Cyber security analyst jobs in Missouri

Innovate here. And see your ideas come to life. It's an exciting time to work in tech at Edward Jones. We are making massive investments in emerging technologies to improve how we work with our clients and with each other. Relationships are the focus of our business model. And working in Technology here means using your skills to build, deliver and maintain the technologies that enable us to deepen and support those relationships. The best part? We develop and create our own industry-leading solutions internally. And you can be a part of it. Working with emerging new technologies. Creating platforms, programs and experiences that change how we work together - and support our client-first focus. Changing the future of our firm, the industry and the advisor-client relationship. Job Overview Position Schedule: Full-Time This job posting is anticipated to remain open for 30 days, from 01-Dec-2025. The posting may close early due to the volume of applicants. Team Overview: As an IAM Analyst you will work independently to identify and define IAM solution requirements for both existing capabilities and the expansion of new features. You will ensure that all platforms within your span of responsibility meet your customer's requirements; designed, built, documented, and maintained in adherence with the Firm's standards and architectural patterns; and are managed to the highest level for performance, stability, and security. Serving as a Security practicioner, you will bring deep industry knowledge and experience to understand the threat landscape and use that knowledge to shape the platforms that the Firm depends on for critical identity lifecycle functions. In this role you will regularly engage in leading-edge technology initiatives, including research, vetting, and adoption of emerging technologies, tools and methodologies in alignment with the overall security strategy. What You'll Do: Identify and implement opportunities to improve solutions that combat advanced and relevant threats while considering integration into the environment, stability, availability, disaster recovery, and cost-effectiveness. Serve as a subject matter expert for the identity management platform (Saviynt) and be a key contributor to stabilization and expansion efforts. Lead conversations centered on solving for complex business requirements in solution designs, and ensuring compliance with internal standards, policies, and regulatory requirements. Identify potential gaps in existing IAM processes or systems and recommending solutions to improve security and efficiency. Manage SOX compliance, auditing, and access review processes. Collaborate with internal teams and stakeholders to understand requirements and develop solutions. Effectively document solutions and configurations for future reference. Produce, maintain, and facilitate distribution of training resources to effectively empower key stakeholders with the information needed to meet Firm objectives and/or drive adoption of new processes. Establish and maintain effective communications and relationships across key departments, business areas, and vendors, including supporting engagements with key vendors to ensure the correct level of support to the Firm and drive solution roadmaps to meet Firm expectations. Creating and maintaining documentation for IAM processes, procedures, solution designs, requirements, etc. Edward Jones' compensation and benefits package includes medical and prescription drug, dental, vision, voluntary benefits (such as accident, hospital indemnity, and critical illness), short- and long-term disability, basic life, and basic AD&D coverage. Short- and long-term disability, basic life, and basic AD&D coverage are provided at no cost to associates. Edward Jones offers a 401k retirement plan, and tax-advantaged accounts: health savings account, and flexible spending account. Edward Jones observes ten paid holidays and provides 15 days of vacation for new associates beginning on January 1 of each year, as well as sick time, personal days, and a paid day for volunteerism. Associates may be eligible for bonuses and profit sharing. All associates are eligible for the firm's Employee Assistance Program. For more information on the Benefits available to Edward Jones associates, please visit our benefits page. Hiring Minimum: $99200 Hiring Maximum: $168900 Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act. Edward Jones is prohibited from hiring individuals with certain specified criminal history as set forth in Section 3(a)(39) and 15(b)(4) and Rule 17a-3(a)(12) of the Securities and Exchange Act of 1934, and conducts background reviews consistent with FINRA Rule 3110(e). A copy of a notice regarding the provisions of the Los Angeles County Fair Chance Ordinance is available at: dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notice-Eng-Final-8.30.2024.pdf. Read More About Job Overview Skills/Requirements What Experience You'll Need: Minimum 4-5 years experience In-depth understanding of Saviynt product functionality, including provisioning, access certification, SOD, analytics, RBAC, workflow, email notifications, etc. Experience designing JML flows for Saviynt automation. Experience integrating applications with Saviynt using various connectors. Solid understanding of workflows in ARS and the ability to leverage Saviynt analytics tools. Experience managing SOX compliance, auditing, and access review processes within Saviynt. Experience with configuration management of Rules Technical Users, UI Global Configurations, Backend configurations, and GSP files. Excellent written and verbal communication skills. Experience with APIs and integrations Strong analytical and problem-solving skills Excellent communication and collaboration skills Experience using ticketing systems (e.g., Jira) **Candidates that live within in a commutable distance from our Tempe, AZ and St. Louis, MO home office locations are expected to work in the office three days per week, with preference for Tuesday through Thursday.** Current INTERNAL home-based associates: While this role is posted as hybrid, if selected and accepted, you may retain your home-based status. Edward Jones intends in good faith to continue offering the role as home-based, though future business or regulatory needs may require on-site work. Read More About Skills/Requirements Awards & Accolades At Edward Jones, we are building a place where everyone feels like they belong. We're proud of our associates' contributions to the firm and the recognitions we have received. Check out our U.S. awards and accolades: Insights & Information Blog Postings about Edward Jones Check out our Canadian awards and accolades: Insights & Information Blog Postings about Edward Jones Read More About Awards & Accolades About Us Join a financial services firm where your contributions are valued. Edward Jones is a Fortune 500¹ company where people come first. With over 9 million clients and 20,000 financial advisors across the U.S. and Canada, we're proud to be privately-owned, placing the focus on our clients rather than shareholder returns. Behind everything we do is our purpose: We partner for positive impact to improve the lives of our clients and colleagues, and together, better our communities and society. We are an innovative, flexible, and inclusive organization that attracts, develops, and inspires performance excellence and a sense of belonging. People are at the center of our partnership. Edward Jones associates are seen, heard, respected, and supported. This is what we believe makes us the best place to start or build your career. View our Purpose, Inclusion and Citizenship Report. ¹Fortune 500, published June 2024, data as of December 2023. Compensation provided for using, not obtaining, the rating. Edward Jones does not discriminate on the basis of race, color, gender, religion, national origin, age, disability, sexual orientation, pregnancy, veteran status, genetic information or any other basis prohibited by applicable law. #LI-HO

