detection theory, and defensive best practices. + Communicate complex findings and remediation strategies to a wide range of stakeholders, from highly technical engineers to executive leadership. **About you:** + You have a blended career path of 7+ years, demonstrating experience in both offensive security (like Red Teaming) and defensive operations (like Detection Engineering or Threat Hunting). + You possess exceptional communication skills, with an ability to create reports and presentations for both highly technical and executive audiences. + You are a U.S. citizen. + Your technical expertise is built on a deep, practical understanding of frameworks like MITRE ATT&CK and the Diamond Model. + You have proficiency in modern offensive tools and C2 frameworks (e.g., Cobalt Strike, Metasploit) and/or experience developing custom attack methods to evade EDR and network controls. + You are proficient in writing, tuning, and validating detection logic in SIEM and EDR platforms. + Your knowledge of automation is clear from your proficiency in any scripting languages such as Python or PowerShell. + You have practical experience assessing and defending modern cloud environments. + You may hold advanced offensive (e.g., OSCP, OSEP, GXPN) or defensive (e.g., GCIH, GDAT) certifications. + You may contribute to the community through public-facing research, conference talks, or open-source tools. **_Company Benefits and Perks:_** We believe that the best solutions are developed by teams who embrace each other's unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. + Retirement Plans + Medical, Dental and Vision Coverage + Paid Time Off + Paid Parental Leave + Support for Community Involvement We're serious about our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

At Feed the Children, we recognize the value of outstanding people, and we are looking for compassionate changemakers to join our team. We pride ourselves on cultivating a collaborative workplace where employees experience productive and rewarding employment and feel engaged in our mission to end childhood hunger. Our passionate team shares a deep sense of purpose, and we dream big to solve complex problems and create positive impact in communities around the world. Feed the Children is recognized by Candid with its Platinum Seal of Transparency and is accredited by the BBB Wise Giving Alliance. The organization has received a 4-star rating from Charity Navigator and is consistently recognized on the Forbes Top 100 Charities list. We are currently in search of an Information Security Specialist to join our Information Technology team! The Information Security Specialist will investigate, analyze, and learn from cybersecurity researchers, attackers, and incidents to develop durable detective controls across the IT infrastructure. This role will provide support and resolution for scanning, reporting, and vulnerability remediation. This position will collaborate with the Senior Director of Information Security to assist in prioritizing vulnerabilities, planning mitigations, and security control configuration. NOTE: This is an entry level position working from our corporate office in Oklahoma City, OK. Salary range: Up to $21.64/hr. based on education and experience. Job Requirements: Education Bachelor's degree in Computer Science, CIS, Engineering, Cybersecurity, or related field preferred. High school diploma or GED required. Experience 2+ years' experience working with technical and business teams related to information security Ability to analyze general cyber security-related technical problems and provide basic engineering and technical support in solving these problems. Familiarity with Azure and Office 365 security suite of tools, to include Microsoft Defender. Industry-standard knowledge of activities relating to identity and access management, MDR, SIEM, and least privilege access management. Basic understanding of NIST-specific security assessments. Aware of the legal, regulatory, and ethical considerations of working with sensitive information Proactive, self-motivated, well organized, reliable, and detail-oriented team member Ability to communicate across all levels of the organization with strong organizational skills Ability to multitask, self-prioritize daily tasks, and experience with task management tools. Analytical and critical thinking skills, required Any combination of education, training and experience which provides the required knowledge, skills and abilities to perform the essential functions of this job may be considered. Essential Functions: Execute day-to-day threat hunting for targeted attacks against multiple environments. Work closely with Information Technology's Director of Data Governance and the Sr. Director of Information Security to make sure identified vulnerabilities are patched and remediated. Maintain an understanding of security-related IT policies to assess the effectiveness of controls. Facilitate incident remediation including monitoring Data Loss Prevention (DLP) tools and responding to alerts. Investigate network threats such as computer viruses, exploits, and malicious attacks to determine true threats, false positives, and network system misconfigurations. Monitor potential compromise, intrusion, deficiency, significant event or threat to the security posture and provide solutions to issues. Work within the IT department verifying and validating security compliance against corporate standards, regulatory standards, and other industry defined practices. Assist with security awareness training of employees, as needed. Champion the NIST 800-53 program, documenting policies and procedures as well as performing audits, risk assessments and implementation reviews. Update job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; monitoring information security news for emerging threats; and participating in professional organizations. Document specific activities, problems solved, and issues resolved. Protect our organization by