Cyber security analyst jobs in Napa, CA

We are seeking a Cybersecurity Risk Analyst to support managing and mitigating security risks across processes, technologies, and cloud environments. The ideal candidate will combine technical expertise, business acumen, and cybersecurity experience to advise partners, assess risks, and drive improvements in secure operations. This role requires hands on experience with Kusto Query Language (KQL), cloud security, and risk assessment, as well as the ability to communicate effectively with stakeholders at all levels. Must be local to San Francisco or Los Angeles (LA) or Salt Lake City (SLC). Responsibilities: Support risk strategies by identifying and mitigating security risks in bank systems and processes. Apply and interpret security policies, provide guidance and input on policy enhancements. Advise business and technical partners on security controls, procedures, and best practices. Assess cloud and on-prem environments to identify risks and recommend control improvements. Conduct security control assessments, document findings, and develop actionable remediation plans. Evaluate third-party vendors to determine shared security responsibilities and associated risks. Communicate security risks and mitigation strategies effectively to technical teams and executives. Collaborate across teams to drive secure operations and deliver results in a fast-paced environment. Qualifications: Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related technical discipline (or equivalent experience). 3+ years of experience in cybersecurity, information security, or technology risk management. Proficiency in Kusto Query Language (KQL) for data analysis, log correlation, and threat detection. In-depth understanding of security frameworks such as NIST, ISO 27001, or FedRAMP. Demonstrated experience assessing and improving security posture across Cloud (Azure, AWS) and on-premises environments. Proven ability to conduct security control assessments, identify risk exposures, and develop actionable remediation plans. Skilled at translating technical security concepts into clear, business-relevant insights for stakeholders and executives. Excellent communication, collaboration, and interpersonal skills, with a focus on building trusted partnerships across technical and business teams. Strong organizational and analytical skills, with the ability to manage multiple initiatives in a fast-paced, results-driven environment.

In this role, you will drive the evolution of our infrastructure and security posture. You will have substantial ownership over our technology choices and implementation for deployment, observability, storage, and security. You will identify, triage, and implement incremental improvements in all of these domains, working closely with backend engineers and internal and external auditors to develop appropriately scoped interventions. You will work with engineers to ensure that security considerations are baked into software development from the outset. You should have a broad understanding of modern best practices around cloud architecture, data governance and infrastructure as code. You should approach questions of infrastructure and security risk with a sense of nuance and good judgment. You should be able to build consensus around your threat models such that the necessary consequences seem natural to other stakeholders. In this role, you will need to be fluent in Python and Terraform (at least to start). Company & Funding We're building the world's largest long-term insurer, using digital money and AI to serve billions of people profitably. We want anyone, anywhere, to be able to save for their future, protect their family, and build wealth across generations. We face a once-in-a-century opportunity to build a vertically integrated life (re)insurer. Our product offerings are globally unique, making it possible for us to scale our balance sheet, build modern systems from scratch, and then directly compete to win a market that is 3% of global GDP. We've raised over $140M to date. Sam Altman and Lachy Groom led our initial raise, and they've since been joined by leading investors in AI, insurance, and Bitcoin, including Northwestern Mutual, Apollo, Bain Capital, Pantera, Haun, Framework, Fulgur Ventures, MS&AD, Mouro, Stillmark, and Wences Casares. Our Bermuda operating subsidiary holds the the world's only license to issue life insurance denominated entirely in Bitcoin. It's also the only company in the world with audited financials stated in Bitcoin. (If you join us, you can expect to do a lot of things no one's ever done before.) Engineering at Meanwhile With the advent of ubiquitous AI tooling, the dynamic range in individual engineering effectiveness is only widening. At Meanwhile, we're planning for a world in which small, tight-knit engineering teams (supported by a small, tight-knit platform team) own entire lines of business, and are compensated accordingly. We're attacking a huge market with the leanest, most effective team in insurance. Where incumbents employ a thousand people, we think we can make it work with a hundred or a dozen. We're looking for hungry ICs (and former managers who see the writing on the wall) interested in pushing the boundaries of engineering productivity in a vertically integrated, regulated organization. We're growing quickly. You will fix million-dollar bugs. On the business side, we hire for deep domain expertise, ambition, and the creativity to figure out the previously impossible. Because our engineers work closely with people from the business, they need curiosity, flexibility, an appetite for (and the ability to digest) complex context, and strong communication skills. Our view is that ownership is taken, not given. You will be successful here if your work progressively builds others' trust in your ability to identify, attack, and solve larger and larger problems, including those that no one else has anticipated. We believe that "code wins arguments," that prototyping is often the best first step in a design process, and that the impact of velocity is non-linear. You are excited by putting up multiple meaningful changes, or writing thousands of lines of code, in a day (even though you know that deleting lines of code is more exciting than writing them, and that, occasionally, deep reflection is required in order to ship anything). You aren't fazed by building systems that don't work out - sometimes, you have to throw code away. Intellectual honesty is non-negotiable. You love to learn and to teach, to ask questions and to answer them, and to be transparent about your uncertainty. You are eager to learn, with the rest of the team, how to work with AI tools, including agents, in order to move faster and ship better, more complete versions of your ideas. You will experiment with new ways of working, with the expectation that some of them will be unsuccessful, and you will teach others what works. This is the most exciting time in decades to be a competent, technically ambitious engineer. We want to offer you the opportunity to see what's really possible and how much better you can get at your craft.