Type of Requisition: Pipeline Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret/SCI Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Cybersecurity Operations, Cyber Threat Analysis, Security Operations, Threat Analysis Certifications: None Experience: 10 + years of related experience US Citizenship Required: Yes Job Description: Seize your opportunity to make a personal impact as a CI Cyber Threat Analyst supporting our intelligence customer. GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career. At GDIT, people are our differentiator. As CI Cyber Threat Analyst, you will help ensure today is safe and tomorrow is smarter. Our work depends on a TS/SCI level cleared CI Cyber Threat Analyst joining our team to support our customer. Duties & Responsibilities: Produce weekly actionable Technical CI (Cyber/TSCM/TEMPEST) threat reports in collaboration with teammates, the customers partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly threat reports, each report due NLT 0800 each Monday morning. Threats reports will include (as applicable): Threat data collected and reported by the customers Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTS). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, the customers partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat (s) to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, the customers partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused all source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat (s) to the customer to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, customer partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by the Intelligence Community. Fused all source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to the customer. Produce CI Information Reports and IIRs from data collected and reported by either the Technical CI team or the cyber security personnel. Provide a minimum of 6 Reports of Inquiry and/or Requests for Information within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE or Criss Cross). Provide Technical CI advice and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Provide high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Provide current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats.) Self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Have proficiency in use of bottom-line-up-front (BLUF) writing. Collaborate well internally and externally with IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other customer Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience: Required: 11+ years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Meet minimum training requirements, within one calendar year of assignment, for access to DoD networks in accordance with DoDM 8140.03, by attaining and maintaining at least baseline certification for DoDM 8140.03 Information Assurance Technician Level II compliance. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Bachelor's degree in Science, Technology, Engineering or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives Monitor and track progress towards achievable measures. Location: Customer Site Clearance: Active TS/SCI with ability to obtain CI Poly US Citizenship Required The likely salary range for this position is $137,700 - $186,300. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: None Telecommuting Options: Onsite Work Location: USA VA Springfield Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Assignment Overview: The senior Contractor CI Cyber Threat Analyst will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted within established time frames. will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties: Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA. Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross). Provide Technical CI advise and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats). Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing. Display an ability to collaborate with internal NGA and external IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience Required: Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor. Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Possess a Bachelor's degree in Science, Technology, Engineering, or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives. Monitor and track progress toward achievable measures.

Freedom Technology Solutions Groups is looking to add a Tier 3 Cyber Security Analyst to the team. The candidate will provide CSOC Tier 3 services, which is 24x7x365 coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents. CSOC Tier 3 services includes malware and implant analysis, and forensic artifact handling and analysis. When a CIRT is stood up, all contractors in support of CSOC Tier 3 services will be under the direct control of, and take direction from, the Government CIRT Commander. While not in a period of incident response, the Contractor shall conduct continuous exercises and dry runs to improve response outcomes in the event of a cyber-incident. All Contractor personnel performing CSOC Tier 3 services shall have or obtain, within six months of start, a certification that is compliant with DoDD 8140.01 and DoD 8570.01-M IAT Level III and CSSP Incident Responder. Job Duties: Coordinate and implement tasks, performing analysis, and building/documenting response activities required during cyber security incident response, to include but not limited to actions such as implementing containment measures, IP blocks, domain blocks, and disabling user accounts on direction of the Government. Coordinates with Security and Installations Directorate (SI) Office of Counterintelligence (SIC), Insider Threat Office (SIII), in addition to other law enforcement and counter intelligence personnel as required to perform advanced investigation and triage of incidents; Collaborates with appropriate authorities in the production of security incident reports; Categorizes incidents and events; Coordinates with other contracts, organizations, activities, and other services as appropriate to ensure incidents are properly reported, contained, and eradicated; Coordinates with other contracts, organizations, activities, and other services as appropriate to de-conflict blue / red team activity with open incidents/events; Coordinates with other contracts, organizations, activities, and services to ensure NGA recovers from an incident/event; Builds timelines, documents, briefings, and other products as required to inform stakeholders of incident response actions, analysis, and the impact of both adversary activity and blue force response actions. Documents actions taken and analysis in the authorized ticketing system to a level of detail where the actions taken and analysis are capable of being systematically reconstructed. Develops and when approved by the Government generates and updates reports in the Joint Incident Management System (JIMS), Incident Case Management System (ICMS), and/or other authorized reporting systems as directed; Develops, maintains, sustains, and when properly authorized by the Government executes custom scripts, tools, and capabilities to collect and analyze data, and to respond to incidents/events; Performs digital media analysis on host, server, and network data as required to analyze and respond to an incident, to include but not limited to volatile and non-volatile memory and/or system artifact collection and analysis; Develops and identifies indicators of compromise to send to Cybersecurity stakeholders and other Contract Services; Provides adversary attribution; Performs malware analysis and signature development; Coordinate with CSOC Tier 1 and 2 services to remediate all discrepancies and provide recommendations to prevent reoccurrence. Job Requirements: Bachelors Degree and or 6 years' experience in Cyber Security (CSOS) Active security clearance. DoDD 8140.01 and DoD 8570.01-M IAT Level II and CSSP Incident Responder. Provides input to and coordinates with all applicable stakeholders to develop and deliver the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report; Serve as C-IRT members as required and serve under the direct control of, and take direction from, the Government C-IRT Commander; Develop and coordinate courses of action with various Government and contract stakeholders, and when properly authorized by the Government, execute Defensive Cyberspace Operations-Internal Defensive Measures on behalf of the NGA on NGA networks and systems; Performs digital media analysis and malware reverse engineering on host, server, and network data as required to analyze and respond to an incident, to include but not limited to volatile and non-volatile memory and/or system artifact collection and analysis. When properly authorized by the Government, execute custom scripts, tools, and capabilities to collect and analyze data, and to respond to incidents/events; Develops, documents, and provides to the Government incident investigation reports which include sufficient information to document the entire lifecycle of the incident and the response, including but not limited to adversary and friendly forces activity, host and network analysis, timelines, and recommendations for corrective actions, recommendations for new Tactics, Techniques, and Procedures (TTP) and other recommendations as appropriate, within 30 days of C-IRT stand-down; Conduct Quality Control reviews of a percentage closed CSOC Tier 2 tickets each week to ensure proper analysis, categorization, documentation, and notification Preferred Qualifications: Masters degree IAT III Qualifications that are nice to have: Juniper certification What's in It for You? Flexible work environment A team mentality - work with friendly, like-minded professionals Work with innovative, cutting edge technologies Enjoy extremely competitive compensation and benefits A work-life balance you can count on Opportunities to grow and advance your career on our dime The Benefits You Get with Freedom Amazing benefits including matching 401k, fully paid medical, and more Generous paid time off - including paid site closure days Competitive salary offerings Paid training and tuition reimbursement Referral bonuses Fully paid life and disability Annual logo wear allowance Company sponsored events (game nights, holiday party, summer party, happy hours) Interested in learning more about Freedom and our culture? Contact us today! We're constantly hosting hiring events in our office and elsewhere, to help you get a sense of what life is like at Freedom before joining the team. As an Equal Opportunity Employer, we do not discriminate on the basis of race, color, religion, sex, age, marital status, disability or veteran status Applicant Federal & E-Verify Postings VEVRAA Federal Contractor Accessibility: If you need an accommodation as part of the employment process, please contact Human Resources at Phone: ************ Email: ********************* Equal Opportunity Employer, including disabled and veterans. If you want to view the EEO Law poster, please choose your language: English - Spanish - Arabic - Chinese If you want to view the EEO Law Supplement poster, please choose your language: English - Spanish - Chinese If you want to view the Pay Transparency Policy Statement, please click the link: English