keeping information confidential. Collaborate cross-functionally throughout the organization to safeguard sensitive information from potential insider risks and threat actors. Develop, update, and maintain policies and other technical documentation Establish an environment of high performance and continuous improvement that values learning, a commitment to quality, welcomes and encourages collaboration, and fosters both intra and inter-departmental dialogue and respect. Model the type and level of behavior, professionalism and leadership that is in accordance with the values of the organization. Perform other related duties as required About Feed the Children: As a leading anti-hunger organization, Feed the Children is committed to ending childhood hunger. We provide children and families in the U.S. and around the world with the food and essentials kids need to grow and thrive. Through our programs and partnerships, we feed children today while helping their families and communities build resilient futures. In addition to food, we distribute household and personal care items across the United States to help parents and caregivers maintain stable, food-secure households. Internationally, we expand access to nutritious meals, safe water, improved hygiene, and training in sustainable living. Responsible stewards of our resources, we are driven to pursue innovative, holistic, and child-focused solutions to the complex challenges of hunger, food insecurity, and poverty. For children everywhere, we believe that having enough to eat is a fundamental right. Our Values: We are driven by a shared sense of PURPOSE At Feed the Children, our commitment to the mission is at the heart of what we do and fuels our collective impact in the communities where we serve. We cannot achieve our bold vision without our talented PEOPLE We are passionate about fostering a best-in-class workforce that is engaged, respected, and empowered to deliver results. We believe in CURIOSITY and continued learning Success requires a culture of discovery, curiosity and continued learning to expand our knowledge, seek new perspectives and challenge the status quo. We know COLLABORATION is the only way to end childhood hunger We cannot succeed alone. It will take all of us - our employees, donors, partners, volunteers - working together to accomplish our ambitious goals. We DREAM big When we work together, we collectively reimagine what is possible. We dream big to solve complex problems and create deep impact in communities around the world. We VALUE every donor We respect our donors' intentions and promote responsible stewardship of the resources they entrust to us. Join Feed the Children and help create a world where no child goes to bed hungry. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire. Feed the Children is an equal opportunity employer. All qualified candidates will receive consideration for positions without regard to race, color, religion, sex, sexual orientation, age, national origin, disability, political affiliation, pregnancy, military and/or veterans' status, genetic characteristics, marital status or any other considerations made unlawful by applicable state, federal, or local law. Feed the Children welcomes and encourages applications from persons with physical and mental disabilities and will make every effort to reasonably accommodate the needs of those persons. Additionally, Feed the Children strives to provide an environment free from sexual exploitation and abuse and harassment in all places where relief and development programs are implemented. Feed the Children expects its employees to maintain high ethical standards, protect organizational integrity and reputation, and ensure that Feed the Children work is carried out in honest and fair methods, in alignment with the Feed the Children safeguarding and associated policies.

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

At Feed the Children, we recognize the value of outstanding people, and we are looking for compassionate changemakers to join our team. We pride ourselves on cultivating a collaborative workplace where employees experience productive and rewarding employment and feel engaged in our mission to end childhood hunger. Our passionate team shares a deep sense of purpose, and we dream big to solve complex problems and create positive impact in communities around the world. Feed the Children is recognized by Candid with its Platinum Seal of Transparency and is accredited by the BBB Wise Giving Alliance. The organization has received a 4-star rating from Charity Navigator and is consistently recognized on the Forbes Top 100 Charities list. We are currently in search of an Information Security Specialist to join our Information Technology team! The Information Security Specialist will investigate, analyze, and learn from cybersecurity researchers, attackers, and incidents to develop durable detective controls across the IT infrastructure. This role will provide support and resolution for scanning, reporting, and vulnerability remediation. This position will collaborate with the Senior Director of Information Security to assist in prioritizing vulnerabilities, planning mitigations, and security control configuration. NOTE: This is an entry level position working from our corporate office in Oklahoma City, OK. Salary range: Up to $21.64/hr. based on education and experience. Job Requirements: Education Bachelor's degree in Computer Science, CIS, Engineering, Cybersecurity, or related field preferred. High school diploma or GED required. Experience 2+ years' experience working with technical and business teams related to information security Ability to analyze general cyber security-related technical problems and provide basic engineering and technical support in solving these problems. Familiarity with Azure and Office 365 security suite of tools, to include Microsoft Defender. Industry-standard knowledge of activities relating to identity and access management, MDR, SIEM, and