blue Stone Recruiting is a national search firm with a focus of placing top Cyber Security talent from the Analyst level to CISO with prestigious organizations nationwide Job Description Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional InformationWork with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

Mindlance is a national recruiting company which partners with many of the leading employers across the country. Feel free to check us out at ************************* Hope you are doing fine, Please have a look at the job description and if you are comfortable with the role and responsibilities please revert with your updated resume. Job title:- Threat Intelligence Analyst/Security Analyst Location:- San Francisco CA Duration:- 6- 12 Months Contract Responsibilities: • Differentiate, collect, and evaluate technical and open source data to produce threat intelligence products; • Identify credible, new intelligence and subject matter resources relative to current/emerging threats; • Analyze reports to understand threat campaign techniques and lateral movements and extract indicators of compromise (IOCs). • Manage and maintain threat intelligence platforms and feeds • Conduct research on emerging products, services, protocols, and standards relative to the information security arena Required Qualifications: • 3-5 year's experience performing threat i management operational activities, including threat intelligence gathering and analysis, and threat metrics development and reporting • Experience working with large/multi-national organizations • Demonstrated use of analytic tools and platforms • In-depth knowledge of information security threats Windows and Unix/Linux platforms • The demonstrated ability to work effectively in a collaborative team environment as an individual contributor. • The ability to provide support after normal business hours, as needed. Preferred Qualifications: • Direct experience with Threat intelligence Platform tools • Experience with developing threat intelligence briefings Additional Information Thanks & Regards, Vikrant Thakur ************

Key Responsibilities Architectural Leadership: Design, develop, and maintain the comprehensive security architecture for Cloud Software Group's products and corporate infrastructure. Cloud Security Expertise: Lead the security strategy for our cloud environments, including AWS, Azure, and Google Cloud, ensuring best practices and compliance. Security Domain Knowledge: Provide expert guidance across a broad range of security domains, including application security, network security, identity and access management (IAM), data protection, and incident response. Collaboration and Communication: Work closely with engineering, DevOps, product, and leadership teams to embed security into every stage of the software development lifecycle. Present complex security concepts to both technical and non-technical audiences. Threat Modeling & Risk Analysis: Conduct threat modeling and risk assessments to identify vulnerabilities and recommend mitigation strategies. Mentorship: Mentor and guide junior security professionals, fostering a culture of security awareness and continuous improvement. Compensation may vary depending on your location, qualifications including job-related education, training, experience, licensure, and certification, that could result at a level outside of these ranges. Certain roles are eligible for additional rewards, including annual bonus, and sales incentives depending on the terms of the applicable plan and role as well as individual performance. NY generally ranges: $190,720-$286,080 CA generally ranges: $199,012-$298,518 All other locations fall under our General State range: $165,843-$248,765 Benefits may vary depending on the nature of your employment with Cloud Software Group and the country where you work. U.S. based employees are typically offered access to healthcare, life insurance and disability benefits, 401(k) plan and company match, among others. This requisition has no specific deadline for completion. About Us: Cloud Software Group is one of the world's largest cloud solution providers, serving more than 100 million users around the globe. When you join Cloud Software Group, you are making a difference for real people, each of whom count on our suite of cloud-based products to get work done - from anywhere. Members of our team will tell you that we value passion for technology and the courage to take risks. Everyone is empowered to learn, dream, and build the future of work. We are on the brink of another Cambrian leap -- a moment of immense evolution and growth. And we need your expertise and experience to do it. Now is the perfect time to move your skills to the cloud. Cloud Software Group is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all federal, state and local laws that prohibit employment discrimination. All qualified applicants will receive consideration for employment without regard to age, race, color, creed, sex or gender, sexual orientation, gender identity, gender expression, ethnicity, national origin, ancestry, citizenship, religion, genetic carrier status, disability, pregnancy, childbirth or related medical conditions (including lactation status), marital status, military service, protected veteran status, political activity or affiliation, taking or requesting statutorily protected leave and other protected classifications. Cloud Software Group will consider qualified applicants with a criminal history and conduct the recruiting process in accordance with the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers and San Diego Fair Chance Ordinance. For access to the laws see the following links: California FCA and Los Angeles FCO. If you need a reasonable accommodation due to a disability during any part of the application process, please contact us at **************, HR directly via ************** or email at *************** for assistance.