CompanyFederal Reserve Bank of Kansas CityWhen you join the Federal Reserve-the nation's central bank-you'll play a key role, collaborating with leading tech professionals to strengthen and protect our economic, financial and payments systems. We invest in contemporary and emerging technology each year to support the Federal Reserve and our economy, and we're building a dynamic and diverse team for our future. This role is responsible for modernizing the methods and procedures for performing cybersecurity risk management and assessing cybersecurity risk. This involves assessing the current approach, data, and tools to identify gaps and enhancements. It requires strong partnerships with key stakeholders and business leaders, conveying cyber risk to them in a way that allows them to make risk informed decisions and improve the Organization's security posture. Important Information Open to US Citizens, Green Card holders or Permanent Residents with at least 3 years of residency. No sponsorship is available. Candidates must have valid work authorization, without an end date to be considered. No H1-B, OPT, STEM OPT, CPT, TN, J-1, etc. This position requires working on-site with 5 days per month remote work flexibility. Key Activities Risk Assessment & Analysis Modernize the current approach to cybersecurity risk management and assessments. Research and evaluate methodologies and frameworks and subsequently apply them for use in the organization. Identify and implement risk quantification and scoring approaches within the organization. Perform in-depth data analysis to identify patterns, trends, and areas of focus and priority. Incorporate threat intelligence into risk assessments to provide context-aware risk evaluations. Conduct business impact analyses to understand how security incidents affect critical business functions. Evaluate and quantify risks associated with third-party vendors and supply chain. Assess specific risks related to cloud environments and services. Program Development Develop reports and dashboards to illustrate the organization's risk posture. Ensure that cybersecurity risk is integrated with IT risk, and informs overall Enterprise risk. Research and identify options to establish a risk register. Develop and track risk treatment plans including mitigation strategies, acceptance justifications, or transfer options. Map cybersecurity risks to relevant regulatory requirements and compliance frameworks. Continuously improve risk management processes based on industry trends and organizational needs. Communication & Collaboration Meet with technical experts and business leaders to convey cybersecurity risk in a way they can understand. Partner with incident response teams to incorporate lessons learned into risk models. Translate complex technical risk scenarios into actionable insights for all levels of the organization. Qualifications Experience Typically requires at least 6 years of relevant cybersecurity risk management experience. Experience with risk scoring methods and risk quantification. Experience with generating reports and dashboards to convey cybersecurity risk in a way that is easy to consume. Experience establishing or running an Enterprise cybersecurity risk management program. Experience with NIST SP 800-53 security standards. Experience presenting risk information to executive leadership. Education & Certifications Bachelor's degree specializing in an information technology field from an accredited college or university, or equivalent combination of directly related education and/or experience. Information Security industry certification (SSCP, CISSP, GIAC, CISM, CISA, etc.) preferred. Technical Knowledge Strong knowledge of and experience applying cybersecurity risk frameworks and assessment methodologies; examples may include Factor Analysis of Information Risk (FAIR), NIST Cybersecurity Framework (CSF). Strong skills and experience with data analysis. Experience with GRC (Governance, Risk, and Compliance) tools. Knowledge of business impact analysis methodologies. Familiarity with cloud security frameworks (CCSK, CCSP). Skills & Abilities Ability to understand technical details of cybersecurity risk. Ability to communicate complicated technical risk scenarios to all levels of the organization. Demonstrated self-motivation and ability to perform work independently, and also collaborate in a team environment. Additional Information How We Work (HWW): On-site: 5 days per month remote work flexibility Location: Kansas City, Denver, Oklahoma City, Omaha Remote Eligible: No Salary: $98,600 - $139,000 / Senior Level $117,300 - $165,400 / Advanced Level Final offers are determined by factors including the candidate's qualifications, internal alignment considerations, district assignment, and geographic location. Screening: US Citizens or Green Card holders and Permanent Residents with at least 3 years of residency. This position has additional screening requirements due to the information accessed while performing the job. These additional screenings would be initiated at the time of offer acceptance and could take up to a couple of months to complete. You can begin work before the screening is completed; however, continued employment is contingent on acceptable screening results. The areas screened may include education/employment verification, criminal history, credit history, and reference checks. Sponsorship: The Federal Reserve Bank of Kansas City will not sponsor a new applicant for employment authorization for this position. Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future. About Us Total Rewards & Benefits Who We Are What We Do Follow us on LinkedIn , Instagram, X (formerly Twitter) , and YouTube #KCFedIT Full Time / Part TimeFull time Regular / TemporaryRegularJob Exempt (Yes / No) YesJob CategoryInformation Technology Family GroupWork ShiftFirst (United States of America) The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences. Always verify and apply to jobs on Federal Reserve System Careers (************************************* or through verified Federal Reserve Bank social media channels. Privacy Notice

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are currently looking for a Senior Consultant or Principal level Security strategist with deep technical and functional expertise in Business Continuity and Disaster Recovery. What You'll Do * Lead and facilitate Business Impact Assessments (BIAs) across business units * Develop and update Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) aligned to critical business functions and systems * Assess organizational risk and capability gaps related to crisis management, workforce continuity, and infrastructure resilience * Design tiered recovery strategies based on RTOs, RPOs, and MVC (Minimum Viable Company) principles * Coordinate and conduct tabletop exercises, test execution, and post-mortem reviews * Align BC/DR practices with enterprise risk management frameworks, compliance requirements (e.g., HIPAA, ISO 22301), and audit expectations * Support program governance, metrics, training, and awareness efforts What You'll Bring * 6+ years of experience in Business Continuity, Disaster Recovery, or operational resilience consulting * Strong working knowledge of BIAs, BCP/DRP development, and crisis management planning * Understanding of IT infrastructure concepts and DR technologies (e.g., backup systems, cloud platforms) * Experience supporting risk assessments and regulatory audits * Excellent facilitation and stakeholder management skills * Strong writing skills to produce clear, client-ready plans and reports About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this role, we are hiring at the following levels and targeted base pay salary ranges: The targeted base salary pay range for Senior Consultant in New Jersey, New York City, and Washington DC is $153,000 to $186,000. The targeted base salary range for Senior Consultant in Atlanta, Chicago, Detroit, Kansas City, Minneapolis, Nashville, Philadelphia, Phoenix, St. Louis is $140,000 to $171,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. #LI-MS12