least privilege access management. Basic understanding of NIST-specific security assessments. Aware of the legal, regulatory, and ethical considerations of working with sensitive information Proactive, self-motivated, well organized, reliable, and detail-oriented team member Ability to communicate across all levels of the organization with strong organizational skills Ability to multitask, self-prioritize daily tasks, and experience with task management tools. Analytical and critical thinking skills, required Any combination of education, training and experience which provides the required knowledge, skills and abilities to perform the essential functions of this job may be considered. Essential Functions: Execute day-to-day threat hunting for targeted attacks against multiple environments. Work closely with Information Technology's Director of Data Governance and the Sr. Director of Information Security to make sure identified vulnerabilities are patched and remediated. Maintain an understanding of security-related IT policies to assess the effectiveness of controls. Facilitate incident remediation including monitoring Data Loss Prevention (DLP) tools and responding to alerts. Investigate network threats such as computer viruses, exploits, and malicious attacks to determine true threats, false positives, and network system misconfigurations. Monitor potential compromise, intrusion, deficiency, significant event or threat to the security posture and provide solutions to issues. Work within the IT department verifying and validating security compliance against corporate standards, regulatory standards, and other industry defined practices. Assist with security awareness training of employees, as needed. Champion the NIST 800-53 program, documenting policies and procedures as well as performing audits, risk assessments and implementation reviews. Update job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; monitoring information security news for emerging threats; and participating in professional organizations. Document specific activities, problems solved, and issues resolved. Protect our organization by keeping information confidential. Collaborate cross-functionally throughout the organization to safeguard sensitive information from potential insider risks and threat actors. Develop, update, and maintain policies and other technical documentation Establish an environment of high performance and continuous improvement that values learning, a commitment to quality, welcomes and encourages collaboration, and fosters both intra and inter-departmental dialogue and respect. Model the type and level of behavior, professionalism and leadership that is in accordance with the values of the organization. Perform other related duties as required About Feed the Children: As a leading anti-hunger organization, Feed the Children is committed to ending childhood hunger. We provide children and families in the U.S. and around the world with the food and essentials kids need to grow and thrive. Through our programs and partnerships, we feed children today while helping their families and communities build resilient futures. In addition to food, we distribute household and personal care items across the United States to help parents and caregivers maintain stable, food-secure households. Internationally, we expand access to nutritious meals, safe water, improved hygiene, and training in sustainable living. Responsible stewards of our resources, we are driven to pursue innovative, holistic, and child-focused solutions to the complex challenges of hunger, food insecurity, and poverty. For children everywhere, we believe that having enough to eat is a fundamental right. Our Values: We are driven by a shared sense of PURPOSE At Feed the Children, our commitment to the mission is at the heart of what we do and fuels our collective impact in the communities where we serve. We cannot achieve our bold vision without our talented PEOPLE We are passionate about fostering a best-in-class workforce that is engaged, respected, and empowered to deliver results. We believe in CURIOSITY and continued learning Success requires a culture of discovery, curiosity and continued learning to expand our knowledge, seek new perspectives and challenge the status quo. We know COLLABORATION is the only way to end childhood hunger We cannot succeed alone. It will take all of us - our employees, donors, partners, volunteers - working together to accomplish our ambitious goals. We DREAM big When we work together, we collectively reimagine what is possible. We dream big to solve complex problems and create deep impact in communities around the world. We VALUE every donor We respect our donors' intentions and promote responsible stewardship of the resources they entrust to us. Join Feed the Children and help create a world where no child goes to bed hungry. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire. Feed the Children is an equal opportunity employer. All qualified candidates will receive consideration for positions without regard to race, color, religion, sex, sexual orientation, age, national origin, disability, political affiliation, pregnancy, military and/or veterans' status, genetic characteristics, marital status or any other considerations made unlawful by applicable state, federal, or local law. Feed the Children welcomes and encourages applications from persons with physical and mental disabilities and will make every effort to reasonably accommodate the needs of those persons. Additionally, Feed the Children strives to provide an environment free from sexual exploitation and abuse and harassment in all places where relief and development programs are implemented. Feed the Children expects its employees to maintain high ethical standards, protect organizational integrity and reputation, and ensure that Feed the Children work is carried out in honest and fair methods, in alignment with the Feed the Children safeguarding and associated policies.