The Company You'll Join Carta connects founders, investors, and limited partners through world-class software, purpose-built for everyone in venture capital, private equity and private credit. Trusted by 65,000+ companies in 160+ countries, Carta's platform of software and services lays the groundwork so you can build, invest, and scale with confidence. Carta's Fund Administration platform supports 9,000+ funds and SPVs, representing nearly $185B in assets under management, with tools designed to enhance the strategic impact of fund CFOs. Recognized by Fortune, Forbes, Fast Company, Inc. and Great Places to Work, Carta is shaping the future of private market infrastructure. Together, Carta is creating the end-to-end ERP platform for private markets. Traditional ERP solutions don't work for Private Funds. Private capital markets need a comprehensive software solution to replace outdated spreadsheets and fragmented service providers. Carta's software for the Office of the Fund CFO does just that - it's a new category of software to make private markets look more like public markets - a connected ERP for private capital. For more information about our offices and culture, check out our Carta careers page. The Problems You'll Solve At Carta, our employees set out on a mission to unlock the power of equity ownership for more people in more places. We believe that the problems we solve today unlock the opportunities of tomorrow. As a Senior Security Analyst, you'll directly shape and strengthen our detection and response capabilities, help mature our security operations, and ultimately protect the organization from evolving threats. You'll play a critical role in leading incidents, developing internal tools and playbooks, and reducing response times through automation and continuous improvement. You'll serve as a point-of-contact for incidents and collaborate with stakeholders to shape the future of Carta's security posture. Here are some problems we'd love for you to help us solve: * Lead investigation and response efforts for security incidents, and coordinate with internal stakeholders and external partners when necessary. * Own detection use-case development and write and tune alerts to improve signal-to-noise ratio across our environments. * Maintain and continually improve security incident response plans, playbooks, and related documentation. * Apply Terraform to ensure consistent, secure, and scalable infrastructure deployment and detection pipelines. * Develop and maintain internal tooling and automations to improve analyst efficiency for alert triage, IOC enrichment, and evidence collection. * Elevate the Security team by coaching peers, mentoring junior analysts, and setting high standards for detection quality and incident handling. * Own and execute technical security projects, including scoping, building, testing, deploying, and iterating. * Conduct threat hunting and utilize threat intelligence to proactively identify and mitigate emerging risks. * Participate in on-call rotation and continuously improve readiness and handovers. The Team You'll Work With You will be part of a security-minded team that believes in progress over perfection and where security culture and mindset is key. Our team is rethinking how detection and response activities can be accomplished in innovative ways. We focus on solving business problems while minimizing and managing risk exposure for Carta. About You We're looking for candidates who have: * Deep experience in triaging, investigating, and remediating security events and incidents across multiple technology stacks. * Strong experience with SIEM (e.g., Splunk, Panther, Sentinel), EDR (e.g. SentinelOne, CrowdStrike), and other security tooling (e.g., CASB, SSE, SWG). * Working knowledge of Terraform and Infrastructure as Code principles to secure and scale detection/response infrastructure. * Solid understanding and a proven ability to apply detection engineering and threat modeling concepts using MITRE ATT&CK or similar frameworks. * Excellent judgement and the ability to handle ambiguity and make balanced decisions when working with complex situations. * Demonstrated ability to mentor peers, raise technical standards, and influence team maturity. * Proven ability to proactively collaborate with cross-functional teams to influence security priorities and guide risk-based decisions. * Excellent written and verbal communication skills, including the ability to effectively communicate cybersecurity risk across technical and non-technical audiences. * 6+ years of experience in incident management, detection engineering, and security operations. At Carta, you're not just an employee. You're a builder who is creating infrastructure that accelerates innovation and empowers more ownership. Cartans are helpful, relentless, unconventional and kind; representing Carta's Identity Traits. They work collaboratively and cross functionally to challenge the status quo; working towards a common goal of creating more owners in the private markets. Salary Carta's compensation package includes a market competitive salary, equity for all full time roles, exceptional benefits, and, for applicable roles, commissions plans. Our expected cash compensation (salary + commission if applicable) range for this role is: * $151,810 - $178,600 in Seattle, WA * $159,800 - $188,000 in San Francisco, CA; Santa Clara, CA; New York, NY We are hiring for multiple levels and locations, so final offers may vary from the amounts listed based on geography, experience and expertise, and other factors. Disclosures: * We are an equal opportunity employer and are committed to providing a positive interview experience for every candidate. If accommodations due to a disability or medical condition are needed, please connect with the talent partner via email. * Carta uses E-Verify in the United States for employment authorization. See the E-Verify and Department of Justice websites for more details. * For information on our data privacy policies, see Privacy, CA Candidate Privacy, and Brazil Transparency Report. * Please note that all official communications from us will come from an @carta.com or @carta-external.com domain. Report any contact from unapproved domains to ******************.