Job Description About SITEC SITEC is an employee and customer focused Information Technology and Professional Services Firm specializing in design, development, and delivery of state-of-the-art technology solutions, as well as cybersecurity, software and systems engineering services. SITEC provides support services as required for continuous operation of the Software Support Activity Software Production Facilities including complete lifecycle services for our customers platforms. The pay for this position is competitive and commensurate with experience. Embrace this opportunity to showcase your expertise and contribute to our innovative projects. You will be given the opportunity to utilize great benefits such as Medical, Dental, Vision, 401(k), Life Insurance, Health Savings Account, Flexible Spending Account, Competitive Salary, and Paid Time Off. Are you ready to take the next step in your career with us? Apply now! WHAT DOES A CYBER SECURITY ENGINEER DO? The qualified Cyber Security Engineer will be knowledgeable of Common Criteria Language, and FIPS 140 standards. Works on various network types of equipment and related devices from a security protection emphasis to include installing; troubleshooting; modifying; testing. Must be able to independently build test network or system prototypes, performing equipment set-up, testing, and participating in test report writing. Has the ability to develop attack programs to verify security assurance and weakness capability. The engineer gathers and organizes technical information about an organization's missions, goals, and requirements, existing security products, and ongoing programs in the IA arena and performs a variety of routine project tasks applied to specialized technology problems. The engineer integrates electronic processes or methodologies to resolve total system problems, or technology problems as they relate to IA requirements. They will conduct security assessments and security consulting services, analyze information security requirements and perform certification for C&A processes for the accreditations of systems. They will perform vulnerability analysis and assessment using either government or commercial off-the-shelf technologies. REQUIREMENTS Active TS//SCI clearance at the time of application is required. High School Diploma and ten (10) years' experience; or Associates Degree and eight (8) years' experience; Bachelor's Degree and six (6) years' experience; or Master's Degree and four (4) years' experience; Knowledge of Common Criteria Language, and FIPS 140 standards. Works on various network types of equipment and related devices from a security protection emphasis to include installing; troubleshooting; modifying; testing. Can independently build test network or system prototypes, performing equipment set-up, testing, and participating in test report writing. Has the ability to develop attack programs to verify security assurance and weakness capability. Gathers and organizes technical information about an organization's missions, goals, and requirements, existing security products, and ongoing programs in the IA arena. Performs a variety of routine project tasks applied to specialized technology problems. Integrates electronic processes or methodologies to resolve total system problems, or technology problems as they relate to IA requirements. Knowledge with conducting security assessments and security consulting services. Familiarity with analyzing information security requirements. Performing certification for C&A processes for the accreditations of systems. Performing vulnerability analysis and assessment using either government or commercial off-the-shelf technologies. Certifications IAT Level II Certifications including one of the following: CCNA Security, CySA+, GICSP, GSEC, Security+CE, CND, SSCP; and CSSP Analyst1 one of the following Certifications: CEH, CFR, CCNA Cyber Ops, CCNA+ Security, GCIA, GCIH, GICSP, Cloud+, SCYBER One certification from each category must be achieved in first six months of employment. Join our team today! We believe in taking care of our team, both on and off the job. That's why we offer a mobile-friendly application process - because we know your time is valuable. If you're ready to take your skills to the next level and join a team that values hard work and good times, complete our application today! Job Posted by ApplicantPro

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Join Team CARFAX as a Senior Cyber Security Engineer - Security Operations Center Isn't it time you bragged about where you work? At CARFAX, we do, every day. We pride ourselves on being mission-focused on helping to grow a brand built on accuracy and integrity. We care deeply about our products and our customers. We're more than just a company: We help millions of consumers make more informed decisions every day. We know that our teammates are our most valuable asset, and we value a balanced life while tackling challenging projects in a fast-paced environment. We are seeking a highly skilled and motivated Senior Cyber Security Engineer - Security Operations Center to join our dynamic Information Security team. The Senior Cyber Security Engineer - Security Operations Center plays an essential role in building, supporting, and enhancing the organization's cybersecurity posture. This senior position offers an excellent opportunity to work closely with cybersecurity professionals to protect the organization's data and IT infrastructure from cyber threats. The Senior Cyber Security Engineer will be accountable for the development and maintenance of the Security Operations Center program for Carfax. At CARFAX, we believe in the power of teamwork and value in-person interactions so that we can collaborate and thrive together. This position will require 3 days per week in our Columbia, MO office subject to change with future business needs. What you'll be doing: Oversee and operate continuous monitoring of network traffic, systems, and applications to detect, analyze, and respond to cybersecurity threats and incidents, utilizing advanced security tools and methodologies for proactive defense. Lead the entire security incident process, including detection, triage, investigation, containment, remediation, and reporting, ensuring minimal impact on business operations and continuously improve incident response processes through automation. Conduct in-depth analysis and forensics of security incidents to determine root causes, identify compromised systems, and assess the scope of breaches, using standard practices to gather and preserve evidence for potential legal and regulatory requirements. Develop and maintain a robust threat intelligence program by collecting, analyzing, and disseminating actionable intelligence to anticipate, identify, and mitigate emerging threats, leveraging internal and external sources to enhance the organization's security posture. Proactively perform threat hunting activities using advanced analytical techniques and tools to identify and mitigate undetected threats, and potential vulnerabilities within the organization's systems. Manage and optimize the collection, storage, and analysis of security logs from various sources to ensure comprehensive visibility and timely detection of security events, implementing best practices for log retention, parsing, and aggregation to support SOC functions. Develop and deliver risk-based security reports that provide actionable insights and recommendations by analyzing security incidents, threats, and vulnerabilities, informing decision-makers of the current security posture and ensuring alignment with organizational risk management strategies. Create and maintain comprehensive security documentation, including policies, procedures, and guidelines, and support security awareness training programs to educate staff about cyber threats, safe practices, and incident response protocols, fostering a security-conscious culture. What we're looking for: Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field, or equivalent work experience in information technology. 4-7 years of experience in cyber incident response within an Incident Response or Security Operations Center team. Strong understanding of security principles, practices, tools, and techniques used by cybersecurity teams. Familiarity with security technologies, tools, and frameworks (e.g., SIEM, Endpoint Detect & Response, firewalls, IDS/IPS, MITRE ATT&CK, BURP Suite, Nessus, NMAP) and knowledge of programming languages and operating systems (e.g., Python, Kali Linux). Skilled in interpreting and analyzing data from multiple security tools and sources, including IDS alerts, firewall logs, web and application logs, and network traffic, to detect Indicators of Compromise and malicious Tactics, Techniques, and Procedures. Ability to review alerts for relevancy and urgency, provide tuning recommendations, identify and respond to sophisticated threats, and conduct risk assessments with strong analytical and problem-solving skills. Excellent written and verbal communication skills, with an emphasis on clear and concise risk-based reporting; ability to work both collaboratively in a team environment and independently; eagerness to learn and a proactive attitude towards professional development. What's in it for you: Competitive compensation, benefits and generous time-off policies 4-Day summer work weeks and a winter holiday break 401(k)/DCPP matching Annual bonus program Casual, dog-friendly, and innovative office spaces For a comprehensive list of benefits, please visit our website: ****************************************** Don't just take our word for it: 10X Virginia Business Best Places to Work 10X Washingtonian Great Places to Work 9X Washington Post Top Workplace St.Louis Post-Dispatch Best Places to Work About CARFAX and S&P Global Mobility S&P Global has recently announced the intent to separate our Mobility Segment into a standalone public company. CARFAX, part of S&P Global Mobility, helps millions of people every day confidently shop, buy, service and sell used cars with innovative solutions powered by CARFAX vehicle history information. The expert in vehicle history since 1984, CARFAX provides exclusive services like CARFAX Used Car Listings, CARFAX Car Care, CARFAX History-Based Value and the flagship CARFAX Vehicle History Report™ to consumers and the automotive industry. CARFAX owns the world's largest vehicle history database and is nationally recognized as a top workplace by The Washington Post and Glassdoor.com. Shop, Buy, Service, Sell - Show me the CARFAX™. S&P Global Mobility is a division of S&P Global (NYSE: SPGI). S&P Global is the world's foremost provider of credit ratings, benchmarks, analytics and workflow solutions in the global capital, commodity and automotive markets. US Equal Opportunity Employer Statement: CARFAX is an Affirmative Action/Equal Opportunity Employer. It is the policy of CARFAX to provide equal employment opportunity to all persons regardless of race, color, sex, pregnancy, religion, national origin, age, ancestry, citizenship status, veteran status, military status, disability or handicap, sexual orientation, genetic information or any other status protected by federal, state or local law. In addition, CARFAX will provide reasonable accommodations for qualified individuals with disabilities. We maintain a drug-free workplace. We are a participant in E-Verify. Canadian Equal Opportunity Employer Statement: CARFAX Canada is an equal opportunity employer, and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. We're committed to providing accommodations by request for candidates taking part in all aspects of the recruitment and selection process. For a confidential inquiry or to request an accommodation, please contact your recruiter or email [email protected].

Whether your background is in cybersecurity, system administration, or IT operations, you can be successful in this role. We don't require a specific degree, but we're looking for translatable skills and relevant expertise. About the Role: As an Information Security SOC Analyst, you'll play a key part in protecting our company's systems and data. You'll help monitor and respond to security alerts, investigate potential incidents, and support security projects that keep our environment safe and strong. Your day-to-day will include staying sharp on emerging threats, helping teammates during investigations, and ensuring our systems are running securely across the organization. This is a hands-on, collaborative role-perfect for someone who thrives on problem-solving, curiosity, and continuous learning. Here's a snapshot of what you'd be doing: Investigate email related Information Security incidents utilizing established tools, procedures, and processes to identify malicious intent. Act as a primary point of contact for information security inquiries. Respond to internal and external inquiries to provide guidance and advice on best practices. Identify and block access to malicious websites. Perform email security systems administration and maintenance. Remain knowledgeable in technical security guidelines and processes. Monitor and update resources, while providing consultation, support, and training to peers. Help implement, test, and support Security projects as needed. Assist in investigating potential Information Security incidents in support of more experienced SOC teammates. Create and maintain information security incident response procedures (playbooks). Identify and propose process and tool improvements. Maintain a working knowledge of the organization's IT Policies and Procedures. Actively contributes to making the team and culture stronger by assisting with other duties as needed, excluding licensed activity About You: You're a dedicated, detail-oriented problem solver who thrives on analyzing data and uncovering root causes. Strong communication skills come naturally to you-you can explain technical concepts clearly and confidently. You love learning and adapting to new technology, especially in fast-paced, security-driven environments. Collaboration is your default mode-you work well on a team and value shared success. You take initiative and show up consistently, ready to protect and enhance the company's security posture. You're familiar with the basics of operating systems, scripting, and security concepts (Linux, PowerShell, regex, or log analysis a plus). Preferred Qualifications: Computer Science or Cybersecurity related degree, or equivalent experience. 2-3 years of Information Security, Systems Administration or Information Technology experience. Strong foundational understanding of Information Security concepts and principles. About Us: We're all about helping Veterans and military families become homeowners. In two short decades, we closed over 500,000 VA Loans and became the #1 VA lender for homebuyers in the nation. But to us, success isn't measured in numbers. Our success is measured in living our values every day: Be Passionate and Have Fun, Deliver Results with Integrity, and Enhance Lives Every Day. We strive to provide friendly service to military homebuyers and their families-and we seek to lift up people and communities across the country. We're so glad you're here checking out this opportunity! If this role gets you excited but you're worried you don't check every box-don't sweat it. We're more interested in what you can bring to the team than a perfect checklist. If you're passionate, driven, and ready to make a difference, we'd love to hear from you. Come as you are, and together we'll create something amazing. Interested? Apply Today! Veterans United Home Loans and its affiliates are Equal Opportunity Employers that consider all qualified applicants regardless of race, color, religion, sex (including pregnancy, transgender status, and sexual orientation), national origin, age (40 or older), disability or genetic information.