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU. If you'd like to build the world's best AI cloud, join us. *Note: This position requires presence in our San Francisco or San Jose office location 4 days per week; Lambda's designated work from home day is currently Tuesday. What You'll Do Validate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives Manage IT Risk Register including risk identification, tracking, and prioritization. Assist with and drive remediation of control deficiencies and gaps Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.) Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting Assist with the Customer Trust program which may include managing customer assessments, and security questionnaires Assist control owners with root cause analysis and track risk management action plan progress. Create risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings Assist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements You Have a minimum of 8 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements Have experience managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks Have experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations Possess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives Nice to Have Experience in the machine learning or computer hardware industry Experience with Security by Design and/or Privacy by Design principles Experience with standard cyber controls frameworks, including CIS Top18, NIST Cyber Security Framework (CSF), NIST 800.53, NIST 800.171, CMMC, Cybersecurity Maturity Model Certification (CMMC), ISO 27001 and 27701, and SOX ITGC control frameworks. Broad knowledge of IT infrastructure and architecture of computer systems as well as exposure to a variety of platforms such as operating systems, networks, databases, and ERP systems Familiarity with using third-party tools such as Audit Board, Whistic, RSA Archer, ServiceNow for third-party risk management Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Experience in the AI infrastructure, machine learning and/or computer hardware industry Salary Range Information The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description. About Lambda Founded in 2012, with 500+ employees, and growing fast Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG Our values are publicly available: ************************* We offer generous cash & equity compensation Health, dental, and vision coverage for you and your dependents Wellness and commuter stipends for select roles 401k Plan with 2% company match (USA employees) Flexible paid time off plan that we all actually use A Final Note: You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills. Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.

Job DescriptionAtomic Machines is ushering in a new era of micromanufacturing with its Matter Compiler™ technology platform. This platform enables new classes of micromachines to be designed and built by providing manufacturing processes and a materials library that are inaccessible to semiconductor manufacturing methods. It unlocks MEMS manufacturing not only for device classes that could never be produced by semiconductor methods, but also for entirely new categories. Furthermore, this digital platform is fully programmable in the way 3D printing is digital-but whereas 3D printing produces parts of a single material using a single process, the Matter Compiler™ technology platform is a multi-process, multi-material system: bits and raw materials go in, and complete, functional micromachines come out. The Atomic Machines team has also created an exciting first device-made possible only through the Matter Compiler™ technology platform-that we will be unveiling to the world soon.Our offices are in Emeryville and Santa Clara, California.About The Role:This is a broad-responsibility, high-judgment technical leadership role managing the cyber security function and implementing the security and IT infrastructure of a rapidly growing startup company with engineering offices in Emeryville and Santa Clara. As a Cyber Security Engineer, you will lead and oversee the design, implementation, and maintenance of robust security solutions within platform, data, engineering, and office environments. The ideal candidate will possess strong leadership skills, deep technical expertise, and a strategic mindset to safeguard the organization's digital assets. This is a full-time, onsite position in either our Emeryville or Santa Clara office, with a need to work from the other office occasionally.What You'll Do: Build and manage cyber security at Atomic Machines. Develop and implement a strategic vision for securing Atomic Machines' assets, including IP, financial records, personal data, and physical infrastructure, while designing scalable security architectures for both cloud-native and on-prem systems. Conduct security risk assessments, threat modeling, and incident response, identifying vulnerabilities, implementing mitigations, and managing escalations as needed. Lead IT risk and compliance initiatives, implementing cybersecurity best practices (e.g., ISO 27001, NIST), conducting internal audits, assessing vendor security certifications, and reviewing contractual security requirements. Integrate security into CI/CD pipelines and Git-driven Infrastructure-as-Code (IaC) workflows to support secure software releases. Manage security across networking and infrastructure across engineering teams, including physical access control, on-prem servers, cloud services, CI/CD pipelines, and embedded systems, ensuring scalability and reliability. Develop and deliver formal and informal security training sessions to educate the engineering organization on best practices, risk mitigation strategies, and secure development principles. Partner with and manage external agencies and vendors when additional security coverage and support are needed. What You'll Need: 8+ years of experience in Information Security, including at least 3 years in a management role. Experience managing all aspects of Information Security for a company, including Cyber Security, risk assessment, and incident response (startup experience preferred). Previous industry experience as a System Administrator, with hands-on knowledge of infrastructure management, user access controls, and system security best practices. Expertise in cloud security for modern AWS architectures, including IAM, security monitoring, logging, security configuration, and Infrastructure-as-Code (IaC). Proficiency in Infrastructure-as-Code (IaC) workflows (e.g., Terraform, Ansible, Git). Ability to enable secure cloud environments for production software releases using AWS services (e.g., EC2, Redshift, S3) and hybrid security solutions (e.g., Tailscale, WireGuard). Strong networking expertise across physical and virtual environments, including VLANs, firewalls, DNS, and secure access solutions. Experience balancing infrastructure automation, security, scalability, and developer productivity. Extensive hands-on experience with security tools and technologies, including SIEM, MDR, IDS/IPS, WAF, DLP, and vulnerability scanners. High-level proficiency in SAML/SSO solutions and using hardware MFA keys. Experience developing and presenting cybersecurity training programs for employees. Knowledge of IT processes, risk, and control frameworks, including CoBIT, ISO 27001, NIST, ITIL, and PCI. Familiarity with security regulatory requirements and standards (e.g., SOC 1/2/3, SANS Top 20, NIST 800-53). Security certifications preferred (e.g., CISSP, CCSP, CISM, CSSP). Ability to explain complex security issues to both technical and non-technical audiences. Proven ability to work in fast-paced environments with minimal guidance. Flexibility to work daily in the Emeryville office and commute to Santa Clara as needed. BS in Computer Science, Cybersecurity, Information Security, or a related field preferred. The compensation for this position also includes equity and benefits. Salary Range$175,000-$235,000 USD