Collabera is ranked amongst the top 10 Information Technology (IT) staffing firms in the U.S., with more than $550 million in sales revenue and a global presence that represents approximately 12,000+ professionals across North America (U.S., Canada), Asia Pacific (India, Philippines, Singapore, Malaysia) and the United Kingdom. We support our clients with a strong recruitment model and a sincere commitment to their success, which is why more than 75% of our clients rank us amongst their top three staffing suppliers. Not only are we committed to meeting and exceeding our customer's needs, but also are committed to our employees' satisfaction as well. We believe our employees are the cornerstone of our success and we make every effort to ensure their satisfaction throughout their tenure with Collabera. As a result of these efforts, we have been recognized by Staffing Industry Analysts (SIA) as the “Best Staffing Firm to Work For” for five consecutive years since 2012. Collabera has over 40 offices across the globe with a presence in seven countries and provides staff augmentation, managed services and direct placement services to global 2000 corporations. For consultants and employees, Collabera offers an enriching experience that promotes career growth and lifelong learning. Visit ***************** to learn more about our latest job openings. Awards and Recognitions --Staffing Industry Analysts: Best Staffing Firm to Work For (2016, 2015, 2014, 2013, 2012) --Staffing Industry Analysts: Largest U.S. Staffing Firms (2016, 2015, 2014, 2013) --Staffing Industry Analysts: Largest Minority Owned IT Staffing Firm in the US. Job Description Responsibilities: Performs focused risks assessments of existing or new services and technologies (both internal and external) by utilizing questionnaires, surveys, interviews and observations and reviewing documentation to identify and evaluate risk scenarios. Communicates risk assessment findings to information security “customers,” or business partners.Provides consultative advice to information security customers that enables them to make informed risk management decisions.Identifies appropriate controls to effectively manage information risks as needed.Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.Maintains strong working relationships with individuals and groups involved in managing information risks across the organization Qualifications Required Skills/Experience • 3+ years of work experience in information security, especially in an Information Risk Analysis, Enterprise Risk Management (ERM), and/or IT Audit role • Knowledge of quantitative and qualitative risk evaluation methods • An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one • An ability to effectively influence others to modify their opinions, plans, or behaviors • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part • An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization • Open and able to apply original and innovative thinking to produce new ideas and create innovative products in an environment that embraces continuous improvement Additional Information To set up an inerview for this position, feel free to contact: Imran Malek ************ *******************************

Join our dynamic and thriving company as a Data Security Analyst in St. Louis, MO where you'll have the opportunity to make an impact and shape the future of our renowned brands. If you have a passion for fashion, eager to learn and have an eye for detail, this is the perfect role for you! As a member of our team, you'll be part of a company that values results, caring and learning. What You'll Be Doing Monitor security service performance and availability: Provide recommendations on security equipment, software, and services On-going investigation: Inspect information security alarms and events to determine vulnerability and impact Implement processes: Put forth structured risk assessment processes, conducting ongoing threat and vulnerability assessments, and evaluating controls and countermeasures to mitigate risk Participate in architecture reviews: Ensure adherence to information security architecture Develop processes: Create plans for preventing, detecting, identifying, analyzing and responding to information security incidents Design and deliver programs: Create education and training programs on information security and privacy matters The Timberline Group Phone: ************ PO Box 565, Sullivan, Mo 63080 ********************* ************************* "Delivering quality solutions through quality people"

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Information Security Operations Analyst IIOverview The Security Awareness team is looking for an Information Security Operations Analyst II to drive continued improvements to the education and training offerings we have for our Mastercard colleagues. Our award winning SecurIT First program must continue to remain relevant and effective in how we keep security awareness top of mind for all employees and contingent staff. The ideal candidate is passionate about the internal customer experience, is highly motivated, intellectually curious, analytical, and possesses an entrepreneurial mindset. Role In this Security Awareness position, you will: • Liaise between the Security Awareness team and all others at Mastercard. • Build new content and design awareness events to positively impact the security behaviors of Mastercard staff. • Partner with external providers to deliver effectives solutions with quality and integrity. • Manage our collaboration with the M&A Team and manage all Audit and Regulatory requests that come into our team. All About You The ideal candidate for this position should: • Possess advanced knowledge in security awareness concepts and principals. • Be comfortable meeting with business leaders to discuss and educate their teams about the desired security behaviors and how to influence and improve those behaviors. • Be able to identify appropriate security awareness solutions to further reduce the human risk at Mastercard. • Analyze, recognize and escalate trends in security behaviors and identify ways to improve our offerings. • Lead vendor relationships with those providers of contract solutions for the Security Awareness program. • A professional certification in Security Awareness is not required but highly encouraged. Corporate Security Responsibility Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: Abide by Mastercard's security policies and practices; • Ensure the confidentiality and integrity of the information being accessed. • Report any suspected information security violation or breach. • Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard's security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations. Pay Ranges O'Fallon, Missouri: $76,000 - $127,000 USD