Seeking a candidate with the ability to demonstrate expertise in both the practical implementation and the administration of noted tools. The basis of the work will be to backfill daily operations management as well as assess the current state implementation for completeness and currency. The candidate will also be responsible for the identification and execution of implementation improvement efforts that will allow for the transition of such tools to a managed service provider including the documentation of run books, incident response and remediation support, and developing continuity plans. Has demonstrated expertise in one or more of the following tools: Qualys Vulnerability Scanner LogRhythm Tripwire Essential Functions: Manage and maintain key Information Security tools to help mature and improve the overall effectiveness of solutions across the organization to safeguard information systems, intellectual property assets and customer data. Design, implement and support integration of information security solutions including security architectures, firewall analysis, and developing and coordinating security implementation plans to improve monitoring and compliance functions and drive automation and efficiencies. Manage remediation of security issues with technology and business teams to ensure remediation is completed timely and effectively. Analyze existing processes to identify improvement opportunities, recommend solutions and lead implementation. Establish and implement a repeatable process for tracking, reporting and driving remediation of security issues. Assist with the PCI DSS security compliance program including scoping, testing, and remediation activities. Help train associates, contractors, alliance or other third parties on information security policies and -procedures. Provide skill-set knowledge transfer that ensures necessary cross-training of other IT Security team members. Monitors compliance with information security policies and procedures and monitors access control systems to assure appropriate access levels are maintained. Develop, support and manage Security metrics & reporting. Develop, maintain and enforce standardized, repeatable administrative and operational policies, processes and procedures. Serves as enterprise information security consultant, conduct information security risk assessments. Lead computer forensic analysis, cyber-crime investigation, incident emergency response and investigations. Perform other responsibilities and duties as assigned. Additional expertise in the following tools is a plus; Imperva DB Monitoring Ingrian HSM LogRhythm McAfee IDS/IPS McAfee Solid Core NETIQ PGP Desktop, WDE, Netshare PGP Universal Server & KMS Qwest Password Manager RedSeal RSA Authentication Manager RSA Envision Symantec DLP Varonis Data Privilege & DWebsense websense

Job DescriptionISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Magic's mission is to build safe AGI that accelerates humanity's progress on the world's most important problems. We believe the most promising path to safe AGI lies in automating research and code generation to improve models and solve alignment more reliably than humans can alone. Our approach combines frontier-scale pre-training, domain-specific RL, ultra-long context, and inference-time compute to achieve this goal. About the role As a Software Engineer on the Supercomputing Platforms and Infrastructure team, you will build the next generation systems that power large scale AI research and deployment. You will focus on sandboxed execution environments, distributed systems orchestration, and performance optimized compute workflows. You will work closely with ML and Research teams and infrastructure teams to deliver both high throughput, scale, and strong isolation guarantees in a cluster environment. What you might work on Build highly scalable, highly performant, software that facilitates arbitrary code execution with strong isolation guarantees. Design and build systems that allow our AI models to interface with machines in various modes, interactive terminal, GUI applications, etc. Provision and operate high density compute and storage nodes (NVMe, high IOPS SSDs, high bandwidth networks), and build software that performs efficient load balancing, and resource utilization across them. Instrument and optimize end to end performance including storage IO, network bandwidth, CPU, memory, and endurance constraints. Develop APIs, self service platforms, and automation and tools so researchers and engineers can deploy and monitor workloads at scale. Troubleshoot complex infrastructure issues across OS, drivers, hardware, storage systems (local NVMe, block storage, NFS), networking, namespace isolation, and cloud or hybrid environments. Produce clean, documented code and developer workflows, and collaborate with SRE and security teams to ensure safe, reliable, and self serviceable compute offerings. What we are looking for Strong software engineering background (C, C++, Go, Rust, or similar systems languages). Experience designing or operating sandboxed or isolated execution environments (namespaces, cgroups, container runtime internals), or strong interest in this area. Experience building or operating distributed systems or parallel processing frameworks (scatter aggregate processing, worker pools, multi thread and multi process coordination, shared memory, atomics, merging strategies). Solid understanding of storage and IO subsystems (NVMe, SSD endurance, write amplification), network performance, CPU and memory resource constraints in high performance compute clusters. Comfortable working on low level systems (OS, threading, memory management, synchronization) as well as higher level orchestration or automation. Experience with cloud infrastructure (GCP, AWS, Azure, etc.) including IaC tools such as OpenTofu, Terraform, Pulumi, or CDK is a plus. Intellectual curiosity, strong ownership, and the ability to make tradeoffs in ambiguous environments such as latency versus throughput and isolation versus performance. Nice to haves Prior experience with GPU scheduling, RDMA networking, or bare metal HPC clusters Contributions to open source container runtimes or sandboxing frameworks Experience with kernel internals, device drivers, or SSD and NVMe endurance modeling Familiarity with Rust for systems programming or Go for infrastructure orchestration Why join us You will work at the cutting edge of AI infrastructure including large compute clusters, advanced metrics engines, and next generation sandboxing systems for untrusted workloads. The problems you solve will be foundational, for example how to securely and efficiently run arbitrary research code across thousands of GPUs or high end SSDs. You will join a collaborative and hands-on team where you are building rather than only modeling. Excellent compensation and equity, generous benefits, and high impact. Our culture: Integrity. Words and actions should be aligned Hands-on. At Magic, everyone is building Teamwork. We move as one team, not N individuals Focus. Safely deploy AGI. Everything else is noise Quality. Magic should feel like magic Compensation and benefits (US) Annual salary range: 200,000 USD to 550,000 USD depending on seniority Significant equity component 401(k) with matching, comprehensive health, dental, and vision insurance, unlimited paid time off, visa sponsorship and relocation support Fast paced, mission driven environment focused on safely advancing AGI for humanity

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the Role We're looking for an Operating Systems Security Engineer to harden and secure the OS layer of our infrastructure. You'll be responsible for designing and implementing OS-level security controls, from kernel hardening to runtime protection, ensuring our systems can withstand sophisticated attacks while maintaining the performance required for AI model training. This is a hands-on role where you'll work with cutting-edge hardware and implement novel security solutions for environments that don't exist anywhere else in the world. You'll need to balance extreme security requirements with the operational needs of researchers training models at unprecedented scale. What You'll Do: * Design and implement hardened OS configurations for AI workloads across diverse hardware platforms * Minimize attack surfaces by removing as many unnecessary components as possible from kernelspace and userspace * Develop kernel security policies using SELinux, AppArmor, and custom Linux Security Modules and runtime enforcement mechanisms * Implement and maintain full-disk encryption solutions for diverse storage systems * Build security infrastructure for AI systems, research environments, and production services * Create OS-level attestation and integrity monitoring systems * Apply security patches, develop patches for custom kernel modules, and kernel hardening configurations * Design secure boot processes and trusted execution environments * Work with container teams to ensure proper workload isolation at the kernel level * Design privilege separation and mandatory access control policies * Implement secure update mechanisms for OS components * Build tooling for security configuration management and compliance verification * Serve as a subject matter expert for OS security questions and designs Who You Are: * 5+ years of experience in operating systems security or kernel development * Deep knowledge of Linux internals, including kernel subsystems and security frameworks (SELinux, AppArmor, seccomp, etc.) * Experience with kernel hardening techniques and exploit mitigation * Strong programming skills in C and systems programming languages * Experience with eBPF for security monitoring and enforcement * Understanding of virtualization and containerization security * Track record of identifying and fixing OS-level security vulnerabilities * Experience with security-focused Linux distributions Strong candidates may also have: * Kernel development experience or contributions to Linux kernel * Experience with real-time or embedded operating systems * Knowledge of hardware security features and their OS integration * Experience with secure boot technologies * Experience with confidential computing and memory encryption technologies (SEV, TDX, SGX) * Background in vulnerability research, exploit development, or fuzzing * Experience with formal methods for OS verification * Knowledge of hardware security features and their OS integration (TPM, HSM, secure enclaves) Deadline to apply: None. Applications will be reviewed on a rolling basis. The expected base compensation for this position is below. Our total compensation package for full-time employees includes equity, benefits, and may include incentive compensation. Annual Salary: $300,000-$405,000 USD Logistics Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices. Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this. We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team. How we're different We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact - advancing our long-term goals of steerable, trustworthy AI - rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills. The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences. Come work with us! Anthropic is a public benefit corporation headquartered in San Francisco. We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues. Guidance on Candidates' AI Usage: Learn about our policy for using AI in our application process