Innovate here. And see your ideas come to life. It's an exciting time to work in tech at Edward Jones. We are making massive investments in emerging technologies to improve how we work with our clients and with each other. Relationships are the focus of our business model. And working in Technology here means using your skills to build, deliver and maintain the technologies that enable us to deepen and support those relationships. The best part? We develop and create our own industry-leading solutions internally. And you can be a part of it. Working with emerging new technologies. Creating platforms, programs and experiences that change how we work together - and support our client-first focus. Changing the future of our firm, the industry and the advisor-client relationship. Job Overview Position Schedule: Full-Time This job posting is anticipated to remain open for 30 days, from 01-Dec-2025. The posting may close early due to the volume of applicants. Team Overview: As a Security Analyst you will work independently to manage 1 - 2 platforms within a product team and collaborate with colleagues to solve routine to difficult engineering challenges. You will ensure that all platforms within your span of responsibility meet your customer's requirements; are designed, built, documented, and maintained in adherence with the Firm's standards and architectural patterns; and are managed to the highest level for performance, stability, and security. As a Security Engineer you deeply understand network architecture and data flows, proxy solutions, remote access platforms and have the ability and drive to solve complex issues and manage competing priorities. What You'll Do: Identify and implement opportunities to improve solutions and ensure system availability while maintaining acceptable risk levels for the firm to remain in compliance with industry regulations and security framework. Serve as a subject matter expert for proxy and intrusion prevention platforms, remote access connectivity, zero-trust, and network security monitoring. Lead and oversee the solution design lifecycle for Zscaler and IPS, including stakeholder requirement gathering and prioritization, alignment with architectural standards and best practices, implementation planning, implementation execution, documentation completeness, and ongoing health monitoring and maintenance. Provide design thinking and oversight for Zscaler and IPS to ensure cohesiveness, completeness, and effectiveness of the platform; and provide feedback to the Team Lead on the overall direction of the technology stack. Continue to implement new features and performance improvements for Zscaler and IPS in partnership with key stakeholders. Adhere to frameworks and processes for cohesive change management, health monitoring, performance monitoring, stability, and backups across the product space. Support technology incidents including: triaging technology services performance segregation or outages, performing root cause analysis across a complex environment, and identifying short and long-term solutions while operating in stressful and time sensitive situations. Effectively communicate with peers and leaders to ensure the awareness of progress, the awareness of challenges, the identification and escalation of risks, and the impact of ongoing security work. Including the ability to clearly discuss complex technical or security topics with a non-technical audience. Establish and maintain effective communications and relationships across key departments, business areas, and vendors. Including supporting engagements with key vendors to ensure the correct level of support to the Firm and drive solution roadmaps to meet Firm needs. Mentor and coach less senior team members and represent the Firm across the financial service's information security community through industry forums, working groups, and conference presentations. Edward Jones' compensation and benefits package includes medical and prescription drug, dental, vision, voluntary benefits (such as accident, hospital indemnity, and critical illness), short- and long-term disability, basic life, and basic AD&D coverage. Short- and long-term disability, basic life, and basic AD&D coverage are provided at no cost to associates. Edward Jones offers a 401k retirement plan, and tax-advantaged accounts: health savings account, and flexible spending account. Edward Jones observes ten paid holidays and provides 15 days of vacation for new associates beginning on January 1 of each year, as well as sick time, personal days, and a paid day for volunteerism. Associates may be eligible for bonuses and profit sharing. All associates are eligible for the firm's Employee Assistance Program. For more information on the Benefits available to Edward Jones associates, please visit our benefits page. Hiring Minimum: $84100 Hiring Maximum: $143100 Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act. Edward Jones is prohibited from hiring individuals with certain specified criminal history as set forth in Section 3(a)(39) and 15(b)(4) and Rule 17a-3(a)(12) of the Securities and Exchange Act of 1934, and conducts background reviews consistent with FINRA Rule 3110(e). A copy of a notice regarding the provisions of the Los Angeles County Fair Chance Ordinance is available at: dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notice-Eng-Final-8.30.2024.pdf. Read More About Job Overview Skills/Requirements What Experience You'll Need: Degree in Cyber Security, Computer Science, Computer Engineering, or Information Systems or related field preferred; or equivalent training and certifications (A+, Net+, Sec+, SANS, Cloud, etc), or related work experience 3-5 years of managing enterprise class proxy solutions, remote access solutions, network security platforms, on-prem and cloud data centers. Experience in a variety of technical fields including software, infrastructure, and security engineering at an enterprise level. This experience gives you deep understanding of the full stack required to deliver and operate software and platforms at an enterprise level. Understanding of core enterprise technology platforms including: infrastructure, software, data, cloud and cloud native platforms, microservices, API management, event streaming, CI/CD pipelines. Experience with core enterprise level information security components, principles, practices, and procedures. Including common technology stack components, deep knowledge of threats and adversary tactics, and experience managing regulatory requirements and common frameworks used by security teams within the Financial Industry. Understanding of core enterprise best practices, including: security risk management, architecture diagrams and documentation, digital transformation, change management, crisis management, business continuity, disaster recovery, and observability. Experienced in designing and building highly scalable, distributed & secure solutions that run in a cloud environment such as Azure, AWS, or GCP. Including demonstrated proficiency in deploying infrastructure as code through Terraform, Ansible, or similar technologies. Experience with managing and delivering on stakeholder requirements in a way that balances design functionality, cost optimization, and production support considerations. Advanced experience with writing code/scripts in at least one language (Python, PowerShell, Bash, Go, etc) Demonstrated competency with reading and generating architectural diagrams and maintaining full and accurate documentation of software, systems, and platforms. Strong understanding of observability, performance monitoring, and root cause analysis principles to perform continuous platform improvements or quickly troubleshoot and restore services in a case of disruption. Experience working with Product Teams and Agile methodology and practices Demonstrated proficiency with proxy solutions and zero trust methodologies Demonstrated proficiency with network security best practices Candidates that live within in a commutable distance from our Tempe, AZ and St. Louis, MO home office locations are expected to work in the office three days per week, with preference for Tuesday through Thursday. Current INTERNAL home-based associates: While this role is posted as hybrid, if selected and accepted, you may retain your home-based status. Edward Jones intends in good faith to continue offering the role as home-based, though future business or regulatory needs may require on-site work. Read More About Skills/Requirements Awards & Accolades At Edward Jones, we are building a place where everyone feels like they belong. We're proud of our associates' contributions to the firm and the recognitions we have received. Check out our U.S. awards and accolades: Insights & Information Blog Postings about Edward Jones Check out our Canadian awards and accolades: Insights & Information Blog Postings about Edward Jones Read More About Awards & Accolades About Us Join a financial services firm where your contributions are valued. Edward Jones is a Fortune 500¹ company where people come first. With over 9 million clients and 20,000 financial advisors across the U.S. and Canada, we're proud to be privately-owned, placing the focus on our clients rather than shareholder returns. Behind everything we do is our purpose: We partner for positive impact to improve the lives of our clients and colleagues, and together, better our communities and society. We are an innovative, flexible, and inclusive organization that attracts, develops, and inspires performance excellence and a sense of belonging. People are at the center of our partnership. Edward Jones associates are seen, heard, respected, and supported. This is what we believe makes us the best place to start or build your career. View our Purpose, Inclusion and Citizenship Report. ¹Fortune 500, published June 2024, data as of December 2023. Compensation provided for using, not obtaining, the rating. Edward Jones does not discriminate on the basis of race, color, gender, religion, national origin, age, disability, sexual orientation, pregnancy, veteran status, genetic information or any other basis prohibited by applicable law. #LI-HO

Job Description Assignment Overview: The senior Contractor CI Cyber Threat Analyst will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted within established time frames. will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties: Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA. Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross). Provide Technical CI advise and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats). Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing. Display an ability to collaborate with internal NGA and external IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience Required: Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor. Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Possess a Bachelor's degree in Science, Technology, Engineering, or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives. Monitor and track progress toward achievable measures.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are currently looking for a Senior Consultant or Principal level Security strategist with deep technical and functional expertise in Business Continuity and Disaster Recovery. What You'll Do * Lead and facilitate Business Impact Assessments (BIAs) across business units * Develop and update Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) aligned to critical business functions and systems * Assess organizational risk and capability gaps related to crisis management, workforce continuity, and infrastructure resilience * Design tiered recovery strategies based on RTOs, RPOs, and MVC (Minimum Viable Company) principles * Coordinate and conduct tabletop exercises, test execution, and post-mortem reviews * Align BC/DR practices with enterprise risk management frameworks, compliance requirements (e.g., HIPAA, ISO 22301), and audit expectations * Support program governance, metrics, training, and awareness efforts What You'll Bring * 6+ years of experience in Business Continuity, Disaster Recovery, or operational resilience consulting * Strong working knowledge of BIAs, BCP/DRP development, and crisis management planning * Understanding of IT infrastructure concepts and DR technologies (e.g., backup systems, cloud platforms) * Experience supporting risk assessments and regulatory audits * Excellent facilitation and stakeholder management skills * Strong writing skills to produce clear, client-ready plans and reports About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this role, we are hiring at the following levels and targeted base pay salary ranges: The targeted base salary pay range for Senior Consultant in New Jersey, New York City, and Washington DC is $153,000 to $186,000. The targeted base salary range for Senior Consultant in Atlanta, Chicago, Detroit, Kansas City, Minneapolis, Nashville, Philadelphia, Phoenix, St. Louis is $140,000 to $171,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. #LI-MS12