Hands-on cloud security engineer who has a deep understanding of emerging technologies including Openstack, PaaS - Pivotal cloud foundry, Mesos, Docker container, Security, Software defined networks, Cloud integration technologies. Hands-on deployment of AWS\Azure IaaS components necessary to support the Cyber Security deployment needs, as well as approved Cyber Security specific solutions in the AWS\Azure environment to support these efforts. Qualifications Bachelor's Degree in STEM and/or a minimum of 4 years of equivalent experience Minimum of 6 years of experience of application design and architecture Minimum of 6 years of experience with deployment of cloud controls for infrastructure, platform, and applications (IaaS/SaaS/PaaS) AWS and Azure experience a must Additional Information All your information will be kept confidential according to EEO guidelines.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

About the Company Atomus' mission is to provide world class cybersecurity for the world's most critical organizations. We build security compliance software delivered as managed services sold directly, with relevant professional services and support. Examples of our commercial customers include hypersonic aircraft companies, satellite and space mission systems companies, AI and software companies, among many other companies serving primarily the aerospace and defense industry. At Atomus we are hardworking, we move fast, and we put our customers first. About the Role As a Cybersecurity Engineer will work closely with customers to help them implement and fully leverage Atomus' cybersecurity products, maintain compliance with NIST 800-171 and CMMC cybersecurity standards, and solve technical challenges. Our customers depend on Atomus to manage and secure their Windows, MacOS, Ubuntu, iOS, Android devices, and Firewalls while ensuring compliance. We aim to provide the best possible support when they have questions. Our team's main goal is to simplify our customers' lives, for compliance and security. You will serve as the voice of the customer by sharing their feedback and insights with our product team and reporting any issues to our software engineers. We take pride in delivering amazing experiences for our customers. Responsibilities Manage and guide new customers through the onboarding process, ensuring proper setup, configuration, and alignment with their security programs and establishing baseline compliance requirements of NIST 800-171 and CMMC while performing technical tasks/project management required for onboardings. Serve as the first point of contact for technical inquiries, providing debugging, troubleshooting, and solutions for technical IT/security issues related to the Atomus platform. Work closely with internal teams (sales, product, engineering) along with partners/vendors for customer requirements to communicate customer feedback and advocate for customer needs in product development and rolling out 3rd party products. Assist customers in managing and maintaining NIST 800-171 and CMMC compliance requirements, ensuring IT documentation is updated and maintained. Required Skills Experience in a customer-facing technical role, IT administrator, solutions engineer, Technical Customer Success, or TAM role preferably in cybersecurity or compliance. Strong experience with cybersecurity frameworks and technologies (e.g., NIST, CMMC, firewalls, routers, encryption tools). Intermediate networking knowledge of WAN and LAN connectivity, routers, firewalls, switches, security, etc. Experience with Microsoft Intune, Active Directory, Windows, MacOS and ABM, as well as mobile platforms like Android and iOS. Advanced understanding of Microsoft products (Exchange, SharePoint, Windows, Windows Server, Active Directory, etc.). Familiarity with command-line tools (e.g., PowerShell, Terminal) for troubleshooting and deployment. Strong troubleshooting skills, particularly related to network security, software issues, and IT environments. Excellent verbal and written communication skills; ability to explain complex topics to both technical and non-technical audiences. Applicants must have strong emotional intelligence to intuit and match customer sentiment for effective communication. Preferred Skills Prior experience with NIST 800-171, CMMC, or other compliance standards. Ability to manage multiple customer accounts and onboarding projects simultaneously. Familiarity with CRM platforms (HubSpot), and compliance documentation tools while managing SLAs which include customer satisfaction, initial response, and issue resolution times.

We are seeking a Cybersecurity Risk Analyst to support managing and mitigating security risks across processes, technologies, and cloud environments. The ideal candidate will combine technical expertise, business acumen, and cybersecurity experience to advise partners, assess risks, and drive improvements in secure operations. This role requires hands on experience with Kusto Query Language (KQL), cloud security, and risk assessment, as well as the ability to communicate effectively with stakeholders at all levels. Must be local to San Francisco or Los Angeles (LA) or Salt Lake City (SLC). Responsibilities: Support risk strategies by identifying and mitigating security risks in bank systems and processes. Apply and interpret security policies, provide guidance and input on policy enhancements. Advise business and technical partners on security controls, procedures, and best practices. Assess cloud and on-prem environments to identify risks and recommend control improvements. Conduct security control assessments, document findings, and develop actionable remediation plans. Evaluate third-party vendors to determine shared security responsibilities and associated risks. Communicate security risks and mitigation strategies effectively to technical teams and executives. Collaborate across teams to drive secure operations and deliver results in a fast-paced environment. Qualifications: Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related technical discipline (or equivalent experience). 3+ years of experience in cybersecurity, information security, or technology risk management. Proficiency in Kusto Query Language (KQL) for data analysis, log correlation, and threat detection. In-depth understanding of security frameworks such as NIST, ISO 27001, or FedRAMP. Demonstrated experience assessing and improving security posture across Cloud (Azure, AWS) and on-premises environments. Proven ability to conduct security control assessments, identify risk exposures, and develop actionable remediation plans. Skilled at translating technical security concepts into clear, business-relevant insights for stakeholders and executives. Excellent communication, collaboration, and interpersonal skills, with a focus on building trusted partnerships across technical and business teams. Strong organizational and analytical skills, with the ability to manage multiple initiatives in a fast-paced, results-driven environment.

Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional Information Work with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

Atomic Machines is ushering in a new era of micromanufacturing with its Matter Compiler technology platform. This platform enables new classes of micromachines to be designed and built by providing manufacturing processes and a materials library that are inaccessible to semiconductor manufacturing methods. It unlocks MEMS manufacturing not only for device classes that could never be produced by semiconductor methods, but also for entirely new categories. Furthermore, this digital platform is fully programmable in the way 3D printing is digital-but whereas 3D printing produces parts of a single material using a single process, the Matter Compiler technology platform is a multi-process, multi-material system: bits and raw materials go in, and complete, functional micromachines come out. The Atomic Machines team has also created an exciting first device-made possible only through the Matter Compiler technology platform-that we will be unveiling to the world soon. Our offices are in Emeryville and Santa Clara, California. About The Role: This is a broad-responsibility, high-judgment technical leadership role managing the cyber security function and implementing the security and IT infrastructure of a rapidly growing startup company with engineering offices in Emeryville and Santa Clara. As a Cyber Security Engineer, you will lead and oversee the design, implementation, and maintenance of robust security solutions within platform, data, engineering, and office environments. The ideal candidate will possess strong leadership skills, deep technical expertise, and a strategic mindset to safeguard the organization's digital assets. This is a full-time, onsite position in either our Emeryville or Santa Clara office, with a need to work from the other office occasionally. What You'll Do: * Build and manage cyber security at Atomic Machines. * Develop and implement a strategic vision for securing Atomic Machines' assets, including IP, financial records, personal data, and physical infrastructure, while designing scalable security architectures for both cloud-native and on-prem systems. * Conduct security risk assessments, threat modeling, and incident response, identifying vulnerabilities, implementing mitigations, and managing escalations as needed. * Lead IT risk and compliance initiatives, implementing cybersecurity best practices (e.g., ISO 27001, NIST), conducting internal audits, assessing vendor security certifications, and reviewing contractual security requirements. * Integrate security into CI/CD pipelines and Git-driven Infrastructure-as-Code (IaC) workflows to support secure software releases. * Manage security across networking and infrastructure across engineering teams, including physical access control, on-prem servers, cloud services, CI/CD pipelines, and embedded systems, ensuring scalability and reliability. * Develop and deliver formal and informal security training sessions to educate the engineering organization on best practices, risk mitigation strategies, and secure development principles. * Partner with and manage external agencies and vendors when additional security coverage and support are needed. What You'll Need: * 8+ years of experience in Information Security, including at least 3 years in a management role. * Experience managing all aspects of Information Security for a company, including Cyber Security, risk assessment, and incident response (startup experience preferred). * Previous industry experience as a System Administrator, with hands-on knowledge of infrastructure management, user access controls, and system security best practices. * Expertise in cloud security for modern AWS architectures, including IAM, security monitoring, logging, security configuration, and Infrastructure-as-Code (IaC). * Proficiency in Infrastructure-as-Code (IaC) workflows (e.g., Terraform, Ansible, Git). * Ability to enable secure cloud environments for production software releases using AWS services (e.g., EC2, Redshift, S3) and hybrid security solutions (e.g., Tailscale, WireGuard). * Strong networking expertise across physical and virtual environments, including VLANs, firewalls, DNS, and secure access solutions. * Experience balancing infrastructure automation, security, scalability, and developer productivity. * Extensive hands-on experience with security tools and technologies, including SIEM, MDR, IDS/IPS, WAF, DLP, and vulnerability scanners. * High-level proficiency in SAML/SSO solutions and using hardware MFA keys. * Experience developing and presenting cybersecurity training programs for employees. * Knowledge of IT processes, risk, and control frameworks, including CoBIT, ISO 27001, NIST, ITIL, and PCI. * Familiarity with security regulatory requirements and standards (e.g., SOC 1/2/3, SANS Top 20, NIST 800-53). * Security certifications preferred (e.g., CISSP, CCSP, CISM, CSSP). * Ability to explain complex security issues to both technical and non-technical audiences. * Proven ability to work in fast-paced environments with minimal guidance. * Flexibility to work daily in the Emeryville office and commute to Santa Clara as needed. * BS in Computer Science, Cybersecurity, Information Security, or a related field preferred. The compensation for this position also includes equity and benefits. Salary Range $175,000-$235,000 USD

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************