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

**Our Purpose** _Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential._ **Title and Summary** Principal Information Security Engineer (Security Product Owner) Who is Mastercard? Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. Overview: The Security Threat & Response Management (STRM) program within Mastercard's Corporate Security organization is looking for a Security Product Owner to lead execution of our preventative security control strategy. The ideal candidate is driven, proactive about security, analytical, and brings strong technical cyber security expertise. This role is central to shaping and executing the roadmap and strategy for our program's primary security tools and defenses. We are looking for a technically proficient and forward-thinking professional who proactively monitors evolving security trends, modern modern defenses, and leverages advanced knowledge of security tools to foster innovation and strengthen resilience throughout our environments. Role - Define and drive the roadmap for the 'Defend' product, which covers preventative and detective security controls and configurations across dozens of security tools and platforms including SIEM, SOAR, DLP, Application Control, XDR, NGFW, UEBA, NDR, and more. - As the Defend product owner, you will be the team lead ensuring the Defend product feature team's work is prioritized, aligned to strategy, and properly road mapped. - Partner with stakeholders from engineering, endpoint, identity, and cloud teams to deploy and optimize security technologies and controls. - Translate security requirements, risk policies, and threat models into actionable work items and initiatives. - Lead capability assessments and recommend technologies aligned with business needs and program strategies. - Configure, integrate, and optimize security tools (e.g., EDR/XDR, NGFW, IDS, DLP, Application Control) in accordance with strategic objectives and initiatives. - Monitor control effectiveness and continuously tune policies to reduce friction and increase coverage. - Ensure alignment with internal standards, regulatory frameworks, and industry best practices. All About You The ideal candidate for this position should: - Be an advanced technical expert with hands-on experience across multiple SecOps teams and functions such as Security Operations Center, Security Engineering, Incident Response, Detection Engineering, Threat Hunting, and Insider Threat for a large, global enterprise. - Understand modern agile methodologies and how to define, assign, and track work for product feature teams and partner engineering teams. - Be skilled at translating complex security requirements into clear, actionable technical plans in accordance with relevant security strategies and objectives. - Be confident in how to approach complex security tooling and dependencies such as configuring access controls, tuning detection policies, and integrating tools into detection models and lifecycles. - Be a strong communicator, able to articulate vision and strategy to technical and non-technical stakeholders at all levels. Additional capabilities that will set you apart: - Experience with proactive security strategies and security technology products, platforms, and key technology. - Expertise in successfully integrating and leveraging threat intelligence data into security controls and tools for proactive, targeted security prevention. - Deep understanding of modern SecOps concepts and strategies such as 'SOC 3.0', posture management domains, attack surface reduction, adaptive protections, automated triage and response, zero trust, cloud-native security, etc. - Familiarity with regulatory compliance standards and frameworks (e.g., NIST, ISO, ATT&CK, D3FEND, PCI). - Ability to collaborate effectively with SOC, IR, Engineering, and other key stakeholders. - Passion for innovation and continuous improvement in security technology optimization. Corporate Security Responsibility: Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: - Abide by Mastercard's security policies and practices; - Ensure the confidentiality and integrity of the information being accessed; - Report any suspected information security violation or breach; - Complete all periodic mandatory security training in accordance with Mastercard's guidelines. Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. **Corporate Security Responsibility** All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: + Abide by Mastercard's security policies and practices; + Ensure the confidentiality and integrity of the information being accessed; + Report any suspected information security violation or breach, and + Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. **Pay Ranges** O'Fallon, Missouri: $165,000 - $264,000 USD

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Principal Information Security Engineer (Security Product Owner) Who is Mastercard? Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. Overview: The Security Threat & Response Management (STRM) program within Mastercard's Corporate Security organization is looking for a Security Product Owner to lead execution of our preventative security control strategy. The ideal candidate is driven, proactive about security, analytical, and brings strong technical cyber security expertise. This role is central to shaping and executing the roadmap and strategy for our program's primary security tools and defenses. We are looking for a technically proficient and forward-thinking professional who proactively monitors evolving security trends, modern modern defenses, and leverages advanced knowledge of security tools to foster innovation and strengthen resilience throughout our environments. Role • Define and drive the roadmap for the ‘Defend' product, which covers preventative and detective security controls and configurations across dozens of security tools and platforms including SIEM, SOAR, DLP, Application Control, XDR, NGFW, UEBA, NDR, and more. • As the Defend product owner, you will be the team lead ensuring the Defend product feature team's work is prioritized, aligned to strategy, and properly road mapped. • Partner with stakeholders from engineering, endpoint, identity, and cloud teams to deploy and optimize security technologies and controls. • Translate security requirements, risk policies, and threat models into actionable work items and initiatives. • Lead capability assessments and recommend technologies aligned with business needs and program strategies. • Configure, integrate, and optimize security tools (e.g., EDR/XDR, NGFW, IDS, DLP, Application Control) in accordance with strategic objectives and initiatives. • Monitor control effectiveness and continuously tune policies to reduce friction and increase coverage. • Ensure alignment with internal standards, regulatory frameworks, and industry best practices. All About You The ideal candidate for this position should: • Be an advanced technical expert with hands-on experience across multiple SecOps teams and functions such as Security Operations Center, Security Engineering, Incident Response, Detection Engineering, Threat Hunting, and Insider Threat for a large, global enterprise. • Understand modern agile methodologies and how to define, assign, and track work for product feature teams and partner engineering teams. • Be skilled at translating complex security requirements into clear, actionable technical plans in accordance with relevant security strategies and objectives. • Be confident in how to approach complex security tooling and dependencies such as configuring access controls, tuning detection policies, and integrating tools into detection models and lifecycles. • Be a strong communicator, able to articulate vision and strategy to technical and non-technical stakeholders at all levels. Additional capabilities that will set you apart: • Experience with proactive security strategies and security technology products, platforms, and key technology. • Expertise in successfully integrating and leveraging threat intelligence data into security controls and tools for proactive, targeted security prevention. • Deep understanding of modern SecOps concepts and strategies such as ‘SOC 3.0', posture management domains, attack surface reduction, adaptive protections, automated triage and response, zero trust, cloud-native security, etc. • Familiarity with regulatory compliance standards and frameworks (e.g., NIST, ISO, ATT&CK, D3FEND, PCI). • Ability to collaborate effectively with SOC, IR, Engineering, and other key stakeholders. • Passion for innovation and continuous improvement in security technology optimization. Corporate Security Responsibility: Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: • Abide by Mastercard's security policies and practices; • Ensure the confidentiality and integrity of the information being accessed; • Report any suspected information security violation or breach; • Complete all periodic mandatory security training in accordance with Mastercard's guidelines.Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard's security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Pay Ranges O'Fallon, Missouri: $165,000 - $264,000